3正确处理令牌刷新

3正确处理令牌刷新

本文介绍了如何使用Spotify SDK和Swift 3正确处理令牌刷新。错误代码= 3840的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试为Swift 3中的Objective-C Spotify iOS SDK beta-25设置令牌刷新。我正在使用Heroku服务器和Spotify提供的Ruby脚本,更改为我的凭据。

  require'sinatra'
require'net / http '
需要'net / https'
需要'base64'
需要'encrypted_strings'
需要'json'

CLIENT_ID = ENV ['xxx' ]
CLIENT_SECRET = ENV ['xxx']
ENCRYPTION_SECRET = ENV ['xxx']
CLIENT_CALLBACK_URL = ENV ['xxx:// returnafterlogin']
AUTH_HEADER =Basic + Base64.strict_encode64(CLIENT_ID +:+ CLIENT_SECRET)
SPOTIFY_ACCOUNTS_ENDPO INT = URI.parse(https://accounts.spotify.com)

get'/'do
Working
end

post'/ swap'do

#这个调用需要一个POST参数,code,
#它与你的客户ID,秘密和回调结合
#URL从Spotify Auth服务获取OAuth令牌,
#它将在JSON有效负载中传递回调用者。

auth_code = params [:code]

http = Net :: HTTP.new(SPOTIFY_ACCOUNTS_ENDPOINT.host,SPOTIFY_ACCOUNTS_ENDPOINT.port)
http.use_ssl = true

request = Net :: HTTP :: Post.new(/ api / token)

request.add_field(Authorization,AUTH_HEADER)

request.form_data = {
grant_type=> authorization_code,
redirect_uri=> CLIENT_CALLBACK_URL,
code=> auth_code
}

response = http.request(request)

#在转发到客户端之前加密刷新令牌
if response.code.to_i == 200
token_data = JSON.parse(response.body)
refresh_token = token_data [refresh_token]
encrypted_token = refresh_token.encrypt(:symmetric,:password => ENCRYPTION_SECRET)
token_data [refresh_token] = encrypted_token
response.body = JSON.dump(token_data)
end

status response.code.to_i
返回响应.body
end

post'/ refresh'do

#使用POST请求新的访问令牌:ed刷新令牌

http = Net :: HTTP.new(SPOTIFY_ACCOUNTS_ENDPOINT.host,SPOTIFY_ACCOUNTS_ENDPOINT.port)
http.use_ssl = true

request = Net :: HTTP :: Post.new(/ api /令牌)

request.add_field(授权,AUTH_HEADER)

encrypted_token = params [:refr esh_token]
refresh_token = encrypted_token.decrypt(:symmetric,:password => ENCRYPTION_SECRET)

request.form_data = {
grant_type=> refresh_token,
refresh_token=> refresh_token
}

response = http.request(request)

status response.code.to_i
return response.body

结束

设置:

  SPTAuth.defaultInstance()。tokenSwapURL = URL(字符串:SpotifyCredentials.tokenSwapURLSwap)
SPTAuth.defaultInstance()。tokenRefreshURL = URL(字符串:SpotifyCredentials.tokenSwapURLRefresh)

现在用户无法再登录了,我收到了错误。如果我要删除 tokenSwapURL tokenRefreshURL ,一切都会再次起作用,但用户必须每60分钟重新验证一次。



如果我正在尝试使用已登录的用户刷新令牌,我会收到:



 如果SPTAuth.defaultInstance()。session!= nil {
print(needs login)
SPTAuth.defaultInstance()。renewsSession(SPTAuth.defaultInstance) ().session,callback:{error,session in
if error!= nil {
print(\(error?.localizedDescription))//会话中没有可用的刷新令牌!
返回
}
})
}

我错过了什么?非常感谢帮助。

解决方案

我已经能够使用以下Git为Spotify创建令牌刷新服务:

I'm trying to setup the token refresh for the Objective-C Spotify iOS SDK beta-25 in Swift 3. I'm using a Heroku Server and the Ruby script provided by Spotify, changed to my credentials.

require 'sinatra'
require 'net/http'
require 'net/https'
require 'base64'
require 'encrypted_strings'
require 'json'

CLIENT_ID = ENV['xxx']
CLIENT_SECRET = ENV['xxx']
ENCRYPTION_SECRET = ENV['xxx']
CLIENT_CALLBACK_URL = ENV['xxx://returnafterlogin']
AUTH_HEADER = "Basic " + Base64.strict_encode64(CLIENT_ID + ":" + CLIENT_SECRET)
SPOTIFY_ACCOUNTS_ENDPOINT = URI.parse("https://accounts.spotify.com")

get '/' do
"Working"
end

post '/swap' do

    # This call takes a single POST parameter, "code", which
    # it combines with your client ID, secret and callback
    # URL to get an OAuth token from the Spotify Auth Service,
    # which it will pass back to the caller in a JSON payload.

    auth_code = params[:code]

    http = Net::HTTP.new(SPOTIFY_ACCOUNTS_ENDPOINT.host, SPOTIFY_ACCOUNTS_ENDPOINT.port)
    http.use_ssl = true

    request = Net::HTTP::Post.new("/api/token")

    request.add_field("Authorization", AUTH_HEADER)

    request.form_data = {
        "grant_type" => "authorization_code",
        "redirect_uri" => CLIENT_CALLBACK_URL,
        "code" => auth_code
    }

    response = http.request(request)

    # encrypt the refresh token before forwarding to the client
    if response.code.to_i == 200
        token_data = JSON.parse(response.body)
        refresh_token = token_data["refresh_token"]
        encrypted_token = refresh_token.encrypt(:symmetric, :password => ENCRYPTION_SECRET)
        token_data["refresh_token"] = encrypted_token
        response.body = JSON.dump(token_data)
    end

    status response.code.to_i
    return response.body
end

post '/refresh' do

    # Request a new access token using the POST:ed refresh token

    http = Net::HTTP.new(SPOTIFY_ACCOUNTS_ENDPOINT.host, SPOTIFY_ACCOUNTS_ENDPOINT.port)
    http.use_ssl = true

    request = Net::HTTP::Post.new("/api/token")

    request.add_field("Authorization", AUTH_HEADER)

    encrypted_token = params[:refresh_token]
    refresh_token = encrypted_token.decrypt(:symmetric, :password => ENCRYPTION_SECRET)

    request.form_data = {
        "grant_type" => "refresh_token",
        "refresh_token" => refresh_token
    }

    response = http.request(request)

    status response.code.to_i
    return response.body

end

Set by:

SPTAuth.defaultInstance().tokenSwapURL = URL(string: SpotifyCredentials.tokenSwapURLSwap)
SPTAuth.defaultInstance().tokenRefreshURL = URL(string: SpotifyCredentials.tokenSwapURLRefresh)

Now the user is not able to login anymore and I'm receiving the error posted on top. If I'm deleting tokenSwapURL and tokenRefreshURL, everything works again, but the User has to re-auth every 60 minutes.

If I'm trying to refresh the Token with an already logged in user, I receive:

if SPTAuth.defaultInstance().session != nil {
        print("needs login")
        SPTAuth.defaultInstance().renewSession(SPTAuth.defaultInstance().session, callback: { error, session in
            if error != nil {
                print("\(error?.localizedDescription)") // "No refresh token available in the session!"
                return
            }
        })
}

What am I missing? Help is very appreciated.

解决方案

I have been able to create a token refresh service for Spotify with the following Git:

All you need to do is to follow the instructions of the Heroku link within the git project.

I have tried to get in contact with the author of the project, but he wasn't able to tell me, why my approach wasn't working but his is. All I can leave you with is this working Deploy to Heroku link.

这篇关于如何使用Spotify SDK和Swift 3正确处理令牌刷新。错误代码= 3840的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

07-30 06:07