Android的SDK LinkedIn产生不可访问令牌 [英] Android LinkedIn SDK produces unusable access tokens
问题描述
我试图做到:
- 身份验证W / LinkedIn通过他们的Android SDK
- 获取用户的个人资料,以获得他们的用户id
- 对我们的内部服务创建新用户
到目前为止,我已经能够与LinkedIn进行身份验证,检索访问令牌,并使用,对LinkedIn的服务来获取其用户ID。
So far I have been able to authenticate with LinkedIn, retrieve an access token, and use that against LinkedIn's service to obtain their user id.
流量看起来有点像这样
LISessionManager.getInstance(activity).init(this.activity.get(), permissionScope,
authLinkedInCallback, showDialogIfAppMissing);
在返回到我的应用程序使用下面
upon returning into my application I catch the Intent data using the code below
LISessionManager.getInstance(activity).onActivityResult(activity, requestCode, resultCode, data);
这部分似乎是功能性,并产生一个 onAuthSuccess 在 AuthListener 在 LISessionManager 初始化设置。
this part seems to be functional and yields an onAuthSuccess from the AuthListener setup in the LISessionManager initialization.
岗位上取得成功,我能够使用所提供的访问令牌与所提供的 APIHelper ,以获得用户的基本概况
post success I am able to use the provided access token with the provided APIHelper to get the user's basic profile
String built = "https://api.linkedin.com/v1/people/~?format=json";
APIHelper.getInstance(activity.get()).getRequest(activity.get(), built, getProfileCallback);
这实际上是与基本用户配置文件信息成功返回。
this actually returns successfully with the basic user profile information.
这是哪里出了问题众生我只能用这个访问令牌拨打电话使用 APIHelper 。当试图使用提供的访问令牌在其他地方(服务器端,在邮差/ Apigee测试),它总是返回此响应。
this is where the problem beings I can only use this access token to make calls using the APIHelper. When trying to use the provided access token elsewhere (server side, testing in Postman/Apigee) it always returns this response.
{
"errorCode": 0,
"message": "Unable to verify access token",
"requestId": "M9J2NBQV9J",
"status": 401,
"timestamp": 1430922872474
}
我一直在使用LinkedIn的资源用于调试401问题( https://developer.linkedin.com/文档/的oauth2 )使用的 LISessionManager 。评估当前会话告诉我,访问令牌是
I have been using the LinkedIn resource for debugging 401 issues (https://developer.linkedin.com/docs/oauth2) Using the LISessionManager. to evaluate the current session tells me that the access token is
- 仍然有效
- 未到期
- 还是不错的从它发出的时间大约为2个月。
检查我的LinkedIn的个人资料,但并没有撤销访问应用程序和权限范围的 basic_profile,EMAIL_ADDRESS,并w_share
Checking my LinkedIn profile, it has not revoked access to the application and the permission scope is basic_profile, email_address, and w_share
我真的很困惑,为什么这些似乎产生accessTokens不会成为LinkedIn SDK的有效外,压根就没有整个服务是否有效?
I'm really confused why these generated accessTokens don't seem to be valid outside of the LinkedIn SDK, are they not valid across the entire service?
任何帮助AP preciated。
Any help appreciated.
推荐答案
随着LinkedIn的Android SDK认证文档中指出(的 https://developer.linkedin.com/docs/android-sdk-auth )
As noted in LinkedIn's Android SDK authentication documentation (https://developer.linkedin.com/docs/android-sdk-auth),
移动与服务器端的访问令牌
Mobile vs. server-side access tokens
要注意的是经由移动SDK取得该访问令牌只与移动SDK可用这一点很重要,不能被用来使服务器侧的REST API调用
It is important to note that access tokens that are acquired via the Mobile SDK are only useable with the Mobile SDK, and cannot be used to make server-side REST API calls.
同样地,你已经从你的用户使用服务器端的REST API调用不会与移动SDK的工作,经过身份验证的存储的访问令牌。
Similarly, access tokens that you already have stored from your users that authenticated using a server-side REST API call will not work with the Mobile SDK.
这篇关于Android的SDK LinkedIn产生不可访问令牌的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
