Twitter API - “无效或过期令牌"的原因； [英] Twitter API - Reasons for "invalid or expired token"

问题描述

导致令牌过期的可能原因是什么(除了让用户取消对应用的授权)?

What are the possible reasons that can cause token to become expired (besides having the user un-authorising the app)?

我的问题是我有一个拥有数千名用户的应用程序，所有 API 通信都运行良好，但对于某些用户，我收到了 invalid or expired token 错误，但我最初认为它们是取消了对应用程序的身份验证的用户，但我已经联系了其中的一些用户，他们没有撤销访问权限.

My problem is that I have an app with several thousands of users, all API communication works perfectly but for some users I am getting the invalid or expired token error, my initial though was that they are users who canceled the authentication to the app but I've contacted some of them and they haven't revoked the access.

任何其他问题可能导致该错误的想法?

Any ideas what other issues can cause that error?

推荐答案

通过调用 GET account/verify_credentials，同时使用该访问令牌.

Check the integrity of an access token at any time by calling the GET account/verify_credentials while using that access token.

它被提到并且通过研究我开始知道:

Its mentioned and by research I came to know that:

如果用户明确拒绝您的访问令牌，您的访问令牌将无效从他们的设置中删除应用程序，或者如果 Twitter 管理员暂停了您的应用.如果您的申请被暂停，将会有关于您的应用程序页面说它已被暂停.

Your access token will be invalid if a user explicitly rejects your application from their settings or if a Twitter admin suspends your application. If your application is suspended there will be a note on your application page saying that it has been suspended.

为什么我的 twitter oauth 访问令牌无效/过期?

Why is my twitter oauth access token invalid / expired ?

查看这篇文章:无效/过期访问令牌.

谷歌群组中有一个帖子说:

There is one post in google groups that says:

您没有第二次机会，这是设计使然.OAuth 请求有独特的签名；一旦提交了一个特定的请求，它不能再次提交.如果他们正确输入了 PIN，一切都很好，您将获得一个访问令牌.如果他们输入错误，您会收到 401 Unauthorized - 这是预期的.但是如果他们再次尝试输入密码，即使是正确的密码显示为未经授权.

You don't get a second chance, and this is by design. OAuth requests have a unique signature; once a particular request is submitted, it can't be submitted again. If they enter the pin correctly, all is well, you get an access token. If they enter the pin wrong, you get 401 Unauthorized - which is expected. But if they then try again to enter the pin, even the correct pin shows as unauthorized.

查看此链接以上参考.

Twitter 员工针对同一问题的一些建议:

Some suggestions by twitter employee for the same problem:

我想此时我会建议两件事:1.) 转到您的应用程序设置并使用重置密钥"选项卡重置您的消费者密钥和秘密，然后在应用程序中更新这些值并验证您是否仍然看到相同的行为.2.) 尝试通过oauth_callback 在 request_token 调用中.老实说我不认为这个会有所作为，但我想尝试尽可能严格在这里.

I guess there are two things I would suggest at this point: 1.) Go to your application settings and use the "Reset keys" tab to reset your consumer key and secret, then update those values in the app and verify that you still see the same behavior. 2.) Try passing oauth_callback in your request_token call. Honestly I don't think this will make a difference, but I want to try and be as rigorous as I can here.

还要检查这个讨论说:

您需要使用从返回的 oauth_token 和 oauth_token_secretoauth/access_token 调用而不是应用设置中的调用在 dev.twitter.com

You need to use the oauth_token and oauth_token_secret returned from the oauth/access_token call instead of the one in your app's settings in dev.twitter.com

这篇关于Twitter API - “无效或过期令牌"的原因；的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！