LinkedIn OAuth2:“无法验证访问令牌" [英] LinkedIn OAuth2: "Unable to verify access token"

问题描述

只有当用户在发出OAuth2请求时已登录LinkedIn时，它才有效.

It works if and only if the user is signed into LinkedIn at the time of making the OAuth2 request.

如果用户未登录，则我们会遇到错误.

If the user is not signed in then we encounter an error.

我们的操作顺序:

• 成功获取了新的访问令牌
• 使用访问令牌，发布到api端点https://api.linkedin.com/v1/people/\~

此后，我们将收到包含以下内容的401:

After this we receive a 401 with the following content:

{
  "errorCode": 0,
  "message": "Unable to verify access token",
  "requestId": "C0DUCX81SA",
  "status": 401,
  "timestamp": 1421946470523
}

有时，经过一段时间后，使用相同的访问令牌重试会得到200.有时不会.

Sometimes, after some time passed, a retry with the same Access Token gives a 200. Sometimes not.

如果用户在"401期间"登录到LinkedIn，那么神奇的是先前获取的访问令牌开始工作.

If the user logs in to LinkedIn during this "401 period" then magically the previously fetched access token starts to work.

我不知该如何解决这个问题，因为在LinkedIn上这似乎是个问题.

I am at a loss how to solve this, as it seems to be an issue at LinkedIn.

有人之前有任何建议或任何人看到过这种行为吗?

Has anybody any suggestions or did anybody see this behavior before?

我们尝试了cookie设置，请求之前的等待时间等.

We tried cookie settings, wait periods before our request etc.

我们正在向Zotonic [1]添加LinkedIn OAuth2身份验证，但现在陷入了无法正常工作的模块的境地.

We are adding LinkedIn OAuth2 authentication to Zotonic [1], but are now stuck with a non-working module.

[1] http://zotonic.com/

有人提到了LinkedIn上的两次讨论.现在，他的回答遗憾地从下面的讨论中消失了.

Someone referred to two discussions at LinkedIn. His reply now regretfully disappeared from the discussion below.

这些是链接:

https://developer.linkedin.com/forum/unable-verify-访问令牌

https://developer.linkedin.com/forum/unauthorized-invalid-or-expired-token-to-receivingly-receiving-oauth2-token

在这些讨论中，我都尝试了所有建议，但无济于事.

I have tried all suggestions in these discussions, to no avail.

编辑#2:

查看LinkedIn上的第一次讨论，表明我不是唯一遇到这些一致性问题的人.如果用户在OAuth"dance"

Checking the first discussion at LinkedIn shows that I am not the only one having these consistency issues. Something at LinkedIn is going wrong if the user has cleared cookies or has to sign in to LinkedIn during the OAuth "dance" https://developer.linkedin.com/forum/unable-verify-access-token#comment-36950

更新

已解决，多亏了Matthijs Bierman，请参见下面的答案.

Solved, thanks to Matthijs Bierman, see answers below.

推荐答案

我们在电话上进行了交谈，结果发现您遇到的问题与

We talked on the phone, turns out you're running into the same problem as here. LinkedIn doesn't accept the Authentication header and expects a request parameter: oauth2_access_token.

这篇关于LinkedIn OAuth2:“无法验证访问令牌"的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！