我们似乎遇到了一个问题,即我们正在通过"Processing authentication tokens" page的“使用SOAP故障刷新过期的令牌”一节中所述的错误来刷新身份验证令牌。 Sonos正在接收新令牌并使用它来满足其原始请求,但随后又恢复使用旧令牌信息。
我们捕获了一些显示问题的流量,并且能够重现几次。
首先,Sonos使用过期的令牌发出请求:
utilities/../../packages/我们的服务将令牌识别为已过期并刷新它:
POST /soap HTTP/1.1
Connection: Keep-Alive
Content-Type: text/xml; charset="utf-8"
Accept-Encoding: gzip
Accept-Language: en-US
Host: <our_service>
Max-Forwards: 10
User-Agent: Linux UPnP/1.0 Sonos/52.13-69030 (ICRU_iPhone11,8)
X-Sonos-Controller-ID: 02A4****
X-Sonos-Api-Key: 4348****
X-Sonos-Corr-Id: c27c47ca-50c7-4a45-8c77-12c6b6a4415c
SOAPACTION: "http://www.sonos.com/Services/1.1#getMetadata"
X-FORWARDED-PROTO: https
X-FORWARDED-PORT: 443
X-ORIGINAL-HOST: <our_service>
X-Original-URL: /soap
X-Forwarded-For: ****
X-ARR-SSL: ****
X-ARR-LOG-ID: 203a446d-76ec-498d-b72d-ad8e61a0611e
Content-Length: 803
<?xml version="1.0"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<context xmlns="http://www.sonos.com/Services/1.1">
<timeZone>-4:00</timeZone>
</context>
<credentials xmlns="http://www.sonos.com/Services/1.1">
<loginToken>
<token>95ce****</token>
<key>{"Expires":"2019-09-24T18:33:58.7093084Z","RefreshToken":"ceaa****"}</key>
<householdId>Sonos_sIGui81Pzu6Jny5L0ELN0WnJsG</householdId>
</loginToken>
<deviceId>78-28-CA-03-DA-40:B</deviceId>
<deviceProvider>Sonos</deviceProvider>
</credentials>
</s:Header>
<s:Body>
<getMetadata xmlns="http://www.sonos.com/Services/1.1">
<id>root</id>
<index>0</index>
<count>100</count>
</getMetadata>
</s:Body>
</s:Envelope>
Sonos接收新令牌,并使用它来满足其原始请求:
HTTP/1.1 500 Internal Server Error
Content-Type: text/xml; charset="utf-8"
Server: Microsoft-IIS/10.0
Date: Wed, 25 Sep 2019 13:45:39 GMT
Content-Length: 554
<?xml version="1.0"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Body>
<s:Fault>
<faultcode>Client.TokenRefreshRequired</faultcode>
<faultstring>Auth Token Refreshed</faultstring>
<detail>
<refreshAuthTokenResult xmlns="http://www.sonos.com/Services/1.1">
<authToken>d464****</authToken>
<privateKey>{"Expires":"2019-09-25T14:45:39.2925349Z","RefreshToken":"a0ab****"}</privateKey>
</refreshAuthTokenResult>
</detail>
</s:Fault>
</s:Body>
</s:Envelope>
新令牌很不错,因此我们会提供以下信息:
POST /soap HTTP/1.1
Connection: Keep-Alive
Content-Type: text/xml; charset="utf-8"
Accept-Encoding: gzip
Accept-Language: en-US
Host: <our_service>
Max-Forwards: 10
User-Agent: Linux UPnP/1.0 Sonos/52.13-69030 (ICRU_iPhone11,8)
X-Sonos-Controller-ID: 02A4****
X-Sonos-Api-Key: 4348****
X-Sonos-Corr-Id: 6f050fc0-027a-410c-8315-bf22486140a7
SOAPACTION: "http://www.sonos.com/Services/1.1#getMetadata"
X-FORWARDED-PROTO: https
X-FORWARDED-PORT: 443
X-ORIGINAL-HOST: <our_service>
X-Original-URL: /soap
X-Forwarded-For: ****
X-ARR-SSL: ****
X-ARR-LOG-ID: 745f02ac-60c7-440f-9c0c-620b73905b39
Content-Length: 803
<?xml version="1.0"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<context xmlns="http://www.sonos.com/Services/1.1">
<timeZone>-4:00</timeZone>
</context>
<credentials xmlns="http://www.sonos.com/Services/1.1">
<loginToken>
<token>d464****</token>
<key>{"Expires":"2019-09-25T14:45:39.2925349Z","RefreshToken":"a0ab****"}</key>
<householdId>Sonos_sIGui81Pzu6Jny5L0ELN0WnJsG</householdId>
</loginToken>
<deviceId>78-28-CA-03-DA-40:B</deviceId>
<deviceProvider>Sonos</deviceProvider>
</credentials>
</s:Header>
<s:Body>
<getMetadata xmlns="http://www.sonos.com/Services/1.1">
<id>root</id>
<index>0</index>
<count>100</count>
</getMetadata>
</s:Body>
</s:Envelope>
到目前为止,一切都按预期进行。但是,当Sonos尝试发出另一个请求时,它恢复为使用旧的身份验证信息:
HTTP/1.1 200 OK
Content-Type: text/xml; charset="utf-8"
Server: Microsoft-IIS/10.0
Date: Wed, 25 Sep 2019 13:45:41 GMT
Content-Length: 4408
<?xml version="1.0" encoding="utf-8"?>
<s:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Body>
<getMetadataResponse xmlns="http://www.sonos.com/Services/1.1">
<getMetadataResult xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<index>0</index>
<count>1</count>
<total>1</total>
<mediaCollection>
DATA
</mediaCollection>
</getMetadataResult>
</getMetadataResponse>
</s:Body>
</s:Envelope>
该令牌仍然过期,并且该刷新令牌现已被使用并被丢弃,因此我们回应说用户必须重新进行身份验证:
POST /soap HTTP/1.1
Connection: Keep-Alive
Content-Type: text/xml; charset="utf-8"
Accept-Encoding: gzip
Host: <our_service>
Max-Forwards: 10
User-Agent: Linux UPnP/1.0 Sonos/52.13-69030 (ZPS13)
X-Sonos-Corr-Id: 813f189e-8a70-41c2-8aaa-c1b117f6045d
SOAPACTION: "http://www.sonos.com/Services/1.1#getMetadata"
X-FORWARDED-PROTO: https
X-FORWARDED-PORT: 443
X-ORIGINAL-HOST: <our_service>
X-Original-URL: /soap
X-Forwarded-For: ****
X-ARR-SSL: ****
X-ARR-LOG-ID: 1158ddfa-df17-4f37-8843-1133566dacbe
Content-Length: 855
<?xml version="1.0"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<credentials xmlns="http://www.sonos.com/Services/1.1">
<deviceId>78-28-CA-03-DA-40:B</deviceId>
<deviceProvider>Sonos</deviceProvider>
<loginToken>
<token>95ce****</token>
<key>{"Expires":"2019-09-24T18:33:58.7093084Z","RefreshToken":"ceaa****"}</key>
<householdId>Sonos_sIGui81Pzu6Jny5L0ELN0WnJsG</householdId>
</loginToken>
</credentials>
<context xmlns="http://www.sonos.com/Services/1.1">
<timeZone>-4:00</timeZone>
</context>
</s:Header>
<s:Body>
<getMetadata xmlns="http://www.sonos.com/Services/1.1">
<id>audiobook:18789269:791128</id>
<index>0</index>
<count>2147483647</count>
<recursive>1</recursive>
</getMetadata>
</s:Body>
</s:Envelope>
我们不确定发生了什么问题,因为Sonos似乎能够识别我们的刷新响应并在第一时间使用新信息。我们需要做些不同的事情吗?
答案 0 :(得分:0)
第一个请求来自Sonos应用程序(由用户代理中的ICRU_iPhone11,8表示)。您的服务会向该应用发送新的凭据,然后该应用会更新它们并向其发出请求。
下一个请求来自家庭中的Sonos播放器(用户代理中的ZPS13)。 Sonos播放器没有新的身份验证信息,因为Sonos应用程序未将新的凭据复制到播放器。在这种情况下,您应该使用相同的刷新令牌处理多个令牌刷新。播放器收到新凭据后,会将其传播到其他播放器和应用。
如果第一个请求来自Sonos播放器,则该播放器将向其他播放器和应用程序发出新的凭据。
我将使用此信息更新Processing Authentication Tokens for API Requests文档。