问题描述
您能指出我正确的方法并将参数设置为:
-
使用PKCE向Postman中的身份端点(https://.../login)发出授权请求 附件中有发送的参数列表。 作为Grant_type值,我使用->授权码 不幸的是,我收到了“错误的请求”,邮递员中的Invalid_grant
我编写了Azure函数的代码来请求访问令牌,但不幸的是,我从令牌端点收到了{“ error”:“ invalid_request”}。 这是我的代码,您能告诉我我在做什么错吗?
[FunctionName("GetAccesstoken")]
public async Task<IActionResult> GetAccesstoken(
[HttpTrigger(AuthorizationLevel.Anonymous,"post",Route = null)] HttpRequest req,ILogger log)
{
try
{
log.Log@R_877_4045@ion("C# HTTP trigger function ''GetAccesstoken'' processed a request.");
string clientSecret = "some secret";
string accesstoken = "";
RequestAccesstoken rT = new RequestAccesstoken();
rT.Code = req.Form["code"];
rT.RedirectUri = req.Form["redirect_uri"];
rT.GrantType = req.Form["grant_type"];
rT.ClientId = req.Form["client_id"];
rT.CodeVerifier = req.Form["code_verifier"];
using (var client = new HttpClient())
{
client.BaseAddress = new Uri("https://<access_token_endpoint_base_uri>");
client.DefaultRequestHeaders
.Accept
.Add(new MediaTypeWithQualityHeaderValue("application/x-www-form-urlencoded"));//ACCEPT header
var body = new { EntityState = new {
code = rT.Code,redirect_uri = rT.RedirectUri,grant_type = rT.GrantType,client_id = rT.ClientId,client_secret = clientSecret,code_verifier = rT.CodeVerifier
} };
var result = await client.PostAsJsonAsync(
"/login",body);
accesstoken = await result.Content.ReadAsstringAsync();
}
return new OkObjectResult(accesstoken);
}
catch (Exception ex)
{
log.Log@R_877_4045@ion(ex.ToString());
return new ObjectResult(ex.ToString()) { StatusCode = 500 };
}
}
解决方法
Steps 4 and 8 of my blog post显示标准PKCE参数。
但是通过Postman之类的工具重现整个流程非常棘手,因为通常还需要遵循重定向并管理用户名和密码的表单发布。