需要帮助使用Google Oauth和Android配置Django Rest API

2024-05-19 • 问答

我正在尝试将django rest API配置为使用Google登录OAuth和 django-rest-framework-social-oauth2

我已经看过this question，但似乎无法弄清楚他们如何检索access_token

根据this指南，我到目前为止已经尝试过的操作：

在console.developers.google.com

中启动了一个新项目

已添加到settings.py：

SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = '2377[...].apps.googleusercontent.com'
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = '[...]'
SOCIAL_AUTH_GOOGLE_OAUTH2_SCOPE = ['email']

INSTALLED_APPS = [
    ...
    # oauth
    'oauth2_provider','social_django','rest_framework_social_oauth2'
]

AUTHENTICATION_BACKENDS = (
    # Google OAuth2
    'social_core.backends.google.GoogleOAuth2',# django-rest-framework-social-oauth2
    'rest_framework_social_oauth2.backends.DjangoOAuth2',# Django
    'django.contrib.auth.backends.ModelBackend',)

但是，当我尝试交换我从Android上的Google登录获取的身份验证代码

时，

gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
            .requestServerauthCode(Values.CLIENT_ID_WEB_APP)
            .requestEmail()
            .build();

在我的Django Rest API后端使用访问令牌

OkHttpClient client = new OkHttpClient();
RequestBody requestBody = new FormEncodingBuilder()
    .add("grant_type","convert_token")
    .add("client_id",Values.CLIENT_ID_REST_APP)
    .add("client_secret",Values.CLIENT_SECRET_REST_APP)
    .add("backend","google-oauth2")
    .add("token",idToken)
    .build();

我从服务器收到400 HTTP响应：

{“错误”：“ access_denied”，“错误描述”：“不允许使用您的凭据”}

我错过了什么吗？预先感谢！

我从管理员那里删除了我的应用程序并创建了一个新应用程序后，它就可以工作了。此外，我删除了除管理员用户之外的所有用户。

就我而言，我在 settings.py 文件中有这些更改：

SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = '1234565432-n9vf123456perna7o1oungbqhp6rcl.apps.googleusercontent.com'
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = '123456trewBNqTL_or38'


SOCIAL_AUTH_GOOGLE_OAUTH2_SCOPE = [
    'https://www.googleapis.com/auth/userinfo.email','https://www.googleapis.com/auth/userinfo.profile',]
INSTALLED_APPS = [
    ...
    # Social auth
    'oauth2_provider','social_django','rest_framework_social_oauth2',]
AUTHENTICATION_BACKENDS = (
    'social_core.backends.google.GoogleOAuth2','rest_framework_social_oauth2.backends.DjangoOAuth2','django.contrib.auth.backends.ModelBackend',)

在 Android 方面我有：

override fun onCreate(savedInstanceState: Bundle?) {
    ...
    val serverClientId = getString(R.string.default_web_client_id)
        val gso = GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
            .requestIdToken(serverClientId)
            .requestServerAuthCode(serverClientId)
            .requestEmail()
            .build()


    googleSignInClient = GoogleSignIn.getClient(this,so)
}
override fun onActivityResult(requestCode: Int,resultCode: Int,data: Intent?) {
        super.onActivityResult(requestCode,resultCode,data)
        if (requestCode == RC_SIGN_IN) {
            val task = GoogleSignIn.getSignedInAccountFromIntent(data)
            try {
                val account = task.getResult(ApiException::class.java)
                account?.let {
                    firebaseAuthWithGoogle(it)
                }
            } catch (e: ApiException) {
                Log.w(TAG,"Google sign in failed",e)
            }
        }
    }
private fun firebaseAuthWithGoogle(account: GoogleSignInAccount) {
        val credential = GoogleAuthProvider.getCredential(account.idToken,null)
        mAuth.signInWithCredential(credential)
            .addOnCompleteListener(this) { task ->
                if (task.isSuccessful) {
                    val user = mAuth.currentUser
                    Toast.makeText(this,"Authentication Success.",Toast.LENGTH_SHORT).show()
                    getGoogleAccessToken(account.idToken,account.serverAuthCode)
                } else {
                    Toast.makeText(this,"Authentication Failed.",Toast.LENGTH_SHORT).show()
                }
            }
    }

getGoogleAccessToken 是对 https://www.googleapis.com/oauth2/v4/token/ URL 的 google 访问令牌的 Retrofit API 调用。

val call = apiInterface?.getAccessToken(
            id_token = tokenId,authCode = authCode,response_type = "Code",redirect_uri = "",grant_type = "authorization_code",client_id = getString(R.string.default_web_client_id),client_secret = getString(R.string.server_client_secret)
        )

API 的响应是访问令牌。

data class GoogleSignInAccessTokenDataClass(
val access_token: String,val expires_in: Int,val id_token: String,val token_type: String
)

需要帮助使用Google Oauth和Android配置Django Rest API

iCMS 回答：需要帮助使用Google Oauth和Android配置Django Rest API

大家都在问