当我尝试使用带有oauth 2.0令牌的REST API时,我会不断在标头下获得空结果[],标头中显示OK-200状态代码。
我创建了一个漫游器,并使用curl +基本身份验证以及swagger测试了其余的API,它们可以正常工作。我使用带有swagger令牌的oauth 2.0测试了curl命令,效果也很好。
我尝试了不同的设置进行测试,但要坚持一个基础:
我在自定义应用程序下创建了一个Bot,选择了“全部”作用域,并选择了“永远”的TTL。
我通过REST在以下范围内成功请求并接收了令牌:'READ_USER_PROFILE,WRITE_USER_PROFILE,READ_CONVERSATIONS,WRITE_CONVERSATIONS,READ_USER'。
我注意到“ ALL”作用域不起作用,它返回“ invalid_client,未为作用域:: = [ALL]启用Application null”,但是同一客户端在没有上述任何作用域的情况下都可以工作一起或单独提及,“ ALL”除外。
我确保我拥有正在测试的REST API的必要范围,例如“ READ_CONVERSATIONS”用于“ /对话”
我根本没有收到任何401或其他错误代码,只有200个。
我用swagger生成的令牌测试了相同的命令,并且返回了带有结果的主体字符串(换句话说,此令牌有效)
我已经用Postman和PowerShell的Invoke-WebRequest / Invoke-RestMethod复制了相同的问题。
不确定是否相关,但是我注意到Web应用程序中不再存在“ OAuth应用程序”选项:“管理”>“ OAuth应用程序”下的webclient。 “ OAuth应用”标签,在“设置”>“电路实验室”中启用“ OAuth应用”。
\\Requesting token:
curl -X POST https://circuitsandbox.net/oauth/token -d "client_id=myclientidhere&client_secret=myclientsecrethere&grant_type=client_credentials&scope=READ_USER_PROFILE,WRITE_USER_PROFILE,READ_CONVERSATIONS,WRITE_CONVERSATIONS,READ_USER" -i
{"access_token":"myaccesstokenhere","token_type":"Bearer","scope":["READ_USER_PROFILE","WRITE_USER_PROFILE","READ_CONVERSATIONS","WRITE_CONVERSATIONS","READ_USER"]}
\\Making request:
curl -i "https://circuitsandbox.net/rest/v2/conversations" -H "Authorization: Bearer myaccesstokenhere" -i
[]
\\\Full sample (-i parameter):
\\Requesting token:
curl -X POST https://circuitsandbox.net/oauth/token -d "client_id=myclientidhere&client_secret=myclientsecrethere&grant_type=client_credentials&scope=READ_USER_PROFILE,WRITE_USER_PROFILE,READ_CONVERSATIONS,WRITE_CONVERSATIONS,READ_USER" -i
HTTP/1.1 200 OK
Date: Sat, 22 Jun 2019 01:21:43 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 179
Connection: keep-alive
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS
access-control-allow-headers: Accept, Accept-Language, User-Agent, Origin, Connection, Host, Accept-Encoding, Authorization, Content-Type, api_key, apiKey
ETag: W/"b3-K441G+yOERm+Qhj2E8VpkzO8ISg"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=157680000; includeSubdomains; preload
{"access_token":"myaccesstokenhere","token_type":"Bearer","scope":["READ_USER_PROFILE","WRITE_USER_PROFILE","READ_CONVERSATIONS","WRITE_CONVERSATIONS","READ_USER"]}
\\Making request:
curl -i "https://circuitsandbox.net/rest/v2/conversations" -H "Authorization: Bearer myaccesstokenhere"
HTTP/1.1 200 OK
Date: Sat, 22 Jun 2019 01:25:37 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS
access-control-allow-headers: Accept, Accept-Language, User-Agent, Origin, Connection, Host, Accept-Encoding, Authorization, Content-Type, api_key, apiKey
ETag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=157680000; includeSubdomains; preload
[]
我希望输出包含请求的正文输出,例如
{"type":"COMMUNITY","convId":"5fad5fa4-1097-d66f-083a-3f129214e99f","participants":["5fad5fa4-1097-d66f-083a-3f129214e99f","5fad5fa4-1097-d66f-083a-3f129214e99f","5fad5fa4-1097-d66f-083a-3f129214e99f","5fad5fa4-1097-d66f-083a-3f129214e99f"],"topic":"YourCompany","creationTime":1560992185888,"modificationTime":1561143383261,"creatorId":"5fad5fa4-1097-d66f-083a-3f129214e99f","creatorTenantId":"5fad5fa4-1097-d66f-083a-3f129214e99f","description":"Default open conversation for YourCompanyHere"}
但是实际输出是:[ ]
答案 0 :(得分:1)
仅测试一下,我就返回了对话(和社区),这不会返回您的对话,但该漫游器是该对话的成员。确保漫游器是对话的成员。
答案 1 :(得分:0)
,这是我所缺少的一部分,即使在对话中添加了漫游器,我仍然无所适从。我还遇到了各种奇怪的问题,例如尝试将旧的bot添加到新对话中时收到错误消息。其原因是因为我为电路沙箱帐户和bot使用了相同的电子邮件地址,所以可能造成了冲突。简而言之,这就是对我有用的东西:
1。使用与我的沙盒帐户不同的电子邮件地址创建了新的漫游器(即使伪造的电子邮件也可以使用)
2。通过电子邮件地址在对话中添加了漫游器(漫游器名称没有显示出来)-谢谢@Roger
3。再次执行相同的命令来创建令牌并使用API,这次成功了!
帮助找出问题,发布和修复同事在不同沙箱中的行为(感谢Ricky El-Qasem!),并在邮递员,curl和PowerShell中进行了测试。