【问题标题】:Facebook mobile OAuth redirect_uriFacebook 移动 OAuth 重定向_uri
【发布时间】:2012-07-10 14:06:30
【问题描述】:

确认经过身份验证的推荐机制是 currently not working with the mobile web settings for Facebook applications,我遇到了根据返回的代码验证访问令牌的问题。

我试图获取访问令牌的 URL 是: https://staging.fanhood.com/facebook/mobile/challenge?fh_gameChallengeID=2678&ref=web_canvas&refid=9&refsrc=http://apps.facebook.com/fanhood-dev/challenge&returned=true

这是访问者在通过此 URL 进行预身份验证后被发送到的 URL:http://apps.facebook.com/fanhood-dev/challenge?fh_gameChallengeID=2678。但是,与常规的经过身份验证的引用不同,没有额外的数据传递到 URL 中,因此应用程序可以缩短 oauth 重定向循环。

此时,我将访问者重定向到移动 OAuth 对话框以对其进行身份验证: http://m.facebook.com/dialog/oauth?client_id=250258605018414&redirect_uri=https%3A%2F%2Fstaging.fanhood.com%2Ffacebook%2Fmobile%2Fchallenge%3Ffh_gameChallengeID%3D2678%26ref%3Dweb_canvas%26refid%3D9%26refsrc%3Dhttp%3A%2F%2Fapps.facebook.com%2Ffanhood-dev%2Fchallenge%26returned%3Dtrue&scope=email%2Cfriends_about_me%2Cfriends_education_history%2Cfriends_hometown%2Cfriends_interests%2Cfriends_likes%2Cfriends_location%2Coffline_access%2Cpublish_actions%2Cpublish_stream%2Cuser_activities%2Cuser_birthday%2Cuser_education_history%2Cuser_hometown%2Cuser_games_activity%2Cuser_interests%2Cuser_likes%2Cuser_location&response_type=code&display=touch

当用户被重定向回来时,我确实收到了要交换的代码:

编码:AQBCH25OC57BiMBgj3rCKGhkFi0ypp0R8e2yKGwFfhml9x1B47-w2Baex8oZ3BKgb2NhziRnSIuJ1MV9hErKBUhu0YqxaonwFF_7mcqozwpy3Ch08rkNh-YEIa6HV_LHxl6pymfkAbQEMgSA6F4BdtINsCQ7QlLpcRwrZWkzxZVyJbJDnqOesB3zFLr5ohpgtpQ P>

但是,我交换此代码的请求目前均无效。我正在尝试不同的 redirect_uri 格式变体,但都不起作用:

作为redirect_uri的原始URL:

我有一种机制可以去除特定的查询参数,按字母顺序重新排序,然后重新组合,以便 redirect_uris 在请求之间保持一致。 在这种情况下,redirect_uri 与传递给对话 URL 的内容完全匹配: https://staging.fanhood.com/facebook/mobile/challenge?fh_gameChallengeID=2678&ref=web_canvas&refid=9&refsrc=http://apps.facebook.com/fanhood-dev/challenge&returned=true == https://staging.fanhood.com/facebook/mobile/challenge?fh_gameChallengeID=2678&ref=web_canvas&refid=9&refsrc=http://apps.facebook.com/fanhood-dev/challenge&returned=true

https://graph.facebook.com/oauth/access_token?client_id=250258605018414&client_secret=xxx&redirect_uri=https%3A%2F%2Fstaging.fanhood.com%2Ffacebook%2Fmobile%2Fchallenge%3Ffh_gameChallengeID%3D2678%26ref%3Dweb_canvas%26refid%3D9%26refsrc%3Dhttp%3A%2F%2Fapps.facebook.com%2Ffanhood-dev%2Fchallenge%26returned%3Dtrue&code=AQBCH25OC57BiMBgj3rCKGhkFi0ypp0R8e2yKGwFfhml9x1B47-w2Baex8oZ3BKgb2NhziRnSIuJ1MV9hErKBUhu0YqxaonwFF_7mcqozwpy3Ch08rkNh-YEIa6HV_LHxl6pymfkAbQEMgSA6F4BdtINsCQ7QlLpcRwrZWkzxZVyJbJDnqOesB3zFLr5ohpgtpQ&access_token=250258605018414%7C65adc2f073d3c901d02a7329c6acba21

对经过身份验证的推荐的空白 redirect_uri 尝试:

https://graph.facebook.com/oauth/access_token?client_id=250258605018414&client_secret=xxx&redirect_uri=&code=AQBCH25OC57BiMBgj3rCKGhkFi0ypp0R8e2yKGwFfhml9x1B47-w2Baex8oZ3BKgb2NhziRnSIuJ1MV9hErKBUhu0YqxaonwFF_7mcqozwpy3Ch08rkNh-YEIa6HV_LHxl6pymfkAbQEMgSA6F4BdtINsCQ7QlLpcRwrZWkzxZVyJbJDnqOesB3zFLr5ohpgtpQ&access_token=250258605018414%7C65adc2f073d3c901d02a7329c6acba21

redirect_uri 结构为我们的移动画布 URL:

https://graph.facebook.com/oauth/access_token?client_id=250258605018414&client_secret=xxx&redirect_uri=https%3A%2F%2Fm.facebook.com%2Fapps%2Ffanhood-dev%2Fchallenge%3Ffh_gameChallengeID%3D2678%26ref%3Dweb_canvas%26refid%3D9%26refsrc%3Dhttp%3A%2F%2Fapps.facebook.com%2Ffanhood-dev%2Fchallenge%26returned%3Dtrue&code=AQBCH25OC57BiMBgj3rCKGhkFi0ypp0R8e2yKGwFfhml9x1B47-w2Baex8oZ3BKgb2NhziRnSIuJ1MV9hErKBUhu0YqxaonwFF_7mcqozwpy3Ch08rkNh-YEIa6HV_LHxl6pymfkAbQEMgSA6F4BdtINsCQ7QlLpcRwrZWkzxZVyJbJDnqOesB3zFLr5ohpgtpQ&access_token=250258605018414%7C65adc2f073d3c901d02a7329c6acba21

redirect_uri 结构为我们的画布 URL:

https://graph.facebook.com/oauth/access_token?client_id=250258605018414&client_secret=xxx&redirect_uri=https%3A%2F%2Fapps.facebook.com%2Ffanhood-dev%2Fchallenge%3Ffh_gameChallengeID%3D2678%26ref%3Dweb_canvas%26refid%3D9%26refsrc%3Dhttp%3A%2F%2Fapps.facebook.com%2Ffanhood-dev%2Fchallenge%26returned%3Dtrue&code=AQBCH25OC57BiMBgj3rCKGhkFi0ypp0R8e2yKGwFfhml9x1B47-w2Baex8oZ3BKgb2NhziRnSIuJ1MV9hErKBUhu0YqxaonwFF_7mcqozwpy3Ch08rkNh-YEIa6HV_LHxl6pymfkAbQEMgSA6F4BdtINsCQ7QlLpcRwrZWkzxZVyJbJDnqOesB3zFLr5ohpgtpQ&access_token=250258605018414%7C65adc2f073d3c901d02a7329c6acba21

有人知道 Facebook 用于移动 OAuth 请求的 redirect_uri 格式吗?如果支持查询参数?同样的 URL 适用于我们的常规画布应用程序,但不适用于我们的移动版本。

【问题讨论】:

    标签: facebook mobile-website facebook-oauth


    【解决方案1】:

    Authenticated Referrals & Server-Side Auth Flow - What is the redirect_uri?

    当我在 &code=... 之后剥离 request_uri 部分时,它开始工作了。

    【讨论】:

    • 谢谢,为了解决这个问题,我实施了源自我的服务器的二级重定向,但使用原始请求 URL 并剥离 &code= 之后的所有内容。
    猜你喜欢
    • 2015-02-25
    • 2018-10-13
    • 2011-05-27
    • 2011-09-23
    • 2017-08-13
    • 2012-03-31
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    相关资源
    最近更新 更多