Spotify授权代码

Question

我试图让我的应用程序通过他们的Authorization Code Flow登录Spotify。我能设法得到一个访问令牌时从Spotify的接收授权code在初始授权步骤，但收到以下错误：

{"error":"invalid_client","error_description":"Invalid client"}

我的代码如下：

# Callback from Spotify Authorization 
get '/auth/spotify/callback' do 
    session[:code] = params[:code] 
    redirect to '/refresh' 
end 

然后，我张贴如下：

get '/refresh' do 
    uri = URI('https://accounts.spotify.com/api/token') 
    resp = Net::HTTP.post(uri, 
    { 
     "grant_type" => "authorization_code", 
     "code" => session[:code].to_s, 
     "redirect_uri" => "http://localhost:4567/auth/spotify/callback", 
     "client_id" => client_id, 
     "client_secret" => client_secret 
    }.to_json 
) 
    "#{resp.body}" 
end 

任何帮助，将不胜感激

编辑：我也试过使用PostMan POST上述相同的参数，但收到相同的错误消息

Answer 1

您需要在您的POST请求中添加授权标头。

添加以下关键在你的Net :: HTTP.post选项：

{'Authorization' => 'Basic YOUR_AUTH_CODE' }

编辑：

这是'Your application requests refresh and access tokens'标题下的文档。

Answer 2

要回答我的问题：

我并不需要做，因为我用，'omniauth-spotify'创业板的要求，可以在request.env['omniauth.auth'].credentials.token

我也创建访问令牌还给我POST请求不正确。下面的例子是使一个POST，将获得从refresh_token新令牌（在上述.credentials散列提供）

# Get new access token from refresh token 
# session[:creds] = request.env['omniauth.auth'].credentials 

get '/refresh' do 
    refresh_token = session[:creds].refresh_token 
    auth = "Basic " + Base64.strict_encode64("#{client_id}:#{client_secret}") 
    uri = URI.parse('https://accounts.spotify.com/api/token') 
    request = Net::HTTP::Post.new(uri) 
    request["Authorization"] = auth 
    request.set_form_data(
    "grant_type" => "refresh_token", 
    "refresh_token" => refresh_token, 
) 

    req_options = { 
    use_ssl: uri.scheme == "https", 
    } 

    response = Net::HTTP.start(uri.hostname, uri.port, req_options) do |http| 
    http.request(request) 
    end 

    "#{response.code}" # > 200 OK 

end