从阅读各种文档来看,oauth2 提供者似乎可以选择需要授权来刷新令牌请求。我正在使用似乎需要授权的 FitBit API。
我正在按照此处的说明刷新令牌requests-oauthlib
:
https ://requests-oauthlib.readthedocs.io/en/latest/oauth2_workflow.html#refreshing-tokens
一些设置代码(不是我使用的,但你明白了:
>>> token = {
... 'access_token': 'eswfld123kjhn1v5423',
... 'refresh_token': 'asdfkljh23490sdf',
... 'token_type': 'Bearer',
... 'expires_in': '-30', # initially 3600, need to be updated by you
... }
>>> client_id = r'foo'
>>> refresh_url = 'https://provider.com/token'
>>> protected_url = 'https://provider.com/secret'
>>> # most providers will ask you for extra credentials to be passed along
>>> # when refreshing tokens, usually for authentication purposes.
>>> extra = {
... 'client_id': client_id,
... 'client_secret': r'potato',
... }
>>> # After updating the token you will most likely want to save it.
>>> def token_saver(token):
... # save token in database / session
from requests_oauthlib import OAuth2Session
client = OAuth2Session(client_id, token=token, auto_refresh_url=refresh_url,
auto_refresh_kwargs=extra, token_updater=token_saver)
r = client.get(protected_url)
但是,通过这个电话,我得到:
MissingTokenError: (missing_token) Missing access token parameter.
我知道我的令牌已过期,但为什么刷新不起作用?