soundcloud /oauth2/token 只返回 401 响应
soundcloud /oauth2/token returning nothing but a 401 response
我注意到我使用 SoundcloudPHP 编写的一些代码今天停止了身份验证,尽管几天前我上次使用它时它运行良好。为了根除问题,我一直在尝试使用 /oauth2/token 端点进行身份验证,但响应是 401 和空体。我一直在使用 https://developers.soundcloud.com/docs/api/reference#token
页面上的 curl
从命令行:
curl -v -X POST "https://api.soundcloud.com/oauth2/token" -F 'client_id=MY_ID' -F 'client_secret=MY_SECRET' -F 'grant_type=authorization_code' -F 'redirect_uri=MY_REDIRECT' -F 'code=0000000EYAA1CRGodSoKJ9WsdhqVQr3g'
回复:
* About to connect() to api.soundcloud.com port 443 (#0)
* Trying 72.21.91.127... connected
* Connected to api.soundcloud.com (72.21.91.127) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using AES256-SHA
* Server certificate:
* subject: OU=Domain Control Validated; CN=*.soundcloud.com
* start date: 2014-04-22 16:52:12 GMT
* expire date: 2016-04-08 10:08:48 GMT
* subjectAltName: api.soundcloud.com matched
* issuer: C=BE; O=GlobalSign nv-sa; CN=GlobalSign Domain Validation CA - SHA256 - G2
* SSL certificate verify ok.
> POST /oauth2/token HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-pc-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8k zlib/1.2.3.3 libidn/1.15
> Host: api.soundcloud.com
> Accept: */*
> Content-Length: 658
> Expect: 100-continue
> Content-Type: multipart/form-data; boundary=----------------------------e695cc6c8133
>
< HTTP/1.1 100 Continue
< HTTP/1.1 401 Unauthorized
< Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin
< Access-Control-Allow-Methods: GET, PUT, POST, DELETE
< Access-Control-Allow-Origin: *
< Access-Control-Expose-Headers: Date
< Cache-Control: private, max-age=0, must-revalidate
< Date: Thu, 01 Oct 2015 23:25:25 GMT
< Server: am/2
< Content-Length: 0
<
* Connection #0 to host api.soundcloud.com left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
我创建了新的客户标签,看看它们是否有效,我得到了同样的结果。由于我使用的是文档中提供的 curl,因此我希望它能正常工作。有什么想法吗?
我是 php https://github.com/njasm/soundcloud 库的创建者。
它的用户报告了同样的问题,事实上你说的也是真的,现在,soundcloud 上的 curl 示例不再工作(出于某种奇怪的原因)。
调查问题以修复库我发现似乎是内容类型问题。
当 requesting/refresh 令牌必须始终是 application/x-form-urlencoded 时,您需要使用的内容类型似乎是 application/x-form-urlencoded,而在我们(图书馆)通过与内容类型通信正常工作之前application/json.
如果你是我图书馆的用户,你应该更新到最新的母版。
如果您可以帮助测试修复,请反馈到问题页面 https://github.com/njasm/soundcloud/issues/25
更新:
确认内容类型必须是 application/x-form-urlencoded
我正在进行一些测试以确认确实如此。
如果是这样,我会将提交标记为稳定版本。
祝你好运,希望对你有所帮助!
我使用来自@njsam
的解决方案为 Cocoa 的 Soundcloud API 解决了这个问题
在 SCSoundCloud.m 上,添加以下行:
NSDictionary *customHeaderFields = [NSDictionary dictionaryWithObject:@"application/x-www-form-urlencoded" forKey:@"Content-Type"];
[config setObject:customHeaderFields forKey:kNXOAuth2AccountStoreConfigurationCustomHeaderFields];
你的方法应该是这样的:
+ (void)setClientID:(NSString *)aClientID
secret:(NSString *)aSecret
redirectURL:(NSURL *)aRedirectURL;
{
NSMutableDictionary *config = [NSMutableDictionary dictionary];
[config setObject:aClientID forKey:kNXOAuth2AccountStoreConfigurationClientID];
[config setObject:aSecret forKey:kNXOAuth2AccountStoreConfigurationSecret];
[config setObject:aRedirectURL forKey:kNXOAuth2AccountStoreConfigurationRedirectURL];
[config setObject:[NSURL URLWithString:kSCSoundCloudAuthURL] forKey:kNXOAuth2AccountStoreConfigurationAuthorizeURL];
[config setObject:[NSURL URLWithString:kSCSoundCloudAccessTokenURL] forKey:kNXOAuth2AccountStoreConfigurationTokenURL];
[config setObject:[NSURL URLWithString:kSCSoundCloudAPIURL] forKey:kSCConfigurationAPIURL];
NSDictionary *customHeaderFields = [NSDictionary dictionaryWithObject:@"application/x-www-form-urlencoded" forKey:@"Content-Type"];
[config setObject:customHeaderFields forKey:kNXOAuth2AccountStoreConfigurationCustomHeaderFields];
[[NXOAuth2AccountStore sharedStore] setConfiguration:config forAccountType:kSCAccountType];
}
此外,我们需要更新 OAuth2Client 库 here 以支持 kNXOAuth2AccountStoreConfigurationCustomHeaderFields
希望这可以帮助一些人 IOS
我注意到我使用 SoundcloudPHP 编写的一些代码今天停止了身份验证,尽管几天前我上次使用它时它运行良好。为了根除问题,我一直在尝试使用 /oauth2/token 端点进行身份验证,但响应是 401 和空体。我一直在使用 https://developers.soundcloud.com/docs/api/reference#token
页面上的 curl从命令行:
curl -v -X POST "https://api.soundcloud.com/oauth2/token" -F 'client_id=MY_ID' -F 'client_secret=MY_SECRET' -F 'grant_type=authorization_code' -F 'redirect_uri=MY_REDIRECT' -F 'code=0000000EYAA1CRGodSoKJ9WsdhqVQr3g'
回复:
* About to connect() to api.soundcloud.com port 443 (#0)
* Trying 72.21.91.127... connected
* Connected to api.soundcloud.com (72.21.91.127) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using AES256-SHA
* Server certificate:
* subject: OU=Domain Control Validated; CN=*.soundcloud.com
* start date: 2014-04-22 16:52:12 GMT
* expire date: 2016-04-08 10:08:48 GMT
* subjectAltName: api.soundcloud.com matched
* issuer: C=BE; O=GlobalSign nv-sa; CN=GlobalSign Domain Validation CA - SHA256 - G2
* SSL certificate verify ok.
> POST /oauth2/token HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-pc-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8k zlib/1.2.3.3 libidn/1.15
> Host: api.soundcloud.com
> Accept: */*
> Content-Length: 658
> Expect: 100-continue
> Content-Type: multipart/form-data; boundary=----------------------------e695cc6c8133
>
< HTTP/1.1 100 Continue
< HTTP/1.1 401 Unauthorized
< Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin
< Access-Control-Allow-Methods: GET, PUT, POST, DELETE
< Access-Control-Allow-Origin: *
< Access-Control-Expose-Headers: Date
< Cache-Control: private, max-age=0, must-revalidate
< Date: Thu, 01 Oct 2015 23:25:25 GMT
< Server: am/2
< Content-Length: 0
<
* Connection #0 to host api.soundcloud.com left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
我创建了新的客户标签,看看它们是否有效,我得到了同样的结果。由于我使用的是文档中提供的 curl,因此我希望它能正常工作。有什么想法吗?
我是 php https://github.com/njasm/soundcloud 库的创建者。
它的用户报告了同样的问题,事实上你说的也是真的,现在,soundcloud 上的 curl 示例不再工作(出于某种奇怪的原因)。 调查问题以修复库我发现似乎是内容类型问题。
当 requesting/refresh 令牌必须始终是 application/x-form-urlencoded 时,您需要使用的内容类型似乎是 application/x-form-urlencoded,而在我们(图书馆)通过与内容类型通信正常工作之前application/json.
如果你是我图书馆的用户,你应该更新到最新的母版。 如果您可以帮助测试修复,请反馈到问题页面 https://github.com/njasm/soundcloud/issues/25
更新: 确认内容类型必须是 application/x-form-urlencoded
我正在进行一些测试以确认确实如此。
如果是这样,我会将提交标记为稳定版本。
祝你好运,希望对你有所帮助!
我使用来自@njsam
的解决方案为 Cocoa 的 Soundcloud API 解决了这个问题在 SCSoundCloud.m 上,添加以下行:
NSDictionary *customHeaderFields = [NSDictionary dictionaryWithObject:@"application/x-www-form-urlencoded" forKey:@"Content-Type"];
[config setObject:customHeaderFields forKey:kNXOAuth2AccountStoreConfigurationCustomHeaderFields];
你的方法应该是这样的:
+ (void)setClientID:(NSString *)aClientID
secret:(NSString *)aSecret
redirectURL:(NSURL *)aRedirectURL;
{
NSMutableDictionary *config = [NSMutableDictionary dictionary];
[config setObject:aClientID forKey:kNXOAuth2AccountStoreConfigurationClientID];
[config setObject:aSecret forKey:kNXOAuth2AccountStoreConfigurationSecret];
[config setObject:aRedirectURL forKey:kNXOAuth2AccountStoreConfigurationRedirectURL];
[config setObject:[NSURL URLWithString:kSCSoundCloudAuthURL] forKey:kNXOAuth2AccountStoreConfigurationAuthorizeURL];
[config setObject:[NSURL URLWithString:kSCSoundCloudAccessTokenURL] forKey:kNXOAuth2AccountStoreConfigurationTokenURL];
[config setObject:[NSURL URLWithString:kSCSoundCloudAPIURL] forKey:kSCConfigurationAPIURL];
NSDictionary *customHeaderFields = [NSDictionary dictionaryWithObject:@"application/x-www-form-urlencoded" forKey:@"Content-Type"];
[config setObject:customHeaderFields forKey:kNXOAuth2AccountStoreConfigurationCustomHeaderFields];
[[NXOAuth2AccountStore sharedStore] setConfiguration:config forAccountType:kSCAccountType];
}
此外,我们需要更新 OAuth2Client 库 here 以支持 kNXOAuth2AccountStoreConfigurationCustomHeaderFields
希望这可以帮助一些人 IOS