我如何使用UrlFetchApp气体访问令牌(How do I get an access toke

我正在学习如何使用与谷歌Apps脚本（GAS）的REST端点，并希望得到像例子中的访问令牌这里

我使用谷歌的网站，这里是脚本

function doGet(e) {
  var app = UiApp.createApplication().setTitle('test OAuth 2.0');

  var mainPanel = app.createVerticalPanel();
  app.add(mainPanel);

  var url = "https://accounts.google.com/o/oauth2/auth" + 
                     "?scope=https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile" +
                     "&state=/profile" +
                     "&redirect_uri=http://<mySite>.com/gas/home/oauth2apis" +
                     "&response_type=token" +
                     "&client_id=812741506391.apps.googleusercontent.com" +
                     "&approval_prompt=force";
  Logger.log("encodeURI(url):"+encodeURI(url));

  try{
    var response = UrlFetchApp.fetch(encodeURI(url));
  }catch(e){
    Logger.log("caught this:" + e);
  }

  Logger.log("Response code:"+response.getResponseCode());
  Logger.log("X-Auto-Login Response code:"+response.getHeaders());

  var returned = app.createTextArea().setHeight(600).setValue(response.getContentText());
  mainPanel.add(returned);
  return app;
}

和Logger.log

Response code:200
X-Auto-Login Response code:({'Cache-control':"no-cache, no-store", Expires:"Mon, 01-Jan-1990 00:00:00 GMT", 'X-XSS-Protection':"1; mode=block", 'Set-Cookie':"GALX=m0d9oxyH-kQ;Path=/;Secure", 'X-Google-Cache-Control':"remote-fetch", Server:"GSE", Pragma:"no-cache", 'X-Content-Type-Options':"nosniff", 'X-Frame-Options':"Deny", 'X-Auto-Login':"realm=com.google&args=service%3Dlso%26continue%3Dhttps%253A%252F%252Faccounts.google.com%252Fo%252Foauth2%252Fauth%253Fresponse_type%253Dtoken%2526scope%253Dhttps%253A%252F%252Fwww.googleapis.com%252Fauth%252Fuserinfo.email%252Bhttps%253A%252F%252Fwww.googleapis.com%252Fauth%252Fuserinfo.profile%2526redirect_uri%253Dhttp%253A%252F%252F<mySite>.com%252Fgas%252Fhome%252Foauth2apis%2526approval_prompt%253Dforce%2526state%253D%252Fprofile%2526client_id%253D812741506391.apps.googleusercontent.com%2526hl%253Den-US%2526from_login%253D1%2526as%253D6991e98fb6d20df3", 'Strict-Transport-Security':"max-age=2592000; includeSubDomains", Date:"Sat, 16 Jun 2012 12:46:26 GMT", Via:"HTTP/1.1 GWA", 'Content-Type':"text/html; charset=UTF-8"})

MYSITE被映射和在DNS中。

它看起来像它试图做一个重定向（这对我来说很有意义用我有限的OAuth的理解），但返回的代码是200和重定向是302？

我可以使用urlFetchApp来获得访问令牌？

你想获取不应该由你的app--被检索的URL，你需要重定向最终用户的URL。最终用户则授予您的应用访问他们的数据的能力，然后谷歌将用户重定向回您的应用程序。

因为我不相信谷歌提供了从谷歌Apps脚本运行的客户端JavaScript的能力，你将要使用的Web服务器（授权代码）流动。这意味着网址将包含一个授权码，当用户被重定向回您的应用程序。那么你就从Google Apps脚本在服务器到服务器的请求的OAuth 2.0令牌端点的OAuth访问令牌交换的授权码。

下面是一些示例代码（不正确的错误处理，等等。但它运行）：

function doGet(e) {
  var scriptUri = "https://docs.google.com/macros/s/AKfycbzg1LZIqKlKu5f7TtRL4VuleEjExXVCEqH15fI3/exec";
  var clientId = "764634415739.apps.googleusercontent.com";
  var clientSecret = "XXXXXXX-YYYYYYYYY";
  var scope = "https://www.googleapis.com/auth/plus.me";


  var app = UiApp.createApplication().setTitle("");
  var div = app.createVerticalPanel();

  if (e.parameter && e.parameter.code) {
    var redirectUri = scriptUri;
    var tokenEndpoint = "https://accounts.google.com/o/oauth2/token";

    var postPayload = {
      "code" : e.parameter.code,
      "client_id" : clientId,
      "client_secret" : clientSecret,
      "redirect_uri" : redirectUri,
      "grant_type" : "authorization_code"
    };

     var options = {
      "method" : "post",
      "payload" : postPayload
    };

    // do a URL fetch to POST the authorization code to google
    // and get an access token back
    var response = UrlFetchApp.fetch(tokenEndpoint, options);
    var tokenData  = Utilities.jsonParse(response.getContentText());

    // call the Google+ API and get response
    var plusOptions = {
      "headers" : {
        "Authorization" : "Bearer " + tokenData.access_token
      }
    };
    var plusResponse = UrlFetchApp.fetch(
      "https://www.googleapis.com/plus/v1/people/me", plusOptions);
    var plusData = Utilities.jsonParse(plusResponse.getContentText());

    div.add(app.createLabel(plusData.displayName));
    div.add(app.createLabel(plusData.url));

  } else {
    // ask user to go over to Google to grant access
    var redirectUri = scriptUri;
    var url1 = "https://accounts.google.com/o/oauth2/auth?client_id=" + clientId + 
        "%26response_type=code" +
        "%26scope=" + scope +
        "%26redirect_uri=" + redirectUri; 
    div.add(app.createAnchor('Grant data access at Google',url1));   
  }
  app.add(div);


  return app;
}

下面是动作的代码： https://docs.google.com/macros/s/AKfycbzg1LZIqKlKu5f7TtRL4VuleEjExXVCEqH15fI3/exec