我正在制作一个应用程序,应该使用oAuth从暴雪服务器认证玩家,我想访问他们的角色信息。我不知道怎么要秘令牌我想我做我的post请求错误下面是我使用的代码
app.post('/', function(req, res) {
var code = req.body.code; //this is the code i get ounce the player is redirected back to my redirect_uri
var redirectUri = "https://localhost:3000/oauth_callback.html";
var scope = "wow.profile";
var key = "they client_id i was given";
var secret = "they secret I was given";
var grantType = "authorization_code";
var tokenUri = "https://us.battle.net/oauth/token";
var uriBody = "?client_id=" + key + "&client_secret=" + secret + "&grant_type=authorization_code&code=" + code + "&redirect_uri=" + redirectUri + "&scope=" + scope;
request({
url: tokenUri, //URL to hit
method: 'POST',
headers: {
'Content-Type': "application/x-www-form-urlencoded",
},
body: uriBody //Set the body as a string
}, function(error, response, body){
if(error) {
console.log(error);
} else {
console.log(response.statusCode, body);
}
});
所以基本上我得到的代码用它向我的服务器发出post请求,然后触发一个post请求到暴雪服务器试图用访问令牌交换我的代码。
我得到的错误是:401 '{"error":"unauthorized","error_description":"An Authentication object was not found in the SecurityContext"}'
我用的是Node.js &request.js发布帖子,我猜我没有发出适当的请求帖子请求?
我认为body键在request中是不可接受的
这样的如果
content-type是JSON,则在json中发送data;如果content-type是x-www-form-urlencoded,则发送form
request({
url: tokenUri, //URL to hit
method: 'POST',
headers: {
'Content-Type': "application/x-www-form-urlencoded",
},
form: uriBody //Set the body as a string
}, function(error, response, body){
if(error) {
console.log(error);
} else {
console.log(response.statusCode, body);
}
});
终于!这是我如何让它工作!q = query-string.js library…
var token_params = qs.stringify({
client_id: key,
client_secret: secret,
code: code,
scope: scope,
grant_type: 'authorization_code',
redirect_uri: redirectUri
});
request('https://us.battle.net/oauth/token?' + token_params, function(error, response, body){
if (error) {
console.log(error);
} else {
console.log(body)
}
});