我们使用 Web 服务器身份验证流程实现了 OAuth 2.0.它在 10 月/11 月运行良好,但突然间它停止了工作.每当我们尝试授权另一个客户端时,服务器都会返回 (400) 带有正文的错误请求
We implemented OAuth 2.0 using Web Server Authentication Flow. It was working fine in October/November but all of a sudden it has stopped working. Whenever we try authorising another client the server return (400) Bad Request with the body
{"error":"unsupported_grant_type","error_description":"grant type not supported"}grant_type 设置为authorization_code,它绝对有效.
grant_type is set as authorization_code which is definitely valid.
OAuth 突然停止工作有什么原因吗?
Is there any reason why OAuth would suddenly stop working?
这是我们实现 OAuth 的方式:
This is how we have implemented OAuth:
第一个用户被定向到:login.salesforce/services/oauth2/authorize?response_type=code&client_id=blah.id&redirect_uri=domain/Web/Salesforce/Callback.aspx&scope=api%20refresh_token
Salesforce 会提示用户登录其帐户.
User is prompted by Salesforce to login to their account.
用户通过身份验证后,Salesforce 调用 Callback.aspx,Callback.aspx 通过向以下地址发出 POST 请求来代表客户端请求刷新令牌:login.salesforce/services/oauth2/token 和有效载荷:
Once user is authenticated Salesforce calls Callback.aspx, Callback.aspx requests refresh token on behalf of the client by making a POST request to: login.salesforce/services/oauth2/token with the payload:
grant_type=authorization_code&code=blah.code&client_id=blah.Id&client_secret=11111111&redirect_uri=domain/Web/Salesforce/Callback.aspx
grant_type=authorization_code&code=blah.code&client_id=blah.Id&client_secret=11111111&redirect_uri=domain/Web/Salesforce/Callback.aspx
内容类型肯定是:application/x-www-form-urlencoded
Content type is definitely: application/x-www-form-urlencoded
推荐答案在摆弄 fiddler 后发现 HTTP POST 有效负载中的 grant_type=authorization_code 之前有一个空格导致了问题.
After lot of fiddling around with fiddler figured out there was a space before grant_type=authorization_code in HTTP POST payload that was causing the issue.
有趣的是,自 7 月以来,代码库中就存在空间,这个问题于 1 月 14 日首次被发现.有可能 Salesforce 修复了错误或进行了内部更改以在 grant_type=authorization_code 之前拒绝空间.
Interestingly that space has been there in code base since July and this issue was first noticed on 14th Jan. It is possible Salesforce fixed a bug or made an internal change to reject space before grant_type=authorization_code.
更多推荐
Salesforce 返回“unsupported
发布评论