Bitly Oauth授权返回https://bitly.com而不是我的回调网址

Question

我试图使用python请求库通过API授权这个有点App。

我使用http://hottr.tk/ [NSFW] 作为我的回调网址。并且它设置在有点设置中。

from lxml import html
from urllib import parse
import requests

# BASIC INITIALIZATION
username = 'username@fixme.org'
password = 'fixmetoo'
client_id = '18c1065bb7e3cfea7fa80d2c30ee974c6a9c4dba'

# CREATE REQUESTS SESSION
r = requests.session()

# LOGIN TO BITLY
response = r.get("https://bitly.com/a/sign_in")

s = html.fromstring(response.text)
_xsrf = s.xpath("//input[@name='_xsrf']")[0].value

r.headers = {
    'X-Requested-With': 'XMLHttpRequest',
    'X-XSRFToken': _xsrf,
    'User-Agent': "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36",
}

payload = {
    'username': username,
    'password': password,
    'rd': '/',
    '_xsrf': _xsrf,
    'verificaton': 'true',
}

cookie = requests.utils.dict_from_cookiejar(r.cookies)
response = r.post("https://bitly.com/a/sign_in", headers=r.headers, data=payload, cookies=cookie)

# GET to REQUEST AUTHORIZE ENDPOINT
response = r.get("https://bitly.com/oauth/authorize?client_id=" + client_id + "&redirect_uri=" + parse.quote_plus('http://hottr.tk/'))

# POST to REQUEST AUTHORIZE ENDPOINT
r.headers = {
    'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8',
    'Accept-Encoding': 'gzip, deflate',
    'Accept-Language': 'es',
    'Cache-Control': 'max-age=0',
    'Connection': 'keep-alive',
    # 'Content-Length': '147',
    'Content-Type': 'application/x-www-form-urlencoded',
    'Host': 'bitly.com',
    'Origin': 'https://bitly.com',
    'Referer': 'https://bitly.com/oauth/authorize?client_id=" + client_id + "&redirect_uri=http://hottr.tk/',
    'User-Agent': "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36",
}

payload = {
    '_xsrf': _xsrf,
    'redirect_uri': parse.quote_plus('http://hottr.tk/'),
    'client_id': client_id,
    'state': '',
    'action': 'Allow',
}

cookie = requests.utils.dict_from_cookiejar(r.cookies)
response = r.post("https://bitly.com/oauth/authorize", headers=r.headers, data=payload, cookies=cookie)
print(response.headers)
print(response.url)

在这一点上，最后的POST请求应该授权应用并返回和http://hottr.tk/?code=my_code_to_exchange_for_oauth_token之类的网址，但它只返回response.url这个https://bitly.com/并且它没有response.headers.location变量，它是应该使用code参数保存重定向网址的var

状态代码全部为200 ...

任何人都知道为什么它会返回https://bitly.com而不是我的重定向网址？ ：$

Answer 1

大笑，我认为自己是一个更好的方法。这里有很好的记录：http://dev.bitly.com/authentication.html#resource_owner_credentials

import base64
username = b'fixme'
password = b'fixmetoo'
r = requests.session()
r.headers = {
    'Content-Type': 'application/x-www-form-urlencoded',
    'Host': 'api-ssl.bitly.com',
    'Authorization': 'Basic ' + base64.b64encode(username + b':' + password).decode('utf-8'),
}
response = r.post("https://api-ssl.bitly.com/oauth/access_token", headers=r.headers)
print(response.content.decode('utf-8'))