用于服务器到 Google 服务器应用程序的 Bash OAuth 2.0 JWT 脚本

用于服务器到 Google 服务器应用程序的 Bash OAuth 2.0 JWT 脚本

我正在尝试制作一个 jwt 脚本,它根据以下内容为我提供令牌https://developers.google.com/accounts/docs/OAuth2ServiceAccount 这是我目前所得到的,但是令牌服务器回复说 grant_type 无效?

jwt1=`echo -n '{"alg":"RS256","typ":"JWT"}' | base64`

jwt2=`echo -n '{\
"iss":"[email protected]",\
"scope":"https://www.googleapis.com/auth/datastore",\
"aud":"https://accounts.google.com/o/oauth2/token",\
"exp":'$(($(date +%s)+3600))',\
"iat":'$(date +%s)'}' | base64`

jwt3=`echo -n "$jwt1.$jwt2" | tr -d '\n' | sed 's/==//g'`

jwt4=`echo -n "$jwt3" | openssl sha -sha256 -sign google.p12 | base64`

jwt5=`echo -n "$jwt4" | tr -d '\n' | sed 's/=//g'`

curl -H "Content-type: application/x-www-form-urlencoded" -X POST "https://accounts.google.com/o/oauth2/token" -d \
"grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=$jwt3.$jwt5"

答案1

jwt1=`echo -n '{"alg":"RS256","typ":"JWT"}' | openssl base64 -e`

jwt2=`echo -n '{\
"iss":"[email protected]",\
"scope":"https://www.googleapis.com/auth/datastore",\
"aud":"https://accounts.google.com/o/oauth2/token",\
"exp":'$(($(date +%s)+3600))',\
"iat":'$(date +%s)'}' | openssl base64 -e`

jwt3=`echo -n "$jwt1.$jwt2" | tr -d '\n' | tr -d '=' | tr '/+' '_-'`

jwt4=`echo -n "$jwt3" | openssl sha -sha256 -sign google.p12 | openssl base64 -e`

jwt5=`echo -n "$jwt4" | tr -d '\n' | tr -d '=' | tr '/+' '_-'`

curl -H "Content-type: application/x-www-form-urlencoded" -X POST "https://accounts.google.com/o/oauth2/token" -d \
"grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=$jwt3.$jwt5"

相关内容