App Id or redirect_uri does not match authorization code.
由於我是OAuth和應用程序開發人員,所以我認爲這個錯誤(大部分時間)都在我身邊。我的應用程序有一個按鈕(登錄),用於指導用戶通過OAuth在Misfit API(https://build.misfit.com/)上登錄的webview。一旦他同意與我的應用程序分享他的Misfit數據,webview希望將他重定向到我的redirect_uri,但我總是得到上述錯誤消息。下面是OAuthActivity代碼:OAuth:應用程序ID或redirect_uri與授權碼不匹配
public class OAuthActivity extends Activity {
public static String OAUTH_URL = "https://api.misfitwearables.com/auth/dialog/authorize";
public static String OAUTH_ACCESS_TOKEN_URL = "https://api.misfitwearables.com/auth/tokens/exchange";
public static String CLIENT_ID = "ID";
public static String CLIENT_SECRET = "Secret";
public static String CALLBACK_URL = "http://iss.uni-saarland.de/";
public static String SCOPE = "public,birthday,email,tracking,session,sleeps";
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_auth_o);
String url = OAUTH_URL + "?response_type=code" +"&client_id=" + CLIENT_ID + "&redirect_uri=" + CALLBACK_URL + "&scope=" + SCOPE;
WebView webview = (WebView)findViewById(R.id.webview);
webview.getSettings().setJavaScriptEnabled(true);
final SharedPreferences prefs = this.getSharedPreferences(
"com.iss_fitness.myapplication", Context.MODE_PRIVATE);
webview.setWebViewClient(new WebViewClient() {
public void onPageStarted(WebView view, String url, Bitmap favicon) {
String accessTokenFragment = "access_token=";
String accessCodeFragment = "code=";
// We hijack the GET request to extract the OAuth parameters
if (url.contains(accessTokenFragment)) {
// the GET request contains directly the token
String accessToken = url.substring(url.indexOf(accessTokenFragment));
prefs.edit().putString("Token", accessToken);
} else if(url.contains(accessCodeFragment)) {
// the GET request contains an authorization code
String accessCode = url.substring(url.indexOf(accessCodeFragment));
prefs.edit().putString("Code", accessCode);
String query = "grant_type=authorization_code" + "&client_id=" + CLIENT_ID + "&client_secret=" + CLIENT_SECRET + "&code=" + accessCode + "&redirect_uri=" + CALLBACK_URL;
view.postUrl(OAUTH_ACCESS_TOKEN_URL, query.getBytes());
}
}
});
webview.loadUrl(url);
}
}
我知道這是某種程度上應該劫持授權URL獲得accesscode,如果不可用,嘗試獲得令牌。有些人打算在把我帶到我的redirect_uri之前打斷這個活動,但我不知道該怎麼做。
基於答案的其他信息: - Misfit應用程序設置中的註冊重定向URI是我在我的代碼中使用的重定向URI。 - 我爲應用程序構建了一個Intent處理程序,以便在調用重定向URI時開始其主要活動。
==========================================
IN REST客戶端我得到了相同>>>>
POST: https://api.misfitwearables.com/auth/tokens/exchange
REQUEST:
{
"grant_type":"authorization_code",
"code":{{USER CODE FROM AUTH}},
"redirect_uri":"SAME REDIRECT_URI AS IN AUTH",
"client_id":{{my app id}},
"client_secret":{{my app secret}}
}
RESPONSE:
{
"error": "invalid_grant",
"error_description": "App Id or redirect_uri does not match authorization code"
}
感謝您的回覆,但我已經這樣做了。這就是我想知道的原因,錯誤可能來自哪裏。 – FuriousFry