LinkedIN防止Linkedin Oauth 60天后过期的方法
LinkedIN Way to prevent Linkedin Oauth expires after 60 days
我有一个网站,人们可以在其中 post 写博客。我希望博客自动 posted 到连接到该网站的 Linkedin 帐户。因此 post 创建博客的人不是 linkedin 帐户的所有者。
我使用 LinkedIN 的共享 API 来执行此操作,但这需要 linkedin 帐户的管理员每 60 天刷新一次 Oauth 令牌。我知道这是防止非法使用帐户的安全措施。但在这种情况下,它始终是我自己的 linkedIN 帐户。有没有解决的办法?可能会使用应用密钥和秘密而不是访问令牌?
LinkedIn API 文档 (https://developer.linkedin.com/documents/handling-errors-invalid-tokens) 说:
In the case the access token is already expired, your application will
go through the same authorization flow as previously described.
However, the login dialog will be shown to the user as they will need
to grant access to your application again.
所以没有办法解决这个问题。但是您可以做的是在访问令牌过期 之前 通过此流程。文档说:
Simply have your application go through the authorization flow in
order to fetch a new access token with an additional 60 day life span.
When the following conditions exist:
User is still logged into Linkedin.com The current access token isn't
expired (within the 60 life span) We will automatically redirect the
user back to your redirect_uri without requiring them to reauthorize
your application. If they don't exist, we'll prompt them to login and
then redirect them.
我有一个网站,人们可以在其中 post 写博客。我希望博客自动 posted 到连接到该网站的 Linkedin 帐户。因此 post 创建博客的人不是 linkedin 帐户的所有者。
我使用 LinkedIN 的共享 API 来执行此操作,但这需要 linkedin 帐户的管理员每 60 天刷新一次 Oauth 令牌。我知道这是防止非法使用帐户的安全措施。但在这种情况下,它始终是我自己的 linkedIN 帐户。有没有解决的办法?可能会使用应用密钥和秘密而不是访问令牌?
LinkedIn API 文档 (https://developer.linkedin.com/documents/handling-errors-invalid-tokens) 说:
In the case the access token is already expired, your application will go through the same authorization flow as previously described. However, the login dialog will be shown to the user as they will need to grant access to your application again.
所以没有办法解决这个问题。但是您可以做的是在访问令牌过期 之前 通过此流程。文档说:
Simply have your application go through the authorization flow in order to fetch a new access token with an additional 60 day life span.
When the following conditions exist:
User is still logged into Linkedin.com The current access token isn't expired (within the 60 life span) We will automatically redirect the user back to your redirect_uri without requiring them to reauthorize your application. If they don't exist, we'll prompt them to login and then redirect them.