Google oAuth2 API提供401未授權

Question

我試圖通過Spring Social使用Google憑據實現Google oAuth2 API以登錄到我的webapp。

查詢到谷歌是如下

googleConnectionFactory = new GoogleConnectionFactory(myKey, mySecret); 
    oauthOperations = googleConnectionFactory.getOAuthOperations(); 
    final String redirectUri = "http://localhost/googleCallback"; 
    final OAuth2Parameters params = new OAuth2Parameters(); 
    params.setRedirectUri(redirectUri); 
    params.setScope("https://www.googleapis.com/auth/userinfo.profile"); 
    final String authorizeUrl = oauthOperations.buildAuthorizeUrl(
      GrantType.AUTHORIZATION_CODE, params); 
    response.sendRedirect(authorizeUrl); 

一旦要求，我被帶到了谷歌登錄頁面。該網址顯示scope=https://www.googleapis.com/auth/userinfo.profile

登錄後，用戶被重定向回我的web應用程序和下面的方法被稱爲

final String callbackUrl = "http://localhost/googleCallback"; 
    final AccessGrant accessGrant = oauthOperations.exchangeForAccess(code, 
      callbackUrl, null); 
    // THIS CRASHES WITH 401 
    final Connection<Google> connection = googleConnectionFactory 
      .createConnection(accessGrant); 
    // THIS CRASHES TOO WITH 401 
    new GoogleTemplate(accessGrant.getAccessToken()).userOperations().getUserProfile(); 

我缺少的東西？

Answer 1

我不得不手動連接訪問令牌到API網址才能使其工作。顯然，Spring Social在發送查詢時沒有設置訪問令牌...

LegacyGoogleProfile profile = new GoogleTemplate(
accessGrant.getAccessToken()).getRestTemplate().getForObject(
"https://www.googleapis.com/oauth2/v2/userinfo?access_token=" 
        + accessGrant.getAccessToken(), 
LegacyGoogleProfile.class);