在Golang中获取OAuth用户令牌时出现400错误?

huangapple go评论107阅读模式
英文:

400 error getting oauth user token in golang?

问题

我尝试获取 eBay 用户令牌。
我已经在 eBay 中获得了授权码,但无法使用授权码获取用户令牌。
以下是代码:

status := ctx.UserValue("status").(string)
applicationToken := string(ctx.QueryArgs().Peek("code"))
log.Println("ApplicationToken: ", applicationToken)
log.Println("Status: ", status)
if status == "declined" {
    fmt.Printf("用户未授权。返回到您的仪表盘。")
    ctx.Redirect("/dashboard", fasthttp.StatusSeeOther)
}

//var appConfig = config.Config()
client := &http.Client{}

applicationTokenURLEncoded, _ := url.Parse(applicationToken)

body := url.Values{
    "grant_type":   {"authorization_code"},
    "code":         {applicationTokenURLEncoded.String()},
    "redirect_uri": {Runame},
}
reqBody := bytes.NewBufferString(body.Encode())
log.Println("Reqbody: ", reqBody)

req, _ := http.NewRequest("POST", "https://api.sandbox.ebay.com/identity/v1/oauth2/token", reqBody)


authorization := "AppID" + ":" + "CertID"
authorizationBase64 := base64.StdEncoding.EncodeToString([]byte(authorization))

req.Header.Add("Authorization", "Basic "+authorizationBase64)
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
log.Println("Body: ", req)

resp, _ := client.Do(req)
log.Println("resp: ", resp)
log.Println("ResBody: ", resp.Body)

错误信息如下:

错误请求 400
英文:

I tried to get the ebay user token.
I've alreay gotten auth code in ebay, but can't get user token with auth code.
Code is following:

status := ctx.UserValue("status").(string)
applicationToken := string(ctx.QueryArgs().Peek("code"))
log.Println("ApplicationToken: ", applicationToken)
log.Println("Status: ", status)
if status == "declined" {
    fmt.Printf("User doesn't give permission. Go back to your dashboard.")
    ctx.Redirect("/dashboard", fasthttp.StatusSeeOther)
}

//var appConfig = config.Config()
client := &http.Client{}

applicationTokenURLEncoded, _ := url.Parse(applicationToken)

body := url.Values{
    "grant_type":   {"authorization_code"},
    "code":         {applicationTokenURLEncoded.String()},
    "redirect_uri": {Runame},
}
reqBody := bytes.NewBufferString(body.Encode())
log.Println("Reqbody: ", reqBody)

req, _ := http.NewRequest("POST", "https://api.sandbox.ebay.com/identity/v1/oauth2/token", reqBody)


authorization := “AppID” + ":" + “CertID”
authorizationBase64 := base64.StdEncoding.EncodeToString([]byte(authorization))

req.Header.Add("Authorization", "Basic "+authorizationBase64)
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
log.Println("Body: ", req)

resp, _ := client.Do(req)
log.Println("resp: ", resp)
log.Println("ResBody: ", resp.Body)

And the error is like that:

Bad Request 400

答案1

得分: 1

看起来消息的格式不正确(这就是服务器返回“400”的原因)。

当你设置头部时,你写的是:

req.Header.Add("Authorization", "Basic "+authorizationBase64)
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")

Golang有一种很好的内置方法来将授权添加到头部SetBasicAuth,它是http.Request的一个方法。

func (r *Request) SetBasicAuth(username, password string)

SetBasicAuth将请求的Authorization头部设置为使用提供的用户名和密码进行HTTP基本身份验证。

使用HTTP基本身份验证时,提供的用户名和密码不会被加密。

所以,你可以尝试使用SetBasicAuth来代替手动设置Authorization头部:

req.SetBasicAuth("AppID", "CertID")

你之前使用了一个叫做CertID的东西,但我认为你指的是ClientIdClientSecret,分别是用户密码


我不知道这是否是你问题的原因:)。帮助找出问题的一种方法是进行一致的错误检查,看看你的这一行:

applicationTokenURLEncoded, _ := url.Parse(applicationToken)
英文:

I looks like the message isn't formed correctly (which is why the server returns 400).

When you're setting your headers you write:

req.Header.Add("Authorization", "Basic "+authorizationBase64)
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")

Golang has a nice built in way to add Authorization to a Header: SetBasicAuth, which is a method of http.Request.

func (r *Request) SetBasicAuth(username, password string)

> SetBasicAuth sets the request's Authorization header to use HTTP Basic Authentication with the provided username and password.

> With HTTP Basic Authentication the provided username and password are not encrypted.

So instead of setting the Authorization Header manually, you could try:

req.SetBasicAuth("AppID”, “CertID”)

You were using something called CertID, but I think you meant ClientId and ClientSecret -- respectively user and password

<hr>

I don't know if this is the cause of your problem :). One way to help find out, is consistent error checking, see your line:

applicationTokenURLEncoded, _ := url.Parse(applicationToken)

huangapple
  • 本文由 发表于 2017年5月1日 21:48:17
  • 转载请务必保留本文链接:https://go.coder-hub.com/43720183.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定