一大坨GoogleAPI的学习笔记之二(oAuth2.0总结)

本文地址:http://blog.csdn.net/btyh17mxy/article/details/9633279,转载需注明。

本文只针对本地应用,其他应用类型可能有不同。


URL 格式

需要注意的是该地址是https而不是http,非加密请求是被拒绝的。

Endpoint Description
https://accounts.google.com/o/oauth2/auth 获取access token的第一个请求。其负责处理活跃session,验证用户。该请求的结果包括access tokens, refresh tokens, and authorization codes.

参数:

Parameter Values Description
response_type code 相应类型,本地应用使用的值应为"code"
client_id the client_idobtained from theAPIs Console Indicates the client that is making the request. The value passed in this parameter must exactly match the value shown in the APIs Console.
redirect_uri one of theredirect_urivalues registered at the APIs Console 接受响应的地址,该地址必须跟APIs Console 中注册的地址完全一样(including the http or https schemes, case, and trailing '/').可以是urn:ietf:wg:oauth:2.0:oob 或 http://localhost port. See choosing a redirect_uri for more details.
scope 该参数表明了应用请求的权限种类 这些权限会在授权页展示给用户。(之后会详细说明这个参数)
state any string Indicates any state which may be useful to your application upon receipt of the response. The Google Authorization Server roundtrips this parameter, so your application receives the same value it sent.
login_hint email address orsub identifier When your application knows which user it is trying to authenticate, it may provide this parameter as a hint to the Authentication Server. Passing this hint will either pre-fill the email box on the sign-in form or select the proper multi-login session, thereby simplifying the login flow.
一个授权链接实例:

'''
https://accounts.google.com/o/oauth2/auth?
scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdrive.file+
https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcalendar+
https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdrive+
https%3A%2F%2Fmail.google.com+
https%3A%2F%2Fwww.google.com%2Fm8%2Ffeeds&
redirect_uri=http://localhost:8888&
response_type=code&
client_id=53354213461.apps.googleusercontent.com
'''

授权页面:

一大坨GoogleAPI的学习笔记之二(oAuth2.0总结)_第1张图片

总之,如果要请求授权的话就让用户在浏览器打开这个这个链接(传入相应参数),然后获取到该请求的返回值就行了。

Google Drive scopes

Scopes available for the Drive API are:

Scope Meaning
https://www.googleapis.com/auth/drive.file Per-file access to files created or opened by the app
https://www.googleapis.com/auth/drive Full, permissive scope to access all of a user's files. Request this scope only when it is strictly necessary. Tokens with scope https://docs.google.com/feeds are accepted and treated the same as tokens with scopehttps://www.googleapis.com/auth/drive.
https://www.googleapis.com/auth/drive.apps.readonly Allows apps read-only access to the list of Drive apps a user has installed.
https://www.googleapis.com/auth/drive.readonly Allows read-only access to file metadata and file content
https://www.googleapis.com/auth/drive.readonly.metadata Allows read-only access to file metadata, but does not allow any access to read or download file content
https://www.googleapis.com/auth/drive.install Special scope used to let users approve installation of an app
https://www.googleapis.com/auth/drive.appdata Allows access to the Application Data folder
https://www.googleapis.com/auth/drive.scripts Allows access to Apps Script files

Google Calendar scopes

Scope Meaning
https://www.googleapis.com/auth/calendar read/write access to Calendars
https://www.googleapis.com/auth/calendar.readonly read-only access to Calendars

To request access using OAuth 2.0, your application needs the scope information, as well as information that Google supplies during application registration (such as the client ID and/or the client secret).


Gmail scopes


The scope for IMAP and SMTP access is https://mail.google.com/.


Google Contacts scopes

Scope Meaning
https://www.google.com/m8/feeds read/write access to Contacts and Contact Groups


你可能感兴趣的:(一大坨GoogleAPI的学习笔记之二(oAuth2.0总结))