(400) 错误请求：获取 Salesforce 错误的 AccessToken：“invalid_grant”

Question

我正在使用带有以下代码的 azure 函数 - 当我在本地运行 azure fucntion 时一切正常，但部署后我遇到错误

{"error":"invalid_grant","error_description":"身份验证失败"}

功能代码-

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.SystemDefault | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12;
                HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Post, "tokenURL");
                var keyValues = new List<KeyValuePair<string, string>>();
                keyValues.Add(new KeyValuePair<string, string>("grant_type", "password"));
                keyValues.Add(new KeyValuePair<string, string>("client_id", "clientID"));
                keyValues.Add(new KeyValuePair<string, string>("client_secret", "clientSecret"));
                keyValues.Add(new KeyValuePair<string, string>("username", "userName"));
                keyValues.Add(new KeyValuePair<string, string>("password", "password"));

                request.Content = new FormUrlEncodedContent(keyValues);
                request.Content.Headers.ContentType = new MediaTypeHeaderValue("application/x-www-form-urlencoded");
                HttpResponseMessage response = await httpClient.SendAsync(request);

                    string respContent = await response.Content.ReadAsStringAsync();
                    var oauthResponse = JsonConvert.DeserializeObject<Dictionary<string, string>>(respContent);
                    string token = oauthResponse["access_token"];

salesforce 是否需要任何其他设置？

修改连接的应用程序：（编辑策略）放宽 IP 限制

Permitted Usersto“所有用户都可以自行授权”

Answer 1

这是我们在 Azure Functions 中按预期工作的内容。 ISalesforceConfigSettings 不是来自任何库，它是我们自己的手写接口，其实现从环境变量中读取值。

    /// <summary>
    /// Gets the Salesforce access token given the client_id, secret, username and password.
    /// </summary>
    /// <param name="log">Tracewriter log</param>
    /// <param name="_settings">ISalesforceConfigSettings _settings</param>
    /// <returns>A Salesforce access token</returns>
    private async string GetSalesforceAccessToken(TraceWriter log, ISalesforceConfigSettings _settings)
    {
        var httpClient = new HttpClient();

        ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls12;

        // Create Request Body
        var formContent = new FormUrlEncodedContent(new[]
        {
            new KeyValuePair<string, string>("client_id", _settings.SalesforceClientId),
            new KeyValuePair<string, string>("client_secret", _settings.SalesforceClientSecret),
            new KeyValuePair<string, string>("username", _settings.SalesforceUserName),
            new KeyValuePair<string, string>("password", _settings.SalesforcePassword),
            new KeyValuePair<string, string>("grant_type", _settings.SalesforceGrantType)
        });

        try
        {
            // Call to get access token
            var loginResponse = await httpClient.PostAsync(_settings.SalesforceLoginUrl, formContent);
            var loginResponseString = await loginResponse.Content.ReadAsStringAsync();

            // Log Login Response
            log.Info(loginResponseString);

            // Extract Access Token
           return JsonConvert
                .DeserializeObject<SalesforceLoginResponse>(loginResponseString)
                .AccessToken;
        }
        catch (Exception ex)
        {
            log.Error(ex.Message);
            throw;
        }
    }

以防万一您想知道SalesforceLoginResponse 类是什么...

using Newtonsoft.Json;

namespace Models.Salesforce
{
    public class SalesforceLoginResponse
    {
        [JsonProperty("access_token")]
        public string AccessToken { get; set; }
    }
}