一大坨GoogleAPI的学习笔记之二（oAuth2.0总结）

本文地址：http://blog.csdn.net/btyh17mxy/article/details/9633279，转载需注明。

本文只针对本地应用，其他应用类型可能有不同。

URL 格式

需要注意的是该地址是https而不是http，非加密请求是被拒绝的。

EndpointDescriptionhttps://accounts.google.com/o/oauth2/auth获取access token的第一个请求。其负责处理活跃session，验证用户。该请求的结果包括access tokens, refresh tokens, and authorization codes.

参数:

ParameterValuesDescriptionresponse_typecode相应类型，本地应用使用的值应为"code"client_idthe client_idobtained from theAPIs ConsoleIndicates the client that is making the request. The value passed in this parameter must exactly match the value shown in the APIs Console.redirect_urione of theredirect_urivalues registered at the APIs Console接受响应的地址，该地址必须跟APIs Console 中注册的地址完全一样(including the http or https schemes, case, and trailing '/').可以是urn:ietf:wg:oauth:2.0:oob 或 http://localhost port. See choosing a redirect_uri for more details.scope该参数表明了应用请求的权限种类这些权限会在授权页展示给用户。（之后会详细说明这个参数）stateany stringIndicates any state which may be useful to your application upon receipt of the response. The Google Authorization Server roundtrips this parameter, so your application receives the same value it sent.login_hintemail address orsub identifierWhen your application knows which user it is trying to authenticate, it may provide this parameter as a hint to the Authentication Server. Passing this hint will either pre-fill the email box on the sign-in form or select the proper multi-login session, thereby simplifying the login flow.一个授权链接实例：

'''https://accounts.google.com/o/oauth2/auth?scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdrive.file+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcalendar+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdrive+https%3A%2F%2Fmail.google.com+https%3A%2F%2Fwww.google.com%2Fm8%2Ffeeds&redirect_uri=http://localhost:8888&response_type=code&client_id=53354213461.apps.googleusercontent.com'''

授权页面：

总之，如果要请求授权的话就让用户在浏览器打开这个这个链接（传入相应参数），然后获取到该请求的返回值就行了。

Google Drive scopes

Scopes available for the Drive API are:

ScopeMeaninghttps://www.googleapis.com/auth/drive.filePer-file access to files created or opened by the apphttps://www.googleapis.com/auth/driveFull, permissive scope to access all of a user's files. Request this scope only when it is strictly necessary. Tokens with scope https://docs.google.com/feeds are accepted and treated the same as tokens with scopehttps://www.googleapis.com/auth/drive.https://www.googleapis.com/auth/drive.apps.readonlyAllows apps read-only access to the list of Drive apps a user has installed.https://www.googleapis.com/auth/drive.readonlyAllows read-only access to file metadata and file contenthttps://www.googleapis.com/auth/drive.readonly.metadataAllows read-only access to file metadata, but does not allow any access to read or download file contenthttps://www.googleapis.com/auth/drive.installSpecial scope used to let users approve installation of an apphttps://www.googleapis.com/auth/drive.appdataAllows access to the Application Data folderhttps://www.googleapis.com/auth/drive.scriptsAllows access to Apps Script files

Google Calendar scopes

ScopeMeaninghttps://www.googleapis.com/auth/calendarread/write access to Calendarshttps://www.googleapis.com/auth/calendar.readonlyread-only access to Calendars

To request access using OAuth 2.0, your application needs the scope information, as well as information that Google supplies during application registration (such as the client ID and/or the client secret).

Gmail scopes

The scope for IMAP and SMTP access is https://mail.google.com/.

Google Contacts scopes

ScopeMeaninghttps://www.google.com/m8/feedsread/write access to Contacts and Contact Groups