如何使用ruby从Infusionsoft的Oauth获取访问令牌?
[英]How to get access token from Infusionsoft's Oauth with ruby?
问题描述
We're integrating our ruby on rails 4 app with Infusionsoft's XML-RPC API through their 3-legged Oauth2 implementation. 
我们正在通过其3条腿的Oauth2实现将ruby on rails 4应用程序与Infusionsoft的XML-RPC API集成在一起。
(Documentation here - https://developer.infusionsoft.com/docs/xml-rpc/#authentication-request-permission ) (此处的文档-https: //developer.infusionsoft.com/docs/xml-rpc/#authentication-request-permission )
We set up a redirect action to send the user to the Infusionsoft application authentication page with our app's ID. 我们设置了重定向操作,以使用我们的应用程序ID将用户发送到Infusionsoft应用程序身份验证页面。
def connect_inf
redirect_to "https://signin.infusionsoft.com/app/oauth/authorize?client_id=XXXXXXX&redirect_uri=https://testappurl.herokuapp.com/websites/1/connect_inf/callback/&response_type=code&scope=full"
end
Then, after the user authenticates, the user gets sent back to our callback action with a URL looking like this... 然后,在用户进行身份验证之后,该用户将使用如下所示的URL发送回我们的回调操作...
https://testappurl.herokuapp.com/websites/1/connect_inf/callback?scope=full|theirappdomain.infusionsoft.com&code=XXXXXXX https://testappurl.herokuapp.com/websites/1/connect_inf/callback?scope=full|theirappdomain.infusionsoft.com&code=XXXXXXX
Where we get the code and use RestClient to post it back to Infusionsoft to request the access token, with the parameters in the order they specify in their documentation. 我们在这里获取代码,并使用RestClient将其发回到Infusionsoft以请求访问令牌,并按照它们在其文档中指定的顺序来指定参数。
def get_inf
response = RestClient.post 'https://api.infusionsoft.com/token', :client_id => 'XXXXXXXXXXXXXX', :client_secret => 'XXXXXXX', :code => params[:code], :grant_type => 'authorization_code', :redirect_uri => 'https://testappurl.herokuapp.com/websites/1/connect_inf/callback/', :accept => 'text/xml'
end
This returns RestClient::BadRequest: 400 Bad Request 这将返回RestClient::BadRequest: 400 Bad Request
I assume this has something to do with how parameters are being delivered. 我认为这与如何传递参数有关。
1 个解决方案
解决方案1
0 2016-01-19 13:46:37
For the reference of ruby developers accessing Infusionsoft's API, this was caused by a number of issues caused by using dynamic redirect and callback URLs. 供使用Infusionsoft API的ruby开发人员参考,这是由使用动态重定向和回调URL引起的许多问题引起的。 Infusionsoft whitelists one callback URL you provide when registering your app. Infusionsoft将您在注册应用程序时提供的一个回调URL列入白名单。
I was able to solve this by using an OmniAuth strategy for Infusionsoft and using OmniAuth to access the tokens. 通过针对Infusionsoft使用OmniAuth策略并使用OmniAuth访问令牌,我能够解决此问题。
https://github.com/L1h3r/omniauth-infusionsoft https://github.com/L1h3r/omniauth-infusionsoft
We pointed the default omniauth callback path "/auth/infusionsoft/callback" to a controller action in our routes. 我们将默认的omniauth回调路径“ / auth / infusionsoft / callback”指向了路由中的控制器操作。
get '/auth/:provider/callback', to: 'websites#get_inf'
Where we were able to access the tokens like so... 我们可以像这样访问令牌的地方...
def get_inf
access_token = env["omniauth.auth"]['credentials']['token']
refresh_token = env["omniauth.auth"]['credentials']['refresh_token']
expires_at = env["omniauth.auth"]['credentials']['expires_at']
end
You could then save these tokens to a user object for example. 例如,您可以将这些令牌保存到用户对象。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.