youtube oauth 适用于本地主机,但不适用于生产环境
我正在制作的网站可以将您的帐户与 YouTube 帐户连接起来。从本地主机来看,这工作得很好,但从站点(step1tuts.appspot.com)来看,它不起作用。当我将用户从我的网站重定向到身份验证页面时,我收到以下消息:
无法显示您请求的页面。另一个网站是 请求访问您的 Google 帐户,但发送了格式错误的消息 要求。请联系您在使用时尝试使用的网站 收到此消息以通知他们错误。
处理此身份验证的代码如下所示:
client = youtube.get_client()
client.developer_key = 'AI39si759T7YcZ4E3XvICpZr3cGwQ0Ev4AjwyJrVSS6AW6NUc7_t10DX1JsngWzU4YoGjpsjAUTejav0hgXp9vDuM7a83tDXzQ'
client.client_id = 'step1tuts.com'
domain = 'http://' + os.environ['HTTP_HOST']+"/user/youtube_token"
scope = 'http://gdata.youtube.com'
url = client.GenerateAuthSubURL(domain,scope,secure=False,session=True)
self.redirect(str(url))
return
我重定向到的以 /auth_token 结尾的 url 然后处理从 youtube 返回的令牌,但错误发生在这里。
为了清楚起见,youtube.get_client 方法是我开发的一个方法,用于重用使客户端应用程序引擎准备就绪的过程:其代码是:
def get_client():
client = gdata.youtube.service.YouTubeService()
run_on_appengine(client)
client.developer_key = 'AI39si759T7YcZ4E3XvICpZr3cGwQ0Ev4AjwyJrVSS6AW6NUc7_t10DX1JsngWzU4YoGjpsjAUTejav0hgXp9vDuM7a83tDXzQ'
client.client_id = 'step1tuts.com'
user = users.get_current_user()
if(user and user.yt_token):
client.SetAuthSubToken(user.yt_token)
return client
在粘贴此代码时,我注意到我正在复制我给出的部分开发者密钥。我不认为这是问题所在,但我会将其从代码的身份验证部分中删除,然后看看会发生什么。
必须通过观察用户重定向到的 url 来追踪问题,因此仅提供一些额外信息,当我使用 SDK 在本地计算机上使用该应用程序时,我重定向到的 url :
<一href="http://www.youtube.com/auth_sub_request?scope=http%3A%2F%2Fgdata.youtube.com&session=1&next=http%3A%2F%2Floc alhost%3A8081%2Fuser%2Fyoutube_token%3Fauth_sub_scopes%3Dhttp%253A%252F%252Fgdata.youtube.com&secure=0&hd=default" rel="nofollow">http://www.youtube.com/auth_sub_request?scope=http%3A%2F%2Fgdata.youtube.com&session=1&next=http%3A%2F%2F localhost%3A8081%2Fuser%2Fyoutube_token%3Fauth_sub_scopes%3Dhttp%253A%252F%252Fgdata.youtube.com&secure=0&hd=default
当我在生产中使用相同的代码时,我会重定向到的网址:
The website I'm making makes it possible to connect your account with your youtube account. From localhost, this works perfectly, but from the site, which is step1tuts.appspot.com, it doesn't work. When I redirect the user to the authentication page from my website, I get the following message:
The page you have requested cannot be displayed. Another site was
requesting access to your Google Account, but sent a malformed
request. Please contact the site that you were trying to use when you
received this message to inform them of the error.
The code that handles this authentication looks like this:
client = youtube.get_client()
client.developer_key = 'AI39si759T7YcZ4E3XvICpZr3cGwQ0Ev4AjwyJrVSS6AW6NUc7_t10DX1JsngWzU4YoGjpsjAUTejav0hgXp9vDuM7a83tDXzQ'
client.client_id = 'step1tuts.com'
domain = 'http://' + os.environ['HTTP_HOST']+"/user/youtube_token"
scope = 'http://gdata.youtube.com'
url = client.GenerateAuthSubURL(domain,scope,secure=False,session=True)
self.redirect(str(url))
return
The url I'm redirecting to, ending in /auth_token then processes the token it gets back from youtube, but the error happens here.
Just for clarity, the youtube.get_client method is one that I developed to reuse the process of making the client appengine ready: the code for that is:
def get_client():
client = gdata.youtube.service.YouTubeService()
run_on_appengine(client)
client.developer_key = 'AI39si759T7YcZ4E3XvICpZr3cGwQ0Ev4AjwyJrVSS6AW6NUc7_t10DX1JsngWzU4YoGjpsjAUTejav0hgXp9vDuM7a83tDXzQ'
client.client_id = 'step1tuts.com'
user = users.get_current_user()
if(user and user.yt_token):
client.SetAuthSubToken(user.yt_token)
return client
While pasting in this code, I noticed that I'm duplicating the part where I give my developer key. I don't think that that's the problem, but I'll remove that from the authentication part of my code, and see what happens.
The problem must be tracable by watching the url that the user is redirected to, so just for some extra info, the url that I'm redirected to when I'm using the app on my local machine using the SDK, with which it works:
And the url that I'm redirected to when I use the same code on production:
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
有趣的。除此网址外,所有其他网址均有效。可能是 YouTube 端的错误?我刚刚添加了一个“.”在您的域名末尾,请求似乎已通过。也许你可以尝试一下?
http://www.youtube.com/auth_sub_request?scope=http%3A%2F%2Fgdata.youtube.com&session=1&next=http%3A%2F%2Fste p1tuts.appspot.com.%2Fuser%2Fyoutube_token%3Fauth_sub_scopes%3Dhttp%253A%252F%252Fgdata.youtube.com&secure=0&hd=default
Interesting. All other urls work except this one. Probably a bug on youtube side? I just added a '.' at the end of your domain and the request seems to go through. Maybe you can try that?
http://www.youtube.com/auth_sub_request?scope=http%3A%2F%2Fgdata.youtube.com&session=1&next=http%3A%2F%2Fstep1tuts.appspot.com.%2Fuser%2Fyoutube_token%3Fauth_sub_scopes%3Dhttp%253A%252F%252Fgdata.youtube.com&secure=0&hd=default