问题
My app links to the FitBit API. The users (via my portal) give my app access permission via FitBit's OAUTH API to grab data for the users. All works fine EXCEPT many of my users use a shared computer. FitBit is remembering credentials from the previous user and not prompting for a password when they request permission for access. The end result is that I get the previous user's fitbit associated with the current user. Is there a way to force the actual fitbit login screen (by erasing cookies?) instead of having fitbit remember them? Does anyone know how to do this? I'm using php with the net.manuellemos.oauth oauth package if that matters.
回答1:
The solution was to add requestCredentials=true to the url. So instead of sending them to: https://api.fitbit.com/oauth/authorize?oauth_token={my token}
i send them to: https://api.fitbit.com/oauth/authorize?requestCredentials=true&oauth_token={my token}
if you're using the net.manuellemos.oauth package like i am, this is a change in the oauth_configuration.json file. the fitbit section should now look like this:
"Fitbit":
{
"oauth_version": "1.0a",
"request_token_url": "https://api.fitbit.com/oauth/request_token",
"dialog_url": "https://api.fitbit.com/oauth/authorize?requestCredentials=true",
"access_token_url": "https://api.fitbit.com/oauth/access_token"
},
来源:https://stackoverflow.com/questions/26805399/fitbit-oauth-registration