Oauth 2.0 无法从 signed_request 'code' 值中获取访问令牌 [英] Oauth 2.0 cannot get an access token from the signed_request 'code' value

查看:38
本文介绍了Oauth 2.0 无法从 signed_request 'code' 值中获取访问令牌的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在迁移到 Oauth 2.0.我当前的站点使用 JS SDK,有一个 fb-login 按钮,然后我正在访问 Graph 以获取用户详细信息.

I'm migrating to Oauth 2.0. My current site uses JS SDK, has a fb-login button, then I'm accessing Graph to get the users details.

我在获取访问令牌以从 Graph 获取此数据时遇到问题.

I'm having problems getting an access token to get this data from Graph.

一个问题可能是 JS SDK 对话框没有将我重定向到它所说的 URL,即带有 ?code=XXXXXXX 的那个,然后我可以用它来获取访问令牌.

One problem could be that JS SDK dialog doesn't redirect my to the URL it says it should i.e. the one with ?code=XXXXXXX that I can then use to get an access token.

所以我查看了 php SDK(我使用的是 ASP)来了解它是如何做到的.我已经解析了 cookie 中的签名请求值,在代码"参数中获取了值以添加到令牌 URL,但我无法获取访问令牌.这些是我正在使用的值:

So I've looked at the php SDK (I'm using ASP) to see how it does it. I've parsed the signed-request value in the cookie, got the value in the 'code' param to add to the token URL but I can't get an access token. These are the values I'm using:

解析的signed_request数据:

Parsed signed_request data:

{"algorithm":"HMAC-SHA256","code":"2.AQCovUOFCduELbna.3600.1323900000.1-773555243|Y_cW4riF4K7el_9a4oVNjL0qvZc","issued_at":1323895617,"user_id":"XXXXXXXXXX"}

Token URL: https://graph.facebook.com/oauth/access_token?
           client_id=XXXXXXXX&
           redirect_uri=XXXXXXXX&
           client_secret=XXXXXX&
           code=2.AQCovUOFCduELbna.3600.1323900000.1-773555243|Y_cW4riF4K7el_9a4oVNjL0qvZc

这是回复:

{"error":{"message":"Error validating verification code.","type":"OAuthException"}} 

代码值的格式是否正确?关于出了什么问题的任何想法?

Does the code value appear to be in the correct format? Any ideas as to what's wrong?

推荐答案

完全一样的问题...

解决方案:如果代码是从cookie payload中提取的,参数redirect_uri留空

solution: if code is extracted from cookie payload, leave parameter redirect_uri empty

试试

代币网址:https://graph.facebook.com/oauth/access_token?client_id=XXXXXXXX&redirect_uri=&client_secret=XXXXXX&code=2.AQCovUOFCduELbna.3600.1323900000.1-77355527elbna.3600.1323900000.1-77355527elbna.3600.1323900000.1-77355527elbna.3600.1323900000.1-77355527elbna.36000000.1-77355527elbna.36000000.1-77355527eNqLycYcYcYcYcYcYcYcYcYcYcYcZiFcYcYcYcYcZiVri=&redirect_uri=&client_secret=XXXXXX

Token URL: https://graph.facebook.com/oauth/access_token?client_id=XXXXXXXX&redirect_uri=&client_secret=XXXXXX&code=2.AQCovUOFCduELbna.3600.1323900000.1-773555243|Y_cW4riF4K7el_9a4oVNjL0qvZc

为我工作!

这篇关于Oauth 2.0 无法从 signed_request 'code' 值中获取访问令牌的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆