Google OAuth2 PlayGround returns “Unauthorized Client”

问题

    clientId = xxxxxx
    clientSecret = xxxxxxxx
    applicationHost = xxxxxxxxx

My authorization code request:

   OAuthClientRequest oAuthClientRequest = OAuthClientRequest
                .authorizationProvider(OAuthProviderType.GOOGLE)
                .setResponseType("code")
                .setClientId(clientId)
                .setParameter("access_type", "online")
                .setRedirectURI(applicationHost + "auth/google/callback")
                .setScope("https://www.googleapis.com/auth/plus.login")
                .buildQueryMessage();

        response.sendRedirect(oAuthClientRequest.getLocationUri());

I am getting an authorization code with this. but whenever I send a request for the access_token using this code I am getting an error. (Code 400)

My access_token request:

    OAuthClientRequest oAuthClientRequest = OAuthClientRequest
            .tokenProvider(OAuthProviderType.GOOGLE)
            .setGrantType(GrantType.AUTHORIZATION_CODE)
            .setClientId(clientId)
            .setClientSecret(clientSecret)
            .setParameter("access_type", "online")
            .setRedirectURI(applicationHost + "auth/google/callback")
            .setCode(code)
            .buildQueryMessage();

    GitHubTokenResponse oAuthResponse = oAuthClient.accessToken(
            oAuthClientRequest, GitHubTokenResponse.class);
    return oAuthResponse.getAccessToken();

OAuth2 Playground response:

    HTTP/1.1 400 Bad Request
    Alternate-protocol: 443:quic
    Content-length: 37
    X-xss-protection: 1; mode=block
    X-content-type-options: nosniff
    X-google-cache-control: remote-fetch
    -content-encoding: gzip
    Server: GSE
    Via: HTTP/1.1 GWA
    Pragma: no-cache
    Cache-control: no-cache, no-store, max-age=0, must-revalidate
    Date: Mon, 17 Feb 2014 09:03:52 GMT
    X-frame-options: SAMEORIGIN
    Content-type: application/json
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    {
       "error": "unauthorized_client"
    }

Please help me out. Thanks in advance.

回答1:

You're taking an auth code from your application (ie. client id XXXXX) and pasting that into a different app (oauth playground with client id YYYYY) and expecting it to work?

That's not gonna work.

It might work if you go into the Gear option and enter your app's credentials. But I'm slightly confused why you're doing this. What is the problem you are trying to solve?

This answer might help How do I authorise an app (web or installed) without user intervention? (canonical ?)

来源：https://stackoverflow.com/questions/21825605/google-oauth2-playground-returns-unauthorized-client