LinkedIn API 获取 /v2/me returns "Unpermitted fields present in PARAMETER"
LinkedIn API get /v2/me returns "Unpermitted fields present in PARAMETER"
问题
我正在尝试 运行 requests-OAuth2 LinkedIn 示例。我已经能够解决示例过时的一些问题,但似乎无法将最后一行正确地设置为 运行。
来自 运行ning 程序的响应 object 内容:
b'{"serviceErrorCode":100,"message":"Unpermitted fields present in PARAMETER: Data Processing Exception while processing fields [/access_token]","status":403}
系统和版本
- Python 3.6.8
- 请求 2.22.0
- requests-oauthlib 1.2.0
运行 一切都通过终端。
尝试
- 首先应用程序设置有正确的权限
r_liteprofile。
- 我确认我正在使用正确的范围进行身份验证。
- 我试过向 get 请求添加各种 headers。
- 我控制台打印了请求中的PARAMETERS变量的内容object,发现它是一个空字典。
代码
我添加了评论来解释我对 requests-oauthlib 网站上的股票教程所做的更改。
os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'
from requests_oauthlib import OAuth2Session
from requests_oauthlib.compliance_fixes import linkedin_compliance_fix
# Credentials you get from registering a new application
client_id = vault.CLIENT_ID
client_secret = vault.CLIENT_SECRET
# CHANGE: Scope is necessary to avoid permission errors
scope = ['r_liteprofile', 'r_emailaddress', 'w_member_social']
redirect_url = 'http://127.0.0.1'
# OAuth endpoints given in the LinkedIn API documentation (you can check for the latest updates)
# CHANGE: updated urls
authorization_base_url = 'https://www.linkedin.com/oauth/v2/authorization'
token_url = 'https://www.linkedin.com/oauth/v2/accessToken'
# Authorized Redirect URL (from LinkedIn configuration)
# CHANGE: added scope argument to OAuth2Session init method
linkedin = OAuth2Session(client_id, redirect_uri=redirect_url, scope=scope)
linkedin = linkedin_compliance_fix(linkedin)
# Redirect user to LinkedIn for authorization
authorization_url, state = linkedin.authorization_url(authorization_base_url)
print('Please go here and authorize,', authorization_url)
# Get the authorization verifier code from the callback url
redirect_response = input('Paste the full redirect URL here:')
# Fetch the access token
# CHANGED: LinkedIn required client_id to be in body, flipped include_client_id to True
linkedin.fetch_token(token_url,client_secret=client_secret,
include_client_id=True,authorization_response=redirect_response)
# CHANGED: Just an example of a header I tried passing to the get method below
headers = {'X-Restli-Protocol-Version': '2.0.0'}
r = linkedin.get('https://api.linkedin.com/v2/me')
print(r.content)
有什么想法吗?建议?方向?
2020 年 2 月 17 日更新
根据 github 存储库中的文档和评论,https://github.com/requests/requests-oauthlib LinkedIn compliance fixes were outdated and causing bugs. The maintainers have since removed the LinkedIn compliance fix code and applied several updates to the LinkedIn example as part of PR #397。这应该不再是问题了。
下面是原始答案
最终,我传递的请求 url 包含一个不允许的字段。 url 的人工审查揭示了两个字段:
oauth2_access_tokenaccess_token
查看 OAuth2-Requests 源代码,第二个字段在发出最终请求之前添加到 url。
requests-oauthlib/requests_oauthlib/oauth2_session.py
我想有一种机制可以防止这种行为,但我找不到它,我在他们的 github 上的 comments/questions 和其他地方都没有得到答复。我的解决方案是在我的项目中复制 oauth2_session.py 模块的修改版本,并在 request() 方法中使用此脏修复。
old_version_url = url
url, headers, data = self._client.add_token(url, http_method=method, body=data, headers=headers)
# Dirty work around to prevent the `access_token` parameter from being added
# to the url, causing a unpermitted parameters error requesting linkedin resource.
if "&access_token=" in url:
url = old_version_url
整个修改后的模块可以在这个 github 仓库中找到,linkedin_assist/linkedin_assist/quick_fixes/oauth2_session.py
问题
我正在尝试 运行 requests-OAuth2 LinkedIn 示例。我已经能够解决示例过时的一些问题,但似乎无法将最后一行正确地设置为 运行。
来自 运行ning 程序的响应 object 内容:
b'{"serviceErrorCode":100,"message":"Unpermitted fields present in PARAMETER: Data Processing Exception while processing fields [/access_token]","status":403}
系统和版本
- Python 3.6.8
- 请求 2.22.0
- requests-oauthlib 1.2.0
运行 一切都通过终端。
尝试
- 首先应用程序设置有正确的权限
r_liteprofile。 - 我确认我正在使用正确的范围进行身份验证。
- 我试过向 get 请求添加各种 headers。
- 我控制台打印了请求中的PARAMETERS变量的内容object,发现它是一个空字典。
代码
我添加了评论来解释我对 requests-oauthlib 网站上的股票教程所做的更改。
os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'
from requests_oauthlib import OAuth2Session
from requests_oauthlib.compliance_fixes import linkedin_compliance_fix
# Credentials you get from registering a new application
client_id = vault.CLIENT_ID
client_secret = vault.CLIENT_SECRET
# CHANGE: Scope is necessary to avoid permission errors
scope = ['r_liteprofile', 'r_emailaddress', 'w_member_social']
redirect_url = 'http://127.0.0.1'
# OAuth endpoints given in the LinkedIn API documentation (you can check for the latest updates)
# CHANGE: updated urls
authorization_base_url = 'https://www.linkedin.com/oauth/v2/authorization'
token_url = 'https://www.linkedin.com/oauth/v2/accessToken'
# Authorized Redirect URL (from LinkedIn configuration)
# CHANGE: added scope argument to OAuth2Session init method
linkedin = OAuth2Session(client_id, redirect_uri=redirect_url, scope=scope)
linkedin = linkedin_compliance_fix(linkedin)
# Redirect user to LinkedIn for authorization
authorization_url, state = linkedin.authorization_url(authorization_base_url)
print('Please go here and authorize,', authorization_url)
# Get the authorization verifier code from the callback url
redirect_response = input('Paste the full redirect URL here:')
# Fetch the access token
# CHANGED: LinkedIn required client_id to be in body, flipped include_client_id to True
linkedin.fetch_token(token_url,client_secret=client_secret,
include_client_id=True,authorization_response=redirect_response)
# CHANGED: Just an example of a header I tried passing to the get method below
headers = {'X-Restli-Protocol-Version': '2.0.0'}
r = linkedin.get('https://api.linkedin.com/v2/me')
print(r.content)
有什么想法吗?建议?方向?
2020 年 2 月 17 日更新
根据 github 存储库中的文档和评论,https://github.com/requests/requests-oauthlib LinkedIn compliance fixes were outdated and causing bugs. The maintainers have since removed the LinkedIn compliance fix code and applied several updates to the LinkedIn example as part of PR #397。这应该不再是问题了。
下面是原始答案
最终,我传递的请求 url 包含一个不允许的字段。 url 的人工审查揭示了两个字段:
oauth2_access_tokenaccess_token
查看 OAuth2-Requests 源代码,第二个字段在发出最终请求之前添加到 url。
requests-oauthlib/requests_oauthlib/oauth2_session.py
我想有一种机制可以防止这种行为,但我找不到它,我在他们的 github 上的 comments/questions 和其他地方都没有得到答复。我的解决方案是在我的项目中复制 oauth2_session.py 模块的修改版本,并在 request() 方法中使用此脏修复。
old_version_url = url
url, headers, data = self._client.add_token(url, http_method=method, body=data, headers=headers)
# Dirty work around to prevent the `access_token` parameter from being added
# to the url, causing a unpermitted parameters error requesting linkedin resource.
if "&access_token=" in url:
url = old_version_url
整个修改后的模块可以在这个 github 仓库中找到,linkedin_assist/linkedin_assist/quick_fixes/oauth2_session.py