猿问

使用 React 和 Node.js 登录的 Google 不会返回请求的范围

在我的应用程序中登录时,我需要来自 google api 的其他范围数据。我使用react-google-login这个范围在 React 应用程序中获取令牌:


scope='https://www.googleapis.com/auth/user.birthday.read https://www.googleapis.com/auth/user.addresses.read https://www.googleapis.com/auth/user.organization.read'

当我使用我的凭据登录并允许应用访问请求的范围时,我成功获得了令牌。


我将此令牌发送到后端(Node.js),用于google-auth-library从令牌获取有效负载:


import { OAuth2Client } from 'google-auth-library'


export const validateGoogleAccessTokenOAuth2 = async (idToken: string): Promise<any> => {

    const CLIENT_ID = 'MY_ID'

    const client = new OAuth2Client(CLIENT_ID)


    const ticket = await client.verifyIdToken({

        idToken,

        audience: CLIENT_ID

    })

    const payload = ticket.getPayload()


    return payload

}

在这里,我只收到来自配置文件和电子邮件范围的数据,没有来自请求范围的数据。特别是我需要生日,我还检查了我的谷歌个人资料中允许任何人访问但没有帮助。


我做错了什么还是有另一种方法如何从令牌中获取请求的范围变量?


开满天机
浏览 136回答 1
1回答

翻过高山走不出你

经过一番研究,我发现生日和性别属性不包含在公共令牌的有效负载中client.verifyIdToken函数只是验证idToken并返回它的有效载荷要获取有关用户的其他信息,在这种情况下,您必须使用People API要与 People API 通信,您可以使用googleapisnpm 包,您还必须满足以下条件:People API在 Google Developer Console 中添加到您的项目为您对谷歌的 FE 调用添加额外的范围(在我的情况下https://www.googleapis.com/auth/user.birthday.read)你必须发送idToken到AccessToken你的后端服务用户必须允许与您的应用程序共享性别用户的性别必须在用户的谷歌个人资料中设置为公开做例子import { google } from 'googleapis'import { OAuth2Client } from 'google-auth-library'export const validateGoogleAccessToken = async (idToken, accessToken) => {&nbsp; &nbsp; try {&nbsp; &nbsp; &nbsp; &nbsp; const CLIENT_ID = 'YOUR_GOOGLE_APP_CLIENT_ID'&nbsp; &nbsp; &nbsp; &nbsp; const client = new OAuth2Client(CLIENT_ID)&nbsp; &nbsp; &nbsp; &nbsp; const ticket = await client.verifyIdToken({&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; idToken,&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; audience: CLIENT_ID&nbsp; &nbsp; &nbsp; &nbsp; })&nbsp; &nbsp; &nbsp; &nbsp; const payload = ticket.getPayload()&nbsp; &nbsp; &nbsp; &nbsp; const { OAuth2 } = google.auth&nbsp; &nbsp; &nbsp; &nbsp; const oauth2Client = new OAuth2()&nbsp; &nbsp; &nbsp; &nbsp; oauth2Client.setCredentials({ access_token: accessToken })&nbsp; &nbsp; &nbsp; &nbsp; const peopleAPI = google.people({&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; version: 'v1',&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; auth: oauth2Client&nbsp; &nbsp; &nbsp; &nbsp; })&nbsp; &nbsp; &nbsp; &nbsp; const { data } = await peopleAPI.people.get({&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; resourceName: 'people/me',&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; personFields: 'birthdays,genders',&nbsp; &nbsp; &nbsp; &nbsp; })&nbsp; &nbsp; &nbsp; &nbsp; const { birthdays, gender } = data&nbsp; &nbsp; &nbsp; &nbsp; return {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; ...payload // email, name, tokens&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; birthdates, // array of birthdays&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; genders, // array of genders&nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; } catch (error) {&nbsp; &nbsp; &nbsp; &nbsp; throw new Error('Google token validation failed')&nbsp; &nbsp; }}
随时随地看视频慕课网APP

相关分类

JavaScript
我要回答