Google oAuth2 API提供401未授权

Question

我试图通过Spring Social使用Google凭据实现Google oAuth2 API以登录到我的webapp。

查询到谷歌是如下

googleConnectionFactory = new GoogleConnectionFactory(myKey, mySecret); 
    oauthOperations = googleConnectionFactory.getOAuthOperations(); 
    final String redirectUri = "http://localhost/googleCallback"; 
    final OAuth2Parameters params = new OAuth2Parameters(); 
    params.setRedirectUri(redirectUri); 
    params.setScope("https://www.googleapis.com/auth/userinfo.profile"); 
    final String authorizeUrl = oauthOperations.buildAuthorizeUrl(
      GrantType.AUTHORIZATION_CODE, params); 
    response.sendRedirect(authorizeUrl); 

一旦要求，我被带到了谷歌登录页面。该网址显示scope=https://www.googleapis.com/auth/userinfo.profile

登录后，用户被重定向回我的web应用程序和下面的方法被称为

final String callbackUrl = "http://localhost/googleCallback"; 
    final AccessGrant accessGrant = oauthOperations.exchangeForAccess(code, 
      callbackUrl, null); 
    // THIS CRASHES WITH 401 
    final Connection<Google> connection = googleConnectionFactory 
      .createConnection(accessGrant); 
    // THIS CRASHES TOO WITH 401 
    new GoogleTemplate(accessGrant.getAccessToken()).userOperations().getUserProfile(); 

我缺少的东西？

Answer 1

我不得不手动连接访问令牌到API网址才能使其工作。显然，Spring Social在发送查询时没有设置访问令牌...

LegacyGoogleProfile profile = new GoogleTemplate(
accessGrant.getAccessToken()).getRestTemplate().getForObject(
"https://www.googleapis.com/oauth2/v2/userinfo?access_token=" 
        + accessGrant.getAccessToken(), 
LegacyGoogleProfile.class);