Question

我尝试使用以下指南实施Yahoo OAuth 2.0：https://developer.yahoo.com/oauth2/guide/ 我能够授权并且我收到了授权码，但是我在第4步中吮吸了。当我的代码尝试使用/ get_token 401来交换访问令牌的授权码时，会抛出未授权的错误。 { “错误”：“invalid_grant” }

根据https://developer.yahoo.com/oauth2/guide/errors/index.html，invalid_grant表示提供了无效或过期的令牌。我有点困惑为什么401被抛出。

有人经历过类似的问题吗？

public class YahooOAuthClient : OAuth2Client
{
    private const string AuthorizeUrl = "https://api.login.yahoo.com/oauth2/request_auth";
    private const string TokenEndpoint = "https://api.login.yahoo.com/oauth2/get_token";

    private readonly string clientId;
    private readonly string clientSecret;

    public YahooOAuthClient(string clientId, string clientSecret)
        : base("Yahoo")
    {
        this.clientId = clientId;
        this.clientSecret = clientSecret;
    }

    protected override Uri GetServiceLoginUrl(Uri returnUrl)
    {
        var uriBuilder = new UriBuilder(AuthorizeUrl);
        uriBuilder.AppendQueryArgument("client_id", this.clientId);
        uriBuilder.AppendQueryArgument("redirect_uri", returnUrl.ToString());
        uriBuilder.AppendQueryArgument("response_type", "code");
        uriBuilder.AppendQueryArgument("language", "en-us");

        return uriBuilder.Uri;
    }

    protected override IDictionary<string, string> GetUserData(string accessToken)
    {
        return new Dictionary<string, string>
        {
            {"id", accessToken}
        };
    }

    protected override string QueryAccessToken(Uri returnUrl, string authorizationCode)
    {
        var postData = HttpUtility.ParseQueryString(string.Empty);
        postData.Add(new NameValueCollection
            {
                { "grant_type", "authorization_code" },
                { "code", authorizationCode },
                { "redirect_uri", returnUrl.GetLeftPart(UriPartial.Path) },
            });

        var webRequest = (HttpWebRequest)WebRequest.Create(TokenEndpoint);

        webRequest.Method = "POST";
        webRequest.ContentType = "application/x-www-form-urlencoded";
        String encoded = Convert.ToBase64String(Encoding.GetEncoding("ISO-8859-1").GetBytes(clientId + ":" + clientSecret));
        webRequest.Headers.Add("Authorization", "Basic " + encoded);

        using (var s = webRequest.GetRequestStream())
        using (var sw = new StreamWriter(s))
            sw.Write(postData.ToString());

        using (var webResponse = webRequest.GetResponse())
        {
            var responseStream = webResponse.GetResponseStream();
            if (responseStream == null)
                return null;

            using (var reader = new StreamReader(responseStream))
            {
                var response = reader.ReadToEnd();
                var json = JObject.Parse(response);
                var accessToken = json.Value<string>("access_token");
                return accessToken;
            }
        }
    }
}

Answer 1

这个答案可能会迟到但我遇到了和你一样的问题，尽管我用PHP实现了。这就是我意识到的错误：

最初我的return_url的格式为

http://example.com/oauth_handle?route=something/path/like&param1=value&param2=value

我正在为facebook，twitter（blah），google linkedin和yahoo实现oauth。 Google oauth api不喜欢route=something/path/like所以我将其编码为

http://example.com/oauth_handle?route=something%2Fpath%2Flike&param1=value&param2=value

这就是按原样发送到/request_auth端点的return_uri。

然后对于/get_token，然后参数return_uri再次进行了网址编码，这意味着我现在正在为route=something/path/like部分进行双网址编码，这使得return_uri两个要求不同。

通过url_encode解决我的问题来纠正这个问题。希望这有帮助！

发布访问令牌时，Yahoo OAuth 2.0 invalid_grant

1 个答案: