coinbase的oauth2有时未能续约访问令牌(使用刷新令牌) [英] coinbase oauth2 sometimes failed to renew access token (using refresh token)
问题描述
我在iOS应用程序整合coinbase和我使用的OAuth2进行身份验证。我能够通过正常的流程去后获得访问令牌。我也照顾尝试刷新我的访问令牌,只要任何请求,通过调用这个打了401(到期后):
I am integrating coinbase in an iOS app and I am using Oauth2 to authenticate. I am able to get the access token after going through the usual workflow. I have also taken care to attempt refresh my access token whenever any requests hit a 401 (upon expiration) by calling this:
https://coinbase.com/oauth/token
数据:
grant_type=refresh_token&refresh_token=abcd1234&client_id=theclientid&client_secret=somesecretid
grant_type=refresh_token&refresh_token=abcd1234&client_id=theclientid&client_secret=somesecretid
它工作一段时间,但随后不时,它会失败,并请求响应:
It works for a while but then from time to time, it would fail with a request response:
NSHTTPURLResponse: 0x15eb2730
{ URL: https://coinbase.com/oauth/token } { status code: 401, headers {
"CF-RAY" = "f67d477aae4052e-YYZ";
"Cache-Control" = "no-store";
Connection = "keep-alive";
"Content-Type" = "application/json; charset=utf-8";
Date = "Sun, 02 Feb 2014 15:14:14 GMT";
Pragma = "no-cache";
Server = "cloudflare-nginx";
"Set-Cookie" = "__cfduid=<some long alpha-numeric string>; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.coinbase.com; HttpOnly";
Status = "401 Unauthorized";
"Strict-Transport-Security" = "max-age=31536000";
"Transfer-Encoding" = Identity;
Vary = "Accept-Encoding";
"Www-Authenticate" = "Bearer realm=\"Doorkeeper\", error=\"invalid_request\", error_description=\"The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed.\"";
"X-Content-Type-Options" = nosniff;
"X-Frame-Options" = SAMEORIGIN;
"X-Rack-Cache" = "invalidate, pass";
"X-Request-Id" = "<some long alpha-numeric string>";
"X-Runtime" = "0.012066";
"X-Ua-Compatible" = "IE=Edge,chrome=1";
} }
有没有人遇到这样的错误?我假设请求的URL是正确的始终。我不知道为什么它会抱怨缺少必需的参数或不支持的参数。我还没有想通了失败的模式呢。但愿有人在那里可能已经见过这个。
Has anyone encounter this error before? I have assume the request URL is correct always. I am not sure why it would complained about "missing required parameter" or "unsupported parameter". I havent figured out a pattern of failure yet. Hopefully, someone out there may have seen this before.
推荐答案
我一直没能直接找到任何文件有关refresh_token请求,但我认为你应该还包括在refresh_token要求REDIRECT_URI(基于这个: https://coinbase.com/docs/api/authentication#collapse2 )
I haven't been able to find any documentation directly about refresh_token requests, but I think you're supposed to also include the redirect_uri in your refresh_token request (based on this: https://coinbase.com/docs/api/authentication#collapse2).
另外,我发现我的官方coinbase的应用程序需要重新授权前几天,但是当我登录到我的帐户coinbase,它说,该应用被授权前25天。所以,也许连request_tokens有超时?不使用应用程序一段时间后,你有没有要求request_token失败?
Also, I noticed that my official coinbase app required a re-auth a few days ago, but when I log in to my coinbase account, it says that the app was authorized 25 days ago. So, perhaps even the request_tokens have a timeout? Did your request_token request fail after not using the app for a while?
或许coinbase重的东西,失效所有的access_tokens和refresh_tokens的,因为我的应用程序,这是previously做工精细尽可能refresh_tokens,但现在失败的refresh_token请求。
Or maybe coinbase reset something and invalidated all of their access_tokens and refresh_tokens because my app, which was previously working fine as far as refresh_tokens, is now failing on the refresh_token request.
所以,我建议让您的应用程序重新检查,当发生这种情况,并得到一个新的access_token和refresh_token,因为我认为这是官方coinbase应用程序做什么。
So, I would suggest having your app re-authorize when this happens, and get a new access_token and refresh_token, since I think that's what the official coinbase app does.
这篇关于coinbase的oauth2有时未能续约访问令牌(使用刷新令牌)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!