[英]Play Framework appending #_=_ to redirect after Facebook auth via OAuth2?
I'm doing a simple redirect after calling OAuth2::retrieveAccessToken() with Play Framework. 在使用Play Framework调用OAuth2 :: retrieveAccessToken()后,我正在进行简单的重定向。 I'm having funny characters appended to the URL that I never put there, so the end result looks as follows: 我有一些有趣的字符附加到我从未放在那里的URL,所以最终结果如下:
Where on earth does the #_=_ come from? #_ = _究竟来自哪里? Here's my route definition from the routes file: 这是路由文件中的路由定义:
GET / Application.index GET / Application.index
Here's the code snippet of the controller dealing with the Facebook authentication: 这是控制器处理Facebook身份验证的代码片段:
public static void facebookConnect() {
OAuth2 facebook = new OAuth2(
"https://graph.facebook.com/oauth/authorize",
"https://graph.facebook.com/oauth/access_token",
"2#############6",
"c##############################2"
);
if(OAuth2.isCodeResponse()) {
OAuth2.Response oauthResponse = facebook.retrieveAccessToken(facebookAuthUrl());
if(oauthResponse.error == null) {
//... Somewhere here, something is causing #_=_ to be appended to the URL?
Application.index();
}
}
facebook.retrieveVerificationCode(facebookAuthUrl());
}
EDIT: 编辑:
According to this page , Facebook changed their API recently to include the = if request_uri is empty, the problem is...my request_uri has been explicitly set? 根据这个页面 ,Facebook最近更改了他们的API以包含=如果request_uri为空,问题是...我的request_uri已经明确设置?
This was added after a security update. 这是在安全更新后添加的。
From the Facebook developer blog : 来自Facebook开发者博客 :
Change in Session Redirect Behavior 会话重定向行为的更改
This week, we started adding a fragment
#_=_
to the redirect_uri when this field is left blank. 本周,当此字段留空时,我们开始向redirect_uri添加片段#_=_
。 Please ensure that your app can handle this behavior. 请确保您的应用可以处理此行为。
Maybe these characters come from the facebook callback. 也许这些角色来自facebook回调。 I was getting a FB callback like 我正在接受FB回调
localhost:9000?someparams#code=verylongcodefromfacebook
I could get rid of the # just by sanitizing the params before requesting the access token. 在请求访问令牌之前,我可以通过清理params来摆脱#。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.