Pinterest's official OAuth2 flow seemingly returns an invalid access token

偶尔善良 提交于 2019-12-30 06:59:32

问题


I followed the Pinterest's instructions to authenticate a user and after completing step 2 I am holding an access token in my hands. However, when I use this access token to make an API call I get the following response:

{"status": "failure", "code": 3, "host": "coreapp-devplatform-devapi-179", "generated_at": "Sat, 26 Sep 2015 15:11:35 +0000", "message": "Authorization failed.", "data": null}

When I use the Token Generator the API calls succeed. In both cases I tried:

https://api.pinterest.com/v1/me/?access_token=<YOUR-ACCESS-TOKEN>

Any ideas?


Update: Zack Argyle from Pinterest just tweeted they are working on a fix on their end. https://twitter.com/zackargyle/status/648547619229138944


回答1:


For those of you who are facing the issue when requesting for access_token in the post request include client_secret too in the 2nd step

https://developers.pinterest.com/docs/api/authentication/

i.e the post params while requesting this end point https://api.pinterest.com/v1/oauth/token will be:

grant_type Must be authorization_code

client_id This is your app ID.

client_secret This is your app Secret

code The authorization code passed to your redirect URI




回答2:


Zack Argyle from Pinterest just tweeted that they deployed a fix which solves the problem I described: https://twitter.com/zackargyle/status/648602180002312192

Summing it up:

  • Follow the instructions on https://developers.pinterest.com/docs/api/authentication/
  • Pass the client_secret not in the first but in the second request
  • Use response_type=code in the first request


来源:https://stackoverflow.com/questions/32798760/pinterests-official-oauth2-flow-seemingly-returns-an-invalid-access-token

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!