oAuth代码交换秘密令牌

时间:2016-09-23 17:31:29

标签: node.js oauth crossdomain-request.js battlenet-api

我正在创建一个应用程序,该应用程序应该使用oAuth来验证暴雪服务器中的玩家,我想访问他们的角色信息..我无法弄清楚如何请求secret_token。我想我正在做我的帖子请求错误,下面是我正在使用的代码

app.post('/', function(req, res) {

      var code = req.body.code; //this is the code i get ounce the player is redirected back to my redirect_uri
      var redirectUri = "https://localhost:3000/oauth_callback.html";
      var scope = "wow.profile";

      var key = "they client_id i was given";
      var secret = "they secret I was given";

      var grantType = "authorization_code";
      var tokenUri = "https://us.battle.net/oauth/token";
      var uriBody = "?client_id=" + key + "&client_secret=" + secret + "&grant_type=authorization_code&code=" + code + "&redirect_uri=" + redirectUri + "&scope=" + scope;


  request({
    url: tokenUri, //URL to hit
    method: 'POST',
    headers: { 
        'Content-Type': "application/x-www-form-urlencoded",
    },
    body: uriBody //Set the body as a string
}, function(error, response, body){
    if(error) {
        console.log(error);
    } else {
        console.log(response.statusCode, body);
    }
});

所以基本上我正在使用它向我的服务器发出一个发布请求的代码,然后向暴雪服务器发出一个帖子请求,试图用我的代码交换一个访问令牌。

我得到的错误是:

401 '{"error":"unauthorized","error_description":"An Authentication object was not found in the SecurityContext"}'

我正在使用Node.js& request.js要发帖,我的猜测是我没有在请求后提出正确的请求?

2 个答案:

答案 0 :(得分:0)

我认为body中无法接受request密钥。

  如果datajson,则content-type发送JSON form如果content-typex-www-form-urlencoded则发送request({ url: tokenUri, //URL to hit method: 'POST', headers: { 'Content-Type': "application/x-www-form-urlencoded", }, form: uriBody //Set the body as a string }, function(error, response, body){ if(error) { console.log(error); } else { console.log(response.statusCode, body); } });

喜欢这个

ProxyPass            /public/    http://localhost:3002/public/ retry=10
ProxyPassReverse     /public/    http://localhost:3002/public/

答案 1 :(得分:0)

最后!这是我如何让它工作! qs = query-string.js library ... 

var token_params = qs.stringify({
      client_id: key,
      client_secret: secret,
      code: code,
      scope: scope,
      grant_type: 'authorization_code',
      redirect_uri: redirectUri
    });

    request('https://us.battle.net/oauth/token?' + token_params, function(error, response, body){
      if (error) {
        console.log(error);
      } else {
        console.log(body) 
      }

    });
相关问题
最新问题