无法在Facebook JS SDK中授权用户:“此授权代码已被使用”。或如何获得新的授权令牌? [英] Can not authorise user in Facebook JS SDK : "This authorization code has been used." or how to get new authorisation token?
问题描述
我正在尝试使用Facebook来验证用户。除Ajax调用之外,它还可以正常工作。大多数时候,它只发送旧令牌,我得到:
I am trying to use Facebook to authenticate users. It works ok except for Ajax calls. Most of the times it just send old token and I get :
{"error":{"message":"This authorization code has been used.","type":"OAuthException","code":100}}
所以我试图做的是用
FB.getLoginStatus(function(response) {
if (response.status === 'connected') {
return fn();
...
这没有工作,所以我已经添加:true作为参数getLoginStatus以防止缓存:
this did not worked so I've added : true as parameter to getLoginStatus to prevent caching :
FB.getLoginStatus(function(response) {
if (response.status === 'connected') {
console.log('connected');
fn();
} else if (response.status === 'not_authorized') {
console.log('not_authorized);
} else {
console.log('not_logged_in');
}
},true);
很棒!除非是非常缓慢。我做错了吗?每个动作后都可以获得新的令牌,所以我不需要等到下一个?
Great! Except it is terribly slow. Am I doing something wrong? Can I get new token after each action so I do not need to wait before the next one?
感谢
W
推荐答案
这是Facebook所说的:
Here's what Facebook says:
OAuth授权码的新安全限制
我们只允许授权代码交换访问令牌一次,并要求在创建后10分钟内交换访问令牌,这符合OAuth 2.0规范,从一开始就指出授权代码必须要短信和单次使用。有关详细信息,请查看我们的身份验证文档。
"New security restrictions for OAuth authorization codes. We will only allow authorization codes to be exchanged for access tokens once and will require that they be exchanged for an access token within 10 minutes of their creation. This is in line with the OAuth 2.0 Spec which from the start has stated that "authorization codes MUST be short lived and single use". For more information, check out our Authentication documentation.
这样做的方法是使用扩展您的访问令牌api:
The way around this is to use the extending your access token api:
https://developers.facebook.com/docs / howtos / login / extend-tokens /
这篇关于无法在Facebook JS SDK中授权用户:“此授权代码已被使用”。或如何获得新的授权令牌?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
