ibm-connections - 请求访问令牌失败，原因是：缺少参数代码，但属性列表有一个名为代码的属性？

Question

我正在对我的 GAE 应用程序和我们的 Connections4 测试环境之间的 OAuth2.0 流进行故障排除。在 Connections 服务器上启用跟踪后，我看到以下几行：

{_status: 1 _attributeList: {{name: request_type type: urn:ibm:names:oauth:request values: [access_token]},{name: client_id type: urn:ibm:names:oauth:param values: [socialdms4g]},{name: callback_uri type: urn:ibm:names:query:param values: [https://eog-fire-ice.appspot.com/socialdms]},{name: client_id type: urn:ibm:names:query:param values: [socialdms4g]},{name: code type: urn:ibm:names:query:param values: [Pb2JtuOb1UkgPyV6aT1LflZ12B6kL1]},{name: client_secret type: urn:ibm:names:query:param values: [REMOVED]},{name: grant_type type: urn:ibm:names:query:param values: [authorization_code]}} _cause: com.ibm.oauth.core.api.error.oauth20.OAuth20MissingParameterException: A required runtime parameter was missing: code}
[12-12-12 16:15:08:680 CET] 000000e8 CachedDBToken 3   processing exception with OAuthResult: invalid_request
[12-12-12 16:15:08:680 CET] 000000e8 CachedDBToken <  handleResultException Exit
                             {_status: 1 _attributeList: {{name: request_type type: urn:ibm:names:oauth:request values: [access_token]},{name: client_id type: urn:ibm:names:oauth:param values: [socialdms4g]},{name: callback_uri type: urn:ibm:names:query:param values: [https://eog-fire-ice.appspot.com/socialdms]},{name: client_id type: urn:ibm:names:query:param values: [socialdms4g]},{name: code type: urn:ibm:names:query:param values: [Pb2JtuOb1UkgPyV6aT1LflZ12B6kL1]},{name: client_secret type: urn:ibm:names:query:param values: [REMOVED]},{name: grant_type type: urn:ibm:names:query:param values: [authorization_code]}} _cause: com.ibm.oauth.core.api.error.oauth20.OAuth20MissingParameterException: A required runtime parameter was missing: code}
[12-12-12 16:15:08:680 CET] 000000e8 OAuth20Endpoi <  processTokenRequest Exit

用于调用此序列的 url 包含一个代码（和所有其他）参数。

这可能是什么原因，甚至更好，我该如何解决这个问题？

Answer 1

至少我们可以很容易地看出问题所在:) com.ibm.oauth.core.api.error.oauth20.OAuth20MissingParameterException: A required runtime parameter was missing: code

代码是应在请求中发送以获取访问令牌的参数之一。搜索 SDK 的 src 代码，看起来应该一直在 OAuth2Handler.getAccessTokenForAuthorizedUser() 中发送。是这样称呼的吗？

Answer 2

@红球

这就是我们今天的工作

redirectURL = "/oauth2/endpoint/connectionsProvider/authorize?response_type=code&_oauth_client_auto_authorize=true&client_id="+AppId+"&callback_uri="+CallbackUrl;

其中 AppId 和 CallBackUrl 特定于您的应用程序。

在你的 callBackUrl Servlet 的 doGet 中，使用这个帮助类

com.ibm.sbt.security.authentication.oauth.consumer.OAuth2Handler

我们已经这样做了

OAuth2Handler oAuth2Handler = new OAuth2Handler();
logger.warning("WARNING Always trusting SSL certificate !!");
oAuth2Handler.setForceTrustSSLCertificate(true);
logger.fine("getting accesstoken...");
oAuth2Handler.setClient_uri(CallbackUrl);

oAuth2Handler.setConsumerKey(AppId);
oAuth2Handler.setAuthorization_code(code);
oAuth2Handler.setConsumerSecret(AppSecret);
oAuth2Handler.setAccessTokenURL(AccessTokenUrl);

logger.fine("getting token using GET...");
oAuth2Handler.getAccessTokenForAuthorizedUser();
String accessToken = oAuth2Handler.getAccessToken();
String expiresIn = oAuth2Handler.getExpiresIn()
String refreshToken = oAuth2Handler.getRefreshToken();