oauth2 库和 Netflix API 返回 None 访问令牌 [英] oauth2 library and Netflix API return None access token

问题描述

我一直在使用 netflix api 和 python oauth2 库的受保护身份验证.我提出签名请求没有问题，但是，为了允许用户使用他们的 netflix 帐户登录，我在尝试获取 access_token 时遇到了一些问题，我知道在某些情况下 OAuth 不返回 verifier，即使它应该，但是在从 netflix 的授权页面重定向后，我得到如下内容:http://127.0.0.1:5000/authorized_user?oauth_token=some_token&oauth_verifier= 验证器为空.

I have been working with the protected authentication of the netflix api and the python oauth2 library. I have no problem making signed requests, however, to allow users to sign in using their netflix accounts, I am running into a few problems when I try to get the access_token, I know there cases in which OAuth doesn't return a verifier, even if its supposed to, however after being redirected from the authorization page of netflix I get something like this: http://127.0.0.1:5000/authorized_user?oauth_token=some_token&oauth_verifier= with the verifier empty.

我是图书馆的新手，完全不明白当 verfier 不存在时该怎么办.因为，我成功地将用户重定向到 netflix 登录/授权页面.我假设我的错误来自我不完全理解的这一步.下面是我正在尝试的简化(shell)版本.我很感激朝正确的方向推动，我阅读了 netflix 文档并阅读了库文档，但不知道该怎么做.

I am new to the library and quite didn't understand what to do when the verfier is not present. Since, I successfully redirect the user to the netflix sign in/authorization page. I assume my error comes from this step which I don't fully understand. Below is a simplified (shell) version of what I am attempting. I would appreciate a push in the right direction, I read netflix documentation and read the library documentation but couldn't figure out what to do.

# Get request token (temporary)
resp, content = client.request(REQUEST_TOKEN_URL, "GET")

if resp['status'] != '200':
    raise Exception("Invalid response %s." % resp['status'])

request_token = dict(parse_qsl(content))

print 'Request token'
print  '  --> oauth_token          =  %s' % request_token['oauth_token']
print  '  --> oauth_token_secret   =  %s' % request_token['oauth_token_secret']
print  '  --> login_url            =  %s' % request_token['login_url']

# Redirect to netflix for user authorization

print 'Go to the following link: '
login_url = request_token['login_url']
access_token_url = '%s&oauth_consumer_key=%s' % (login_url, CONSUMER_KEY)

accepted = 'n'
while accepted.lower() == 'n':
    accepted = raw_input('Have you authorized me? (y/n) ')

resp, content = client.request(access_token_url, "POST")

token = oauth.Token(request_token['oauth_token'],
                    request_token['oauth_token_secret'])

client = oauth.Client(consumer, token)

resp, content = client.request(access_token_url, "POST")
access_token = dict(parse_qsl(content))

print "Access Token:"
print "    - oauth_token        = %s" % access_token['oauth_token']
print "    - oauth_token_secret = %s" % access_token['oauth_token_secret']

推荐答案

所以听起来您正在尝试使用 python-oauth2.不幸的是，这个图书馆被广泛认为是废弃的物品.我强烈建议使用维护的库.为此，我可以推荐 rauth.我是 rauth 的维护者，因为它的价值.

So it sounds like you're attempting to use python-oauth2. Unfortunately this library is widely considered abandoned-ware. I would highly recommend using a maintained library. For that I can recommend rauth. I'm the maintainer of rauth, for what it's worth.

现在不幸的是，Netflix 不接受新的应用到他们的 OAuth 基础设施中.但是，我确实为您写了一个示例，如果您愿意尝试一下，可以尝试一下.我不能保证没有一些调整它就不会工作，但它是:

Now unfortunately Netflix is not accepting new applications to their OAuth infrastructure. However I did write up an example for you that could try if you're willing to give rauth a shot. I can't promise it won't work without some tweaks, but here it is:

from rauth import OAuth1Service

import re
import webbrowser

request_token_url = 'http://api-public.netflix.com/oauth/request_token'
access_token_url = 'http://api-public.netflix.com/oauth/access_token'
authorize_url = 'https://api-user.netflix.com/oauth/login'
base_url = 'http://api-public.netflix.com/'

netflix = OAuth1Service(consumer_key='123',
                        consumer_secret='456',
                        request_token_url=request_token_url,
                        authorize_url=authorize_url,
                        access_token_url=access_token_url,
                        base_url=base_url)

request_token, request_token_secret = netflix.get_request_token()

oauth_callback = 'http://example.com/oauth/authorized'

params = {'oauth_callback': oauth_callback, 'application_name': 'your_app'}
authed_url = netflix.get_authorize_url(request_token, **params)

print 'Visit this URL in your browser: ' + authed_url
webbrowser.open(authed_url)

url_with_token = raw_input('Copy URL from your browser\'s address bar: ')
request_token = re.search('\?oauth_token=([^&]*)', url_with_token).group(1)

s = netflix.get_auth_session(request_token, request_token_secret)

r = s.get('users/current')
print r.content

这里有几点需要注意:Netflix 在他们的文档中没有提到验证器.所以我猜这就是为什么你什么也看不到的原因.其次，他们正在返回一个授权"的请求令牌.基本上这个令牌取代了他们流程中的验证器 pin.

A couple of things to note here: Netflix makes no mention of the verifier in their documentation. So I'm guessing that's why you see none. Secondly they are returning an "authorized" request token in place. Basically this token replaces the verifier pin in their flow.

希望这有帮助！

这篇关于oauth2 库和 Netflix API 返回 None 访问令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！