【发布时间】:2020-09-01 18:15:38
【问题描述】:
我对 google api 很陌生,但我已经花了 6 个小时来处理这个错误。所以我想使用服务帐户访问我的谷歌驱动器文件。但我总是得到这个错误:
{"error":"invalid_grant","error_description":"无效的 JWT 签名。"}
这是我在 NodeJs 中创建和发送 JWT 的方法:
const privateKeyFile = require("./user.json");
const base64url = require("base64url");
const jsonwebtoken = require("jsonwebtoken");
const querystring = require("querystring");
const request = require("request");
// HEADER
let header = { alg: "RS256", typ: "JWT" };
let encodedH = base64url(JSON.stringify(header));
// CLAIM SET
let exp = parseInt(Date.now() / 1000) + 60 * 20;
// issue time
let iat = parseInt(Date.now() / 1000);
let claimset = {
iss: "*********@*******.iam.gserviceaccount.com",
scope: "https://www.googleapis.com/auth/drive",
aud: "https://oauth2.googleapis.com/token",
exp: exp,
iat: iat,
};
let encodedCs = base64url(JSON.stringify(claimset));
// create signiture
let signitureBase = encodedH + "." + encodedCs;
jsonwebtoken.sign(
signitureBase,
privateKeyFile.private_key,
{
algorithm: "RS256",
header: header,
},
function (err, signature) {
request.post(
"https://oauth2.googleapis.com/token",
{
headers: { "Content-Type": "application/x-www-form-urlencoded" },
body: querystring.encode({
grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer",
assertion: signitureBase + "." + base64url(signature),
}),
},
function (error, response) {
console.log(error);
console.log(response);
}
);
}
);
提前致谢!
【问题讨论】:
标签: node.js google-api jwt