LinkedIn OAuth2授权服务器遇到意外情况 [英] LinkedIn OAuth2 Authorization server encountered an unexpected condition
问题描述
对于一些试图通过Web视图中的移动设备通过OAuth2 API中的链接进行身份验证的用户,我们收到了这个奇怪的错误消息.
We're getting this weird error for some of our users who are trying to authenticate via linked in OAuth2 API from mobile within a webview.
https://www.linkedin.com/uas/oauth2/authorization?response_type=code&client_id=XXX&state=XXX&redirect_uri=XXX&scope=r_emailaddress%20r_basicprofile
提交后( https://www.linkedin.com/uas/oauth2/authorizedialog/submit),有一个重定向到我们带有以下参数的重定向uri.
After the submit ( https://www.linkedin.com/uas/oauth2/authorizedialog/submit ), there is a redirect to our redirect uri with the following params.
?error=server_error&error_description=XXX&state=the+authorization+server+encountered+an+unexpected+condition
我经历了此=> http://chriskief. com/2014/04/23/linkedin-api-unable-to-retrieve-access-token/.
创建新应用程序或生成新密钥是一个问题,因为它会破坏已安装应用程序的登录链接.我们以前从未使用过OAuth1.
Creating a new application or generating fresh keys is a problem as it would break the linked in login for already installed apps. We have never use OAuth1 before.
推荐答案
在LinkedIn授权表单上,在用户的电子邮件地址之前或之后添加空格字符时,我们能够重现此错误. LinkedIn不会在此字段上修剪任何多余的空格.
We were able to reproduce this error when a space character is added before or after the user's email address on the LinkedIn authorization form. LinkedIn doesn't do any trimming of extraneous whitespace on this field.
我的假设是,当人们使用空格键来接受电子邮件地址上的自动完成建议时,这种情况会在移动设备上发生.因此,用户开始输入电子邮件地址,操作系统会推荐一个已知的电子邮件地址,通常,移动操作系统会在按下空格键时使用该推荐.
My hypothesis is that this happens on mobile when people use the space bar as a way to accept an autocompletion recommendation on the email address. So the user starts typing their email address, the OS recommends a known email address and, generally, mobile OSs will use the recommendation when the space bar is pressed.
这篇关于LinkedIn OAuth2授权服务器遇到意外情况的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!