注意事项

令牌在示例代码和日志中被截断。

环境

/app # uname -a
Linux 962304bb1640 4.15.0-123-generic #126-Ubuntu SMP Wed Oct 21 09:40:11 UTC 2020 x86_64 Linux
/app # ruby -v
ruby 2.7.1p83 (2020-03-31 revision a0c7c23c9c) [x86_64-linux-musl]

oauth2 gem
https://github.com/oauth-xx/oauth2.git
revision: f60af5fcb203cf502352e648ff68738863e4e128
branch: master

访问令牌

我使用 OAuth2 gem 来获取访问令牌，这工作正常。

class AuthorizationsController < ApplicationController
...
...

  def callback
    token =
      client.auth_code.get_token(
        params[:code],{ headers: { "Authorization" => basic_auth } }
      )
...
...

  end

token 是这样的。

token.to_hash
=> {"token_type"=>"bearer",:access_token=>
  "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJheXZyaSIsInRva2VuX3VzZSI6ImJlYXJlciIsInN1YiI6Ij...",:refresh_token=>
  "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJheXZyaSIsInRva2VuX3VzZSI6InJlZnJlc2giLCJzdWIiOi...",:expires_at=>1612237875}

令牌有效期为1周，截至发稿时间未过期。

创建活动

这是我的问题。我想使用此令牌创建一个活动，尽管我收到一条异常消息，显示“无法对提供的访问令牌进行身份验证”。

ENV['OAUTH_DEBUG'] = "true"
client = OAuth2::Client.new(
  Rails.application.credentials.dig(*%i[ayvri client_id]),Rails.application.credentials.dig(*%i[ayvri client_secret]),authorize_url: "https://ayvri.com/authorize",token_url: "https://api.ayvri.com/2.0/token",redirect_uri: app.callback_authorizations_url
)

unless token.expired?
  params = {
    title: 'UTMB 2017',activityType: 'Run',}
  response = token.post("https://api.ayvri.com/2.0/activity",{body: params})
end

输出日志

I,[2021-01-26T15:55:54.561592 #965]  INFO -- request: POST https://api.ayvri.com/2.0/activity
I,[2021-01-26T15:55:54.561742 #965]  INFO -- request: User-Agent: "Faraday v1.3.0"
Authorization: "Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJheXZyaSIsInRva2VuX3VzZSI6ImJlYXJlciIsInN1YiI6IjBlOWs0bHk1b3IiLCJpYXQiO..."
I,[2021-01-26T15:55:54.561975 #965]  INFO -- request: {:title=>"UTMB 2017",:activityType=>"Run"}

I,[2021-01-26T15:55:55.398971 #965]  INFO -- response: Status 401
I,[2021-01-26T15:55:55.399142 #965]  INFO -- response: content-type: "application/json"
content-length: "64"
connection: "keep-alive"
date: "Tue,26 Jan 2021 06:55:55 GMT"
x-amzn-requestid: "9c522a39-befa-469f-9563-baaabfaca45d"
access-control-allow-origin: "*"
access-control-allow-headers: "Content-Type,Access-Control-Allow-Headers,Authorization"
x-amz-apigw-id: "Zvp3RFQ-IAMFzqw="
access-control-allow-methods: "GET,POST,PUT,DELETE,OPTIONS"
x-amzn-trace-id: "Root=1-600fbcfb-4c483b235f5f993a53a0ee41;Sampled=0"
access-control-allow-credentials: "true"
x-cache: "Error from cloudfront"
via: "1.1 0198484efdfb6612326e72597ca8e155.cloudfront.net (CloudFront)"
x-amz-cf-pop: "NRT51-C4"
x-amz-cf-id: "DO-T1I7Ju0ksBt-aYNb3OwgzyvPvX3rOjx-hTtwnfr9bNK7bDYX3nQ=="
I,[2021-01-26T15:55:55.399246 #965]  INFO -- response: {"error":"The supplied access token Could not be authenticated"}
OAuth2::Error: The supplied access token Could not be authenticated:
{"error":"The supplied access token Could not be authenticated"}
from /usr/local/bundle/bundler/gems/oauth2-f60af5fcb203/lib/oauth2/client.rb:122:in `request'

我什至检查了the raw resopnse，我看到了

• 正在发布到 https://api.ayvri.com/2.0/activity
• 有授权承载令牌
• 具有带参数 activityType=Run&title=UTMB+2017 的正文
• 在参数中有必需的activityType

[4] pry(#<OAuth2::Client>)> response
=> #<Faraday::Response:0x0000564e34a62a88
 @env=
  #<struct Faraday::Env
   method=:post,request_body="activityType=Run&title=UTMB+2017",url=#<URI::HTTPS https://api.ayvri.com/2.0/activity>,request=
    #<struct Faraday::RequestOptions
     params_encoder=nil,proxy=nil,bind=nil,timeout=nil,open_timeout=nil,read_timeout=nil,write_timeout=nil,boundary=nil,oauth=nil,context=nil,on_data=nil>,request_headers=
    {"User-Agent"=>"Faraday v1.3.0","Authorization"=>
      "Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJheXZyaSIsInRva2VuX3VzZSI6ImJlYXJlciIsInN1YiI6IjB...","Content-Type"=>"application/x-www-form-urlencoded"},ssl=
    #<struct Faraday::SSLOptions
     verify=true,ca_file=nil,ca_path=nil,verify_mode=nil,cert_store=nil,client_cert=nil,client_key=nil,certificate=nil,private_key=nil,verify_depth=nil,version=nil,min_version=nil,max_version=nil>,parallel_manager=nil,params=nil,response=#<Faraday::Response:0x0000564e34a62a88 ...>,response_headers=
    {"content-type"=>"application/json","content-length"=>"64","connection"=>"keep-alive","date"=>"Tue,26 Jan 2021 07:07:45 GMT","x-amzn-requestid"=>"b6a27a4f-8e86-43fb-9e10-96b28b66e63f","access-control-allow-origin"=>"*","access-control-allow-headers"=>"Content-Type,Authorization","x-amz-apigw-id"=>"ZvrmKF91IAMFRDw=","access-control-allow-methods"=>"GET,OPTIONS","x-amzn-trace-id"=>"Root=1-600fbfc0-537d25ad7c8f14b350b82ea8;Sampled=0","access-control-allow-credentials"=>"true","x-cache"=>"Error from cloudfront","via"=>"1.1 2af48e97e27ed492daf3cb301cbc8df8.cloudfront.net (CloudFront)","x-amz-cf-pop"=>"NRT51-C4","x-amz-cf-id"=>"02GI4nYZtvzuwU4yD5aM3kHTVyUQInHhrDgaKodFn3p0lj77OzILWA=="},status=401,reason_phrase="Unauthorized",response_body="{\"error\":\"The supplied access token Could not be authenticated\"}">,@on_complete_callbacks=[]>

我也尝试过使用原始法拉第，但这也给了我同样的错误。

response = Faraday.post(
  "https://api.ayvri.com/2.0/activity",{activityType: 'Run'},{Authorization: "Bearer #{token.token}"}
)

我的访问令牌如何无效？

解决方法

暂无找到可以解决该程序问题的有效方法，小编努力寻找整理中！

如果你已经找到好的解决方法，欢迎将解决方案带上本链接一起发送给小编。

小编邮箱:dio#foxmail.com (将#修改为@）