我想使用oauth2包在Go中实现Ebay Browse API客户端凭据授权流程。这是我的conf结构:
conf := clientcredentials.Config{
ClientID: "My Client ID",
ClientSecret: "My client Secret",
Scopes: []string{"https://api.ebay.com/oauth/api_scope"},
TokenURL: "https://api.sandbox.ebay.com/identity/v1/oauth2/token",
EndpointParams: url.Values{"redirect_uri": {"the RuName"}},
}
然后我尝试通过创建* http.Request:
来发出请求req, err := http.NewRequest("GET", "https://api.sandbox.ebay.com/buy/browse/v1/item/v1|202117468662|0?fieldgroups=COMPACT", nil)
if err != nil {
log.Fatal(err)
}
ctx := context.Background()
client := conf.Client(ctx)
res, err := client.Do(req)
if err != nil {
log.Fatal(err)
}
defer res.Body.Close()
但后来我得到了:
{
"errors" : [ {
"errorId" : 1003,
"domain" : "OAuth",
"category" : "REQUEST",
"message" : "Token type in the Authorization header is invalid:Application",
"longMessage" : "Token type in the Authorization header is invalid:Application"
} ]
}
事实证明,当向资源服务器发送请求时,Go的软件包将Authorization标头设置为:
Authorization: Application Access Token token_string
所以,我尝试通过执行以下操作手动将令牌类型设置为Bearer:
tok, err := conf.Token(ctx)
if err != nil {
log.Fatal(err)
}
client := conf.Client(ctx)
req, err := http.NewRequest("GET", "https://api.sandbox.ebay.com/buy/browse/v1/item/v1|202117468662|0?fieldgroups=COMPACT", nil)
if err != nil {
log.Fatal(err)
}
req.Header.Set("Authorization", "Bearer " tok.AccessToken)
res, err := client.Do(req)
但我继续得到同样的错误。
答案 0 :(得分:1)
所以,有一个问题(bug?)与Ebay的OAuth2.0规范的实现有关,我不得不重新实现oauth2 / clientcredentials包的TokenSource,将令牌类型设置为Bearer而不是Application Access令牌。