堆栈内存溢出
  简体   繁体   English

尝试了解OAuth2 refresh_token流-不断获取invalid_grant

[英]Trying to understand OAuth2 refresh_token flow - keep getting invalid_grant

 原文  2013-12-24 18:20:53       python/ oauth-2.0/ salesforce/ force.com

问题描述

My understanding of the refresh_token flow ( http://wiki.developerforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com ) is as follows: 我对refresh_token流程( http://wiki.developerforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com )的理解如下:

  1. Get initial token 获取初始令牌
  2. At regular intervals do "refresh_token" using the token from (1) 定期使用(1)中的令牌执行“ refresh_token”

When I attempt to get the initial token using "password" grant on behalf of the user, the subsequent "refresh_token" fails. 当我尝试代表用户使用“密码”授予来获取初始令牌时,随后的“ refresh_token”将失败。 What am I doing wrong ? 我究竟做错了什么 ?

Consider the python example below: 考虑下面的python示例: 

#!/usr/bin/env python

import requests
import sys
from optparse import OptionParser
import json

usage = "usage: %prog [options] arg"
parser = OptionParser(usage)
parser.description = """Get a login token from salesforce
"""

parser.add_option("-u", "--username", dest="username", help="User name")
parser.add_option("-p", "--password", dest="password", help="User password")
parser.add_option("-t", "--securityToken", dest="token", help="User's security token")
parser.add_option("-i", "--client_id", dest="client_id", help="OAuth client_id (aka SF Consumer Id)")
parser.add_option("-s", "--client_secret", dest="client_secret", help="Client Secret  (aka SF Consumer Secret)")

(options, args) = parser.parse_args()

resp = requests.post('https://login.salesforce.com/services/oauth2/token', params={
   "grant_type":"password",
   "client_id":options.client_id,
   "client_secret":options.client_secret,
   "username":options.username,
   "password":options.password + options.token,
   "redirect_url":"https://localhost:8080/ls/api/oauth"})

accessInfo = json.loads(resp.text)
access_token = accessInfo["access_token"]
print "Initial Token:", json.dumps(accessInfo, indent=4)

resp = requests.post('https://login.salesforce.com/services/oauth2/token', params={
   "grant_type":"refresh_token",
   "client_id":options.client_id,
   "client_secret":options.client_secret,
   "refresh_token":access_token,
   "redirect_url":"https://localhost:8080/ls/api/oauth"})

refreshInfo = json.loads(resp.text)

print "Refresh token:", json.dumps(refreshInfo, indent=4)

1 个解决方案

解决方案1
 1 已采纳  2013-12-25 04:24:28

您不会获得带有用户名/密码流的刷新令牌,因为(a)您拥有用户的密码,并且可以在需要时获取新的访问令牌,并且(b)无法获得用户的授权,这基本上就是刷新令牌表示。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 尝试刷新令牌时获取invalid_grant - Getting invalid_grant when trying to refresh token 谷歌 oauth2 id_token 与 refresh_token - google oauth2 id_token vs refresh_token 通过OAuth 2.0获取访问令牌时出现invalid_grant错误 - invalid_grant error while getting access token via OAuth 2.0 HttpAccessTokenRefreshError:invalid_grant ...一小时限制刷新令牌 - HttpAccessTokenRefreshError: invalid_grant … one hour limit refresh token Django OAuth 工具包 invalid_grant 错误 - Django OAuth Toolkit invalid_grant error pydrive.auth.RefreshError:访问令牌刷新失败:invalid_grant:令牌已过期或撤销 - pydrive.auth.RefreshError: Access token refresh failed: invalid_grant: Token has been expired or revoked 在尝试撤销 OAuth2 访问令牌(Google 登录)时获取 invalid_token 和令牌过期或撤销 - Getting invalid_token & Token expired or revoked while trying to revoke OAuth2 access token (Google Sign in) Google OAuth2client-invalid_grant:令牌已被撤销 - Google OAuth2client - invalid_grant: Token has been revoked 使用用户名和密码授予类型获取OAuth2令牌 - Getting OAuth2 token using username&passowrd grant type 我收到 mastodon/mastodon.py 的 invalid_grant 错误。 我该怎么做 Oauth2 呢? - I get invalid_grant error for mastodon/mastodon.py. How do I do Oauth2 instead?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM