facebook - Facebook 移动 OAuth 重定向_uri

问问题 2012-07-11T01:51:16.867

2734 次

0

承认经过身份验证的推荐机制当前不适用于 Facebook 应用程序的移动 Web 设置，我遇到了基于返回代码验证访问令牌的问题。

我试图获取访问令牌的 URL 是： https ://staging.fanhood.com/facebook/mobile/challenge?fh_gameChallengeID=2678&ref=web_canvas&refid=9&refsrc=http://apps.facebook.com/fanhood-开发/挑战&返回=真

这是访问者在通过此 URL 进行预身份验证后发送到的 URL：http ://apps.facebook.com/fanhood-dev/challenge?fh_gameChallengeID=2678 。但是，与常规的经过身份验证的引用不同，没有额外的数据传递到 URL 中，因此应用程序可以缩短 oauth 重定向循环。

此时，我将访问者重定向到移动 OAuth 对话框以对其进行身份验证： http://m.facebook.com/dialog/oauth?client_id=250258605018414&redirect_uri=https%3A%2F%2Fstaging.fanhood.com%2Ffacebook %2Fmobile%2Fchallenge%3Ffh_gameChallengeID%3D2678%26ref%3Dweb_canvas%26refid%3D9%26refsrc%3Dhttp%3A%2F%2Fapps.facebook.com%2Ffanhood-dev%2Fchallenge%26returned%3Dtrue&scope=email%2Cfriends_about_me%2Cfriends_education_history_interest%2Cfriends_education_friends_interest%2 %2Cfriends_likes%2Cfriends_location%2Coffline_access%2Cpublish_actions%2Cpublish_stream%2Cuser_activities%2Cuser_birthday%2Cuser_education_history%2Cuser_hometown%2Cuser_games_activity%2Cuser_interests%2Cuser_likes%2Cuser_location&response_type=code&display=touch

当用户被重定向回来时，我确实收到了一个代码来交换：

Code: AQBCH25OC57BiMBgj3rCKGhkFi0ypp0R8e2yKGwFfhml9x1B47-w2Baex8oZ3BKgb2NhziRnSIuJ1MV9hErKBUhu0YqxaonwFF_7mcqozwpy3Ch08rkNh-YEIa6HV_LHxl6pymfkAbQEMgSA6F4BdtINsCQ7QlLpcRwrZWkzxZVyJbJDnqOesB3zFLr5ohpgtpQ

但是，我目前没有任何交换此代码的请求有效。我正在尝试不同的 redirect_uri 格式变体，但都不起作用：

原始 URL 为 redirect_uri：

我有一种机制可以去除特定的查询参数，按字母顺序重新排序，然后重新组合，以便 redirect_uris 在请求之间保持一致。在这种情况下，redirect_uri 与传递给对话 URL 的内容完全匹配： https ://staging.fanhood.com/facebook/mobile/challenge?fh_gameChallengeID=2678&ref=web_canvas&refid=9&refsrc=http://apps.facebook.com /fanhood-dev/challenge&returned=true == https://staging.fanhood.com/facebook/mobile/challenge?fh_gameChallengeID=2678&ref=web_canvas&refid=9&refsrc=http://apps.facebook.com/fanhood-dev/challenge&returned=真的

https://graph.facebook.com/oauth/access_token?client_id=250258605018414&client_secret=xxx&redirect_uri=https%3A%2F%2Fstaging.fanhood.com%2Ffacebook%2Fmobile%2Fchallenge%3Ffh_gameChallengeID%3D2678%26ref%3Dweb_canvas%26refid%3D9% 26refsrc%3Dhttp%3A%2F%2Fapps.facebook.com%2Ffanhood-dev%2Fchallenge%26returned%3Dtrue&code=AQBCH25OC57BiMBgj3rCKGhkFi0ypp0R8e2yKGwFfhml9x1B47-w2Baex8oZ3BKgb2NhziRnSIuJ1MV9hErKBUhu0YqxaonwFF_7mcqozwpy3Ch08rkNh-YEIa6HV_LHxl6pymfkAbQEMgSA6F4BdtINsCQ7QlLpcRwrZWkzxZVyJbJDnqOesB3zFLr5ohpgtpQ&access_token=250258605018414%7C65adc2f073d3c901d02a7329c6acba21

对经过身份验证的推荐的空白 redirect_uri 尝试：

https://graph.facebook.com/oauth/access_token?client_id=250258605018414&client_secret=xxx&redirect_uri=&code=AQBCH25OC57BiMBgj3rCKGhkFi0ypp0R8e2yKGwFfhml9x1B47-w2Baex8oZ3BKgb2NhziRnSIuJ1MV9hErKBUhu0YqxaonwFF_7mcqozwpy3Ch08rkNh-YEIa6HV_LHxl6pymfkAbQEMgSA6F4BdtINsCQ7QlLpcRwrZWkzxZVyJbJDnqOesB3zFLr5ohpgtpQ&access_token=250258605018414%7C65adc2f073d3c901d02a7329c6acba21

redirect_uri 结构为我们的移动画布 URL：

https://graph.facebook.com/oauth/access_token?client_id=250258605018414&client_secret=xxx&redirect_uri=https%3A%2F%2Fm.facebook.com%2Fapps%2Ffanhood-dev%2Fchallenge%3Ffh_gameChallengeID%3D2678%26ref%3Dweb_canvas%26refid% 3D9%26refsrc%3Dhttp%3A%2F%2Fapps.facebook.com%2Ffanhood-dev%2Fchallenge%26returned%3Dtrue&code=AQBCH25OC57BiMBgj3rCKGhkFi0ypp0R8e2yKGwFfhml9x1B47-w2Baex8oZ3BKgb2NhziRnSIuJ1MV9hErKBUhu0YqxaonwFF_7mcqozwpy3Ch08rkNh-YEIa6HV_LHxl6pymfkAbQEMgSA6F4BdtINsCQ7QlLpcRwrZWkzxZVyJbJDnqOesB3zFLr5ohpgtpQ&access_token=250258605018414%7C65adc2f073d3c901d02a7329c6acba21

redirect_uri 结构为我们的画布 URL：

https://graph.facebook.com/oauth/access_token?client_id=250258605018414&client_secret=xxx&redirect_uri=https%3A%2F%2Fapps.facebook.com%2Ffanhood-dev%2Fchallenge%3Ffh_gameChallengeID%3D2678%26ref%3Dweb_canvas%26refid%3D9% 26refsrc%3Dhttp%3A%2F%2Fapps.facebook.com%2Ffanhood-dev%2Fchallenge%26returned%3Dtrue&code=AQBCH25OC57BiMBgj3rCKGhkFi0ypp0R8e2yKGwFfhml9x1B47-w2Baex8oZ3BKgb2NhziRnSIuJ1MV9hErKBUhu0YqxaonwFF_7mcqozwpy3Ch08rkNh-YEIa6HV_LHxl6pymfkAbQEMgSA6F4BdtINsCQ7QlLpcRwrZWkzxZVyJbJDnqOesB3zFLr5ohpgtpQ&access_token=250258605018414%7C65adc2f073d3c901d02a7329c6acba21

有谁知道 Facebook 用于移动 OAuth 请求的 redirect_uri 格式？如果支持查询参数？这个相同的 URL 适用于我们的常规画布应用程序，但不适用于我们的移动版本。

1 回答 1

1

请参阅Authenticated Referrals & Server-Side Auth Flow -什么是redirect_uri？

当我在 &code=... 之后剥离 request_uri 部分时，它开始工作。

于 2012-08-16T13:21:31.980 回答