我已经使用SurveyMonkey API获得了OAuth流程的初始一半,但是当我尝试为长期存在的OAuth访问令牌交换短期授权代码时,我得到了一个HTTP 400响应。这是the SurveyMonkey OAuth Guide.
的第3步以下是完整交换的清理版本:
POST /oauth/token?api_key=<removed> HTTP/1.1
Accept: application/json
Accept-Encoding: gzip, deflate, compress
Content-Length: 338
Content-Type: application/json; charset=utf-8
Host: api.surveymonkey.net
User-Agent: HTTPie/0.7.2
{
"client_id": "<removed>",
"client_secret": "<removed>",
"code": "dKkIJYnimBli3TMHoTdHoT-zkzkUFzfHeaWJJyPVmrYG35R5Q-jLLU-Y7Fg3BR0n3tVTQ6sAmDnwVxHXSjZVdiYTJ7u7SWbLCKgQa061bKJYXSpRhTsEL0v5GMWcMEBC2vje5UjRHp3SScFQEwIIjHKZH5raC5RQJJh.JYWEOqw8Iy-2Ds7km1zYaHGGlxqu",
"grant_type": "authorization_code",
"redirect_uri": "https://app.hubspotqa.com"
}
HTTP/1.1 400 Bad Request
Cache-Control: no-store
Connection: keep-alive
Content-Length: 96
Content-Type: application/json; charset=UTF-8
Date: Fri, 24 Jan 2014 00:05:53 GMT
SM-Request-ID: 41264d11-b93d-4f8b-ad1a-c656ccfa268b
Server: nginx
{
"error": "invalid_request",
"error_description": "Invalid POST body or Content-Type received."
}
我也可以使用其他HTTP客户端重现完全相同的错误,但我可以使用the SurveyMonkey API console.手动获取访问令牌,我做错了什么?
<子>
附带问题:OAuth指南说第3步接受redirect_uri
,但the example Python guide uses redirect_url
.哪个参数正确?我可以完全省略吗?我的服务器当然不关心在任何地方重定向。
子>
答案 0 :(得分:3)
事实证明,此Content-Type
所需的POST
为格式编码 - application/x-www-form-urlencoded
,而不是JSON。
请注意,文档实际上并没有在任何地方说出来;这是implied by the example usage of the Python requests library.