问题描述
对于一些用户(考虑到我收到的相关邮件的数量,可能不是那么少),与 OAUTH 授权关联的访问令牌似乎立即失效.用户被引导通过通常的授权过程,他接受权限,他被重定向到包含访问令牌的正确页面,但是一旦我的应用程序尝试使用访问令牌来获取用户 ID,就会收到错误相反:
for a few users (maybe not that few, considering the number of related mails I'm receiving) the access token associated with an OAUTH authorization seems to be immediately invalidated. The user is guided through the usual authorization process, he accepts the permissions, he is redirected to the right page which includes the access token, but as soon as my application tries to use the access token to get the user ID, an error is received instead:
{"error":{"message":"Error validating access token: Session has expired at unix time 0. The current unix time is 1323939801.","type":"OAuthException"}}
offline_access 是权限的一部分.此外,这不可能是用户取消授权或更改密码的原因,因为这是在接受授权后立即发生的.在我的应用程序流程中,我已经尝试重试几次,从我收到的日志中我可以看到错误总是相同的:再次引导用户完成授权过程没有用,因为用户再次被重定向到页面片段中的 access_token.显然,用户解决这个问题的唯一方法是将应用程序从授权应用程序列表中删除,然后重新做同样的事情(除非在第 n 次重试时它开始工作,当事情开始工作时,并非所有用户都写回)).
The offline_access is part of the permissions. Besides, there's no way the cause is the user removing the authorization or changing password since this happens right after having accepted the authorization. In my app flow I already attempt a retry a few times and from the logs I receive I can see the error is always the same: guiding the user through the authorization process again has no use, since the user is redirected again to the page with the access_token in the fragment. Apparently the only way for a user to solve this is to remove the application from the list of authorized applications and do the same thing all over again (unless at the n-th retry it starts working, not all users write back when things start working).
这可能是什么原因?
推荐答案
离线访问已被弃用,我不会再要求它了.相反,至少在 iOS SDK 中,有一种更新方法.
Offline access is getting deprecated, I wouldn't ask for it anymore. Instead, in iOS SDK, at least, there's a renewal method.
这篇关于访问令牌立即失效的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!