验证服务器端通过移动设备检索到的令牌和机密
[英]Validating token and secret retrieved through mobile in the server side
问题描述
So I have an application that currently logs the user using linkedin. 
因此,我有一个应用程序,该应用程序当前使用linkedin记录用户。 We are using several oauth services to register and login the user into our application, however we do need to validate the authentication in our own server to make sure any requests to our API are valid. 我们正在使用几种oauth服务来注册用户并将其登录到我们的应用程序中,但是我们确实需要在我们自己的服务器中验证身份验证,以确保对我们API的任何请求均有效。
Currently the linkedIn SDK is not functional in our application due to minimum API level restrictions, so we are using a different library (LinkedIn-J), I am able to retrieve the user access token and secret, I cannot find any reference as to validate them in the server. 目前,由于最低的API级别限制,linkedIn SDK在我们的应用程序中无法正常运行,因此我们使用的是其他库(LinkedIn-J),我能够检索用户访问令牌和密码,找不到任何引用来验证他们在服务器上。
How can we go around to making this work? 我们如何去做这项工作? Is it even possible to achieve such a thing? 甚至有可能实现这样的目标?
Thank you very much. 非常感谢你。
1 个解决方案
解决方案1
0 2015-04-21 16:13:16
LinkedIn does not have a token validation endpoint. LinkedIn没有令牌验证终结点。 Your best bet is to make a simple non-destructive call like https://api.linkedin.com/v1/people/~ and watch the response to determine whether the token is still valid. 最好的选择是拨打一个简单的无损呼叫,例如https://api.linkedin.com/v1/people/~,并观察响应以确定令牌是否仍然有效。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.