为什么 Apache Oltu Instragram 集成不返回 access_token

Question

我正在开发一个 Spring MVC + Apache Oltu + Instagram 示例。在此示例中，我在 https://www.instagram.com/developer/ 上创建了一个应用程序，并获得了 ClientId 和 Client_Secrete。

使用此clientId 和Client Secret，调用Instagram Rest EndPoints。但是当调用 REST EndPoint 时，我收到以下错误：

SEVERE: Servlet.service() for servlet [appServlet] in context with path [/apache-oltu] threw exception [Request processing failed; nested exception is OAuthProblemException{error='invalid_request', description='Missing parameters: access_token', uri='null', state='null', scope='null', redirectUri='null', responseStatus=0, parameters={}}] with root cause
OAuthProblemException{error='invalid_request', description='Missing parameters: access_token', uri='null', state='null', scope='null', redirectUri='null', responseStatus=0, parameters={}}
    at org.apache.oltu.oauth2.common.exception.OAuthProblemException.error(OAuthProblemException.java:59)
    at org.apache.oltu.oauth2.common.utils.OAuthUtils.handleOAuthProblemException(OAuthUtils.java:167)
    at org.apache.oltu.oauth2.common.utils.OAuthUtils.handleMissingParameters(OAuthUtils.java:185)
    at org.apache.oltu.oauth2.client.validator.OAuthClientValidator.validateRequiredParameters(OAuthClientValidator.java:90)
    at org.apache.oltu.oauth2.client.validator.OAuthClientValidator.validateParameters(OAuthClientValidator.java:53)
    at org.apache.oltu.oauth2.client.validator.OAuthClientValidator.validate(OAuthClientValidator.java:49)
    at org.apache.oltu.oauth2.client.response.OAuthClientResponse.validate(OAuthClientResponse.java:127)
    at org.apache.oltu.oauth2.client.response.OAuthClientResponse.init(OAuthClientResponse.java:96)
    at org.apache.oltu.oauth2.client.response.OAuthAccessTokenResponse.init(OAuthAccessTokenResponse.java:65)
    at org.apache.oltu.oauth2.client.response.OAuthClientResponse.init(OAuthClientResponse.java:101)
    at org.apache.oltu.oauth2.client.response.OAuthAccessTokenResponse.init(OAuthAccessTokenResponse.java:60)
    at org.apache.oltu.oauth2.client.response.OAuthClientResponse.init(OAuthClientResponse.java:120)
    at org.apache.oltu.oauth2.client.response.OAuthClientResponseFactory.createCustomResponse(OAuthClientResponseFactory.java:82)
    at org.apache.oltu.oauth2.client.URLConnectionClient.execute(URLConnectionClient.java:111)
    at org.apache.oltu.oauth2.client.OAuthClient.accessToken(OAuthClient.java:65)
    at org.apache.oltu.oauth2.client.OAuthClient.accessToken(OAuthClient.java:55)
    at com.apache.oltu.InstagramController.getAccessToken(InstagramController.java:76)
    at com.apache.oltu.InstagramController.redirect(InstagramController.java:56)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
    at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:133)
    at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:97)
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:827)
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:738)
    at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
    at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967)
    at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901)
    at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)
    at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:635)
    at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:478)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:80)
    at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:624)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
    at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:799)
    at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
    at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1455)
    at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    at java.lang.Thread.run(Unknown Source)

以下是我使用的详细信息：

AUTHORIZATION_URL = "https://api.instagram.com/oauth/authorize";
ACCESS_TOKEN_URL = "https://api.instagram.com/oauth/access_token";

我使用的范围是：

public_content follower_list comments relationships likes basic

执行代码时，我成功获取了授权码，但看起来令牌丢失了。

我正在从 URL 调用 Rest Endpoint：https://www.instagram.com/developer/endpoints/users/

以下代码供参考：

private String getAccessToken(String authorizationCode) throws OAuthSystemException, OAuthProblemException {
        OAuthClientRequest request = OAuthClientRequest
                .tokenLocation(ACCESS_TOKEN_URL)
                .setGrantType(GrantType.AUTHORIZATION_CODE)
                .setClientId(CLIENT_ID)
                .setClientSecret(CLIENT_SECRET)
                .setRedirectURI(REDIRECT_URL)
                .setCode(authorizationCode)
                .buildQueryMessage();

        OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());

        GitHubTokenResponse oAuthResponse = oAuthClient.accessToken(request, GitHubTokenResponse.class);

        request= new OAuthBearerClientRequest("https://api.instagram.com/v1/users/self/").
                setAccessToken(oAuthResponse.getAccessToken()).
                buildQueryMessage();

        System.out.println("REQUEST_BODY : "+request.getBody());

        OAuthClient client = new OAuthClient(new URLConnectionClient());
        OAuthResourceResponse resourceResponse= client.resource(request, "GET", OAuthResourceResponse.class);

        if (resourceResponse.getResponseCode()==200){           
            logger.debug("HTTP OK");
            System.out.println(resourceResponse.getBody());
            return resourceResponse.getBody();
        }
        else{
            System.out.println("Could not access resource: " + resourceResponse.getResponseCode() 
            + " " + resourceResponse.getBody());
            return null;
        }
    } 
}

以下是要访问的 URL::

https://api.instagram.com/oauth/authorize? 范围=public_content+follower_list+cmets+relationships+likes+basic& response_type=代码& redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fapache-oltu%2Finstagram%2Fredirect& client_id=40eb3e6047a249ddb7d9194765be9901

如果我使用了 ResponseType="token" 那么我得到了

{"error_type": "OAuthForbiddenException", "code": 403, "error_message": "Implicit authentication is disabled"}

Answer 1

经过大量的反复试验，我能够解决这个问题：

在请求访问令牌时，我应该使用以下内容：

OAuthClientRequest request = OAuthClientRequest
                .authorizationLocation(AUTHORIZATION_URL)
                .setClientId(CLIENT_ID)
                .setRedirectURI(REDIRECT_URL)
                .setResponseType(ResponseType.CODE.toString())
                .setScope("public_content follower_list comments relationships likes basic")
                .buildQueryMessage();

在随后的请求中，我将使用以下内容：

OAuthClientRequest request = OAuthClientRequest
                //.authorizationProvider(OAuthProviderType.INSTAGRAM)
                .tokenLocation(ACCESS_TOKEN_URL)
                .setGrantType(GrantType.AUTHORIZATION_CODE)
                .setClientId(CLIENT_ID)
                .setClientSecret(CLIENT_SECRET)
                .setRedirectURI(REDIRECT_URL)
                .setCode(authorizationCode)
                .buildBodyMessage(); 

这给了我可靠的回应：

{"data": {"id": "3159574895", "username": "Raj", "profile_picture": "https://scontent.cdninstagram.com/t51.2885-19/s150x150/19367511_329283184160313_6318737005198966784_a.jpg", "full_name": "Raj", "bio": "Wish me on 25th-Dec\nLove to code !! \nEngineer by my choice !!\nLove to drive !! \ud83d\ude0b\ud83d\ude0a", "website": "", "is_business": false, "counts": {"media": 14, "follows": 18, "followed_by": 51}}, "meta": {"code": 200}}

经过更多google发现：OAuthProblem, missing parameter access_token