Bash OAuth 2.0 JWT-Skript für Server, um Serveranwendungen zu googeln

2546
Gert Cuykens

Ich versuche, ein JWT-Skript zu erstellen, das mir Token auf der Grundlage von https://developers.google.com/accounts/docs/OAuth2ServiceAccount zur Verfügung stellt. Dies ist, was ich bis jetzt habe, aber der Token-Server antwortet, dass der grant_type ungültig ist.

jwt1=`echo -n '{"alg":"RS256","typ":"JWT"}' | base64`  jwt2=`echo -n '{\ "iss":"...@developer.gserviceaccount.com",\ "scope":"https://www.googleapis.com/auth/datastore",\ "aud":"https://accounts.google.com/o/oauth2/token",\ "exp":'$(($(date +%s)+3600))',\ "iat":'$(date +%s)'}' | base64`  jwt3=`echo -n "$jwt1.$jwt2" | tr -d '\n' | sed 's/==//g'`  jwt4=`echo -n "$jwt3" | openssl sha -sha256 -sign google.p12 | base64`  jwt5=`echo -n "$jwt4" | tr -d '\n' | sed 's/=//g'`  curl -H "Content-type: application/x-www-form-urlencoded" -X POST "https://accounts.google.com/o/oauth2/token" -d \ "grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=$jwt3.$jwt5" 
5

1 Antwort auf die Frage

7
Gert Cuykens
jwt1=`echo -n '{"alg":"RS256","typ":"JWT"}' | openssl base64 -e`  jwt2=`echo -n '{\ "iss":"...@developer.gserviceaccount.com",\ "scope":"https://www.googleapis.com/auth/datastore",\ "aud":"https://accounts.google.com/o/oauth2/token",\ "exp":'$(($(date +%s)+3600))',\ "iat":'$(date +%s)'}' | openssl base64 -e`  jwt3=`echo -n "$jwt1.$jwt2" | tr -d '\n' | tr -d '=' | tr '/+' '_-'`  jwt4=`echo -n "$jwt3" | openssl sha -sha256 -sign google.p12 | openssl base64 -e`  jwt5=`echo -n "$jwt4" | tr -d '\n' | tr -d '=' | tr '/+' '_-'`  curl -H "Content-type: application/x-www-form-urlencoded" -X POST "https://accounts.google.com/o/oauth2/token" -d \ "grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=$jwt3.$jwt5"