试图了解OAuth2 refresh_token流程 - 继续获取invalid_grant

时间:2013-12-24 18:20:54

标签: python oauth-2.0 salesforce force.com

我对refresh_token流程(http://wiki.developerforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com)的理解如下:

  1. 获取初始令牌
  2. 定期使用(1)
  3. 中的令牌执行“refresh_token”

    当我尝试代表用户使用“password”grant获取初始令牌时,后续的“refresh_token”失败。我做错了什么?

    考虑下面的python示例:

    #!/usr/bin/env python
    
    import requests
    import sys
    from optparse import OptionParser
    import json
    
    usage = "usage: %prog [options] arg"
    parser = OptionParser(usage)
    parser.description = """Get a login token from salesforce
    """
    
    parser.add_option("-u", "--username", dest="username", help="User name")
    parser.add_option("-p", "--password", dest="password", help="User password")
    parser.add_option("-t", "--securityToken", dest="token", help="User's security token")
    parser.add_option("-i", "--client_id", dest="client_id", help="OAuth client_id (aka SF Consumer Id)")
    parser.add_option("-s", "--client_secret", dest="client_secret", help="Client Secret  (aka SF Consumer Secret)")
    
    (options, args) = parser.parse_args()
    
    resp = requests.post('https://login.salesforce.com/services/oauth2/token', params={
       "grant_type":"password",
       "client_id":options.client_id,
       "client_secret":options.client_secret,
       "username":options.username,
       "password":options.password + options.token,
       "redirect_url":"https://localhost:8080/ls/api/oauth"})
    
    accessInfo = json.loads(resp.text)
    access_token = accessInfo["access_token"]
    print "Initial Token:", json.dumps(accessInfo, indent=4)
    
    resp = requests.post('https://login.salesforce.com/services/oauth2/token', params={
       "grant_type":"refresh_token",
       "client_id":options.client_id,
       "client_secret":options.client_secret,
       "refresh_token":access_token,
       "redirect_url":"https://localhost:8080/ls/api/oauth"})
    
    refreshInfo = json.loads(resp.text)
    
    print "Refresh token:", json.dumps(refreshInfo, indent=4)
    

1 个答案:

答案 0 :(得分:1)

您没有获得带有用户名/密码流的刷新令牌,因为(a)您拥有用户的密码并且可以在需要时获得新的访问令牌,并且(b)无法获得用户的授权,基本上是刷新令牌所代表的内容。