我正在尝试使用 linkedIn 和 authlib 创建登录名,但当我尝试接收令牌时遇到错误。我能够重定向到身份验证中链接的链接,然后重定向到我的回调。但我对authorized_access_token(请求)有问题。
有人可以帮忙检查我的实现是否正确吗?
这是我收到的错误:
{“错误”:“invalid_request:缺少必需的参数“client_secret””}
oauth.register(
"linkedin",
client_id=LINKEDIN_CLIENT_ID,
client_secret=LINKEDIN_CLIENT_SECRET,
api_base_url='https://api.linkedin.com/v2/',
authorize_url='https://www.linkedin.com/oauth/v2/authorization',
access_token_url='https://www.linkedin.com/oauth/v2/accessToken',
client_kwargs={'scope': 'openid profile email'},
)
@router.get('/login')
async def linkedin_login(request: Request):
linkedin = oauth.create_client('linkedin')
if linkedin:
print(linkedin.name)
redirect_uri = request.url_for('linkedin_auth')
print(redirect_uri)
return await linkedin.authorize_redirect(request, redirect_uri)
else:
return {'error': 'linkedin client not found'}
@router.get('/auth')
async def linkedin_auth(request: Request):
linkedin = oauth.create_client('linkedin')
if linkedin:
try:
token = await linkedin.authorize_access_token(request)
return token
except Exception as e:
return {'error': str(e)}
我尝试更改注册配置,但这似乎没有帮助。我相信我的实现是正确的,但我仍然遇到错误
在
authorize_access_token
调用中传递的请求缺少用于获取访问令牌的 client_secret
。
我假设您正在使用 FastAPI 框架进行开发。
对代码的一些改进:
.env
文件中提供敏感环境配置。from fastapi import FastAPI
from starlette.config import Config
from starlette.middleware.sessions import SessionMiddleware
from starlette.requests import Request
from authlib.integrations.starlette_client import OAuth
oauth = OAuth()
app = FastAPI()
app.add_middleware(SessionMiddleware, secret_key=config.get('SECRET_KEY'))
config = Config('.env')
oauth = OAuth(config)
oauth.register(
name="linkedin",
api_base_url='https://api.linkedin.com/v2/',
authorize_url='https://www.linkedin.com/oauth/v2/authorization',
access_token_url='https://www.linkedin.com/oauth/v2/accessToken',
client_kwargs={'scope': 'r_ads r_basicprofile'},
)
@app.get('/login')
async def linkedin_login(request: Request):
redirect_uri = request.url_for('linkedin_auth')
return await oauth.linkedin.authorize_redirect(request, redirect_uri)
@app.get('/auth')
async def linkedin_auth(request: Request):
token = await oauth.linkedin.authorize_access_token(
request,
client_secret=config.get('LINKEDIN_CLIENT_SECRET')
)
return token