自动刷新LinkedIn访问令牌

时间:2013-03-03 13:24:43

标签: api rest linkedin

我正在尝试在应用程序的后台自动刷新访问令牌。我读过这篇博文(https://developer.linkedin.com/blog/tips-and-tricks-refreshing-access-token),但我仍然无法弄明白。

当我尝试使用此POST请求刷新令牌(https://www.linkedin.com/uas/oauth/authenticate?oauth_token=XXXXXXXXX,其中XXXXXXXXX被我之前获得的请求令牌替换),如上面的博客文章所述,我得到一个空的访问令牌。

我在Python中执行以下步骤。

request_token_url = 'https://api.linkedin.com/uas/oauth/requestToken?scope=r_fullprofile+rw_groups'
authorize_url = 'https://www.linkedin.com/uas/oauth/authenticate'

consumer = oauth.Consumer(consumer_key, consumer_secret)
client = oauth.Client(consumer)

# fetch a request token
resp, content = client.request(request_token_url, "POST")

request_token = dict(urlparse.parse_qsl(content))

# send a request to refresh an access token
resp, content = client.request("%s?oauth_token=%s" % (authorize_url, request_token['oauth_token']), "POST")
print resp,content

然后,resp是

{'-content-encoding': 'gzip',
 'age': '1',
 'connection': 'keep-alive',
 'content-language': 'en-US',
 'content-length': '0',
 'date': 'Sun, 03 Mar 2013 13:11:05 GMT',
 'location': 'https://www.linkedin.com/uas/oauth/authorize?oauth_token=9e8c5d13-208f-405d-885f-3365e7098fc1&state=',
 'p3p': 'CP="CAO DSP COR CUR ADMi DEVi TAIi PSAi PSDi IVAi IVDi CONi OUR DELi SAMi UNRi PUBi OTRi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT POL PRE"',
 'server': 'Apache-Coyote/1.1',
 'set-cookie': '_lipt=deleteMe; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/, bcookie="v=2&2b52692f-de6c-4ba5-9a2c-62e020790a41"; Version=1; Domain=linkedin.com; Max-Age=63072000; Expires=Tue, 03-Mar-2015 13:11:06 GMT; Path=/, leo_auth_token="GST:9isMS9qbt9c-2XNJU0diaae-LMc-uie4STjVn5qiIk_JtnNvbbPKMS:1362316266:d50e8735b56508fda71b68bd9a5395176e9e603d"; Version=1; Max-Age=1799; Expires=Sun, 03-Mar-2013 13:41:05 GMT; Path=/, sl="delete me"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/, s_leo_auth_token="delete me"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/, JSESSIONID="ajax:2593452035081810950"; Version=1; Path=/, visit="v=1&G"; Version=1; Max-Age=63072000; Expires=Tue, 03-Mar-2015 13:11:06 GMT; Path=/, lang="v=2&lang=en-us"; Version=1; Domain=linkedin.com; Path=/, X-LI-IDC=C1',
 'status': '302',
 'vary': 'Accept-Encoding',
 'x-li-uuid': 'TxiUiruqZNIVm5J4ldUQ0w=='}

并且内容为空,但它应包含刷新的访问令牌。

我在这里做错了什么?

1 个答案:

答案 0 :(得分:0)

我认为你实际上应该将用户重定向(例如302)到第二个端点,而不是向其发送消息。