791 Star 1.6K Fork 348

开源中国/Gitee Feedback

码云的第三方应用在获取Token时服务端响应状态403是什么情况?

结束任务
Task
创建于  
2017-05-27 10:07

现象描述

正常授权并重定向,获取到code后调用:

http://git.oschina.net/oauth/token?grant_type=authorization_code&code={code}....接口时状态为403

码云用户创建的第三方应用需要审核才能正常访问吗?

评论 (40)

有理想的鱼 创建了任务 8年前

@有理想的鱼

我这里是ok的,你把url信息贴完整看看

输入图片说明

@maxiaoqian

我已正确获取到code参数,但不论是GET还是POST方式去请求token都是403状态,截图如下:

输入图片说明

输入图片说明

@suninformation

通过API页面,右边的申请授权可以拿到access_token吗?

  • 另外:可以把上面的完整url,复制黏贴出来吗,上面这样看不清楚

输入图片说明

@maxiaoqian

在API页面申请授权可以拿到access_token。

  • POST /oauth/token?
"code=0c17e73d9981ad089605a8c5486610d515e6b8ebf9854836c5513ba869303561&grant_type=authorization_code&client_secret=7ad4df2bd7d934a0a0473f5bf218f49db9148df70f20d995bd42691163c69cfc&redirect_uri=http%3A%2F%2Fopen.ymate.net%2Foauth2%2Fconnect%2Fgitosc%2Fredirect%3Fredirect_url%3Dhttp%253A%252F%252Fopen.ymate.net%252Fdashboard&client_id=5560b64be03c1a7546b741529c3541fc61ff560a4f8ce1ef8c69c36294b496c5"

@suninformation

同样的请求,显示是401,401的话你需要重新获取code(可以直接通过页面点击模拟请求获取code)然后post得到access_token, 你再试试看?

输入图片说明

@maxiaoqian

模拟请求也是一样响应403状态,以下是点击模拟请求后,我的服务端接收到的日志输出:

2017-05-27 10:36:28.639[DEBUG][35:net.ymate.platform.webmvc.WebMVC.processRequest:203] --> [35] Process request start: GET:/oauth2/connect/gitosc/redirect
2017-05-27 10:36:28.639[DEBUG][35:net.ymate.platform.webmvc.WebMVC.processRequest:204] --- [35] Parameters: {"code":["a842ea88a9649db740df80b15dd340a84340e8db8b0d7644fd1dc0d7cf1aea74"]}
2017-05-27 10:36:28.640[DEBUG][35:net.ymate.platform.webmvc.WebMVC.processRequest:211] --- [35] Request mode: controller
2017-05-27 10:36:28.655[DEBUG][35:org.apache.http.client.protocol.RequestAddCookies.process:122] CookieSpec selected: best-match
2017-05-27 10:36:28.655[DEBUG][35:org.apache.http.client.protocol.RequestAuthCache.process:75] Auth cache not set in the context
2017-05-27 10:36:28.656[DEBUG][35:org.apache.http.impl.conn.PoolingHttpClientConnectionManager.requestConnection:219] Connection request: [route: {}->http://git.oschina.net:80][total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 20]
2017-05-27 10:36:28.656[DEBUG][35:org.apache.http.impl.conn.PoolingHttpClientConnectionManager.leaseConnection:250] Connection leased: [id: 2][route: {}->http://git.oschina.net:80][total kept alive: 0; route allocated: 1 of 2; total allocated: 1 of 20]
2017-05-27 10:36:28.657[DEBUG][35:org.apache.http.impl.execchain.MainClientExec.execute:217] Opening connection {}->http://git.oschina.net:80
2017-05-27 10:36:28.658[DEBUG][35:org.apache.http.impl.conn.HttpClientConnectionOperator.connect:122] Connecting to git.oschina.net/116.211.167.14:80
2017-05-27 10:36:28.681[DEBUG][35:org.apache.http.impl.conn.HttpClientConnectionOperator.connect:129] Connection established 101.200.209.46:34956<->116.211.167.14:80
2017-05-27 10:36:28.682[DEBUG][35:org.apache.http.impl.execchain.MainClientExec.execute:238] Executing request POST /oauth/token? HTTP/1.1
2017-05-27 10:36:28.682[DEBUG][35:org.apache.http.impl.execchain.MainClientExec.execute:243] Target auth state: UNCHALLENGED
2017-05-27 10:36:28.683[DEBUG][35:org.apache.http.impl.execchain.MainClientExec.execute:249] Proxy auth state: UNCHALLENGED
2017-05-27 10:36:28.683[DEBUG][35:org.apache.http.impl.conn.LoggingManagedHttpClientConnection.onRequestSubmitted:124] http-outgoing-2 >> POST /oauth/token? HTTP/1.1
2017-05-27 10:36:28.683[DEBUG][35:org.apache.http.impl.conn.LoggingManagedHttpClientConnection.onRequestSubmitted:127] http-outgoing-2 >> Content-Length: 333
2017-05-27 10:36:28.684[DEBUG][35:org.apache.http.impl.conn.LoggingManagedHttpClientConnection.onRequestSubmitted:127] http-outgoing-2 >> Content-Type: application/x-www-form-urlencoded
2017-05-27 10:36:28.684[DEBUG][35:org.apache.http.impl.conn.LoggingManagedHttpClientConnection.onRequestSubmitted:127] http-outgoing-2 >> Content-Encoding: UTF-8
2017-05-27 10:36:28.685[DEBUG][35:org.apache.http.impl.conn.LoggingManagedHttpClientConnection.onRequestSubmitted:127] http-outgoing-2 >> Host: git.oschina.net
2017-05-27 10:36:28.685[DEBUG][35:org.apache.http.impl.conn.LoggingManagedHttpClientConnection.onRequestSubmitted:127] http-outgoing-2 >> Connection: Keep-Alive
2017-05-27 10:36:28.686[DEBUG][35:org.apache.http.impl.conn.LoggingManagedHttpClientConnection.onRequestSubmitted:127] http-outgoing-2 >> User-Agent: Apache-HttpClient/4.3.6 (java 1.5)
2017-05-27 10:36:28.686[DEBUG][35:org.apache.http.impl.conn.LoggingManagedHttpClientConnection.onRequestSubmitted:127] http-outgoing-2 >> Accept-Encoding: gzip,deflate
2017-05-27 10:36:28.687[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 >> "POST /oauth/token? HTTP/1.1[\r][\n]"
2017-05-27 10:36:28.687[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 >> "Content-Length: 333[\r][\n]"
2017-05-27 10:36:28.687[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 >> "Content-Type: application/x-www-form-urlencoded[\r][\n]"
2017-05-27 10:36:28.688[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 >> "Content-Encoding: UTF-8[\r][\n]"
2017-05-27 10:36:28.688[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 >> "Host: git.oschina.net[\r][\n]"
2017-05-27 10:36:28.689[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 >> "Connection: Keep-Alive[\r][\n]"
2017-05-27 10:36:28.689[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 >> "User-Agent: Apache-HttpClient/4.3.6 (java 1.5)[\r][\n]"
2017-05-27 10:36:28.689[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 >> "Accept-Encoding: gzip,deflate[\r][\n]"
2017-05-27 10:36:28.689[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 >> "[\r][\n]"
2017-05-27 10:36:28.690[DEBUG][35:org.apache.http.impl.conn.Wire.wire:86] http-outgoing-2 >> "code=a842ea88a9649db740df80b15dd340a84340e8db8b0d7644fd1dc0d7cf1aea74&grant_type=authorization_code&client_secret=7ad4df2bd7d934a0a0473f5bf218f49db9148df70f20d995bd42691163c69cfc&redirect_uri=http%3A%2F%2Fopen.ymate.net%2Foauth2%2Fconnect%2Fgitosc%2Fredirect&client_id=5560b64be03c1a7546b741529c3541fc61ff560a4f8ce1ef8c69c36294b496c5"
2017-05-27 10:36:28.729[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "HTTP/1.1 403 Forbidden[\r][\n]"
2017-05-27 10:36:28.733[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "Date: Sat, 27 May 2017 03:01:32 GMT[\r][\n]"
2017-05-27 10:36:28.733[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "Content-Type: text/html[\r][\n]"
2017-05-27 10:36:28.735[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "Content-Length: 417[\r][\n]"
2017-05-27 10:36:28.735[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "Connection: keep-alive[\r][\n]"
2017-05-27 10:36:28.736[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "Set-Cookie: aliyungf_tc=AQAAAICrgS5Neg0ALtHIZa+7rotg8OT2; Path=/; HttpOnly[\r][\n]"
2017-05-27 10:36:28.736[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "Server: nginx[\r][\n]"
2017-05-27 10:36:28.740[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "ETag: "55b0a6c2-1a1"[\r][\n]"
2017-05-27 10:36:28.740[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "[\r][\n]"
2017-05-27 10:36:28.740[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "<!DOCTYPE html>[\n]"
2017-05-27 10:36:28.741[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "<html>[\n]"
2017-05-27 10:36:28.741[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "<head>[\n]"
2017-05-27 10:36:28.741[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>[\n]"
2017-05-27 10:36:28.742[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "    <title>[0xe6][0x82][0xa8][0xe7][0x9a][0x84][0xe8][0xae][0xbf][0xe9][0x97][0xae][0xe5][0x8f][0x97][0xe9][0x99][0x90] (403)</title>[\n]"
2017-05-27 10:36:28.742[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "    <link href="/static.css" media="screen" rel="stylesheet" type="text/css" />[\n]"
2017-05-27 10:36:28.742[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "</head>[\n]"
2017-05-27 10:36:28.743[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "[\n]"
2017-05-27 10:36:28.743[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "<body>[\n]"
2017-05-27 10:36:28.743[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "<h1>403</h1>[\n]"
2017-05-27 10:36:28.744[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "<h3>[0xe6][0x9c][0x8d][0xe5][0x8a][0xa1][0xe5][0x99][0xa8][0xe6][0x8b][0x92][0xe7][0xbb][0x9d][0xe5][0xa4][0x84][0xe7][0x90][0x86][0xe6][0x82][0xa8][0xe7][0x9a][0x84][0xe8][0xaf][0xb7][0xe6][0xb1][0x82][0xe3][0x80][0x82]</h3>[\n]"
2017-05-27 10:36:28.746[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "<hr/>[\n]"
2017-05-27 10:36:28.747[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "<p>[0xe6][0x82][0xa8][0xe5][0x8f][0xaf][0xe8][0x83][0xbd][0xe6][0xb2][0xa1][0xe6][0x9c][0x89][0xe8][0xae][0xbf][0xe9][0x97][0xae][0xe6][0xad][0xa4][0xe6][0x93][0x8d][0xe4][0xbd][0x9c][0xe7][0x9a][0x84][0xe6][0x9d][0x83][0xe9][0x99][0x90][0xef][0xbc][0x8c] <a href="/">[0xe7][0x82][0xb9][0xe5][0x87][0xbb][0xe8][0xbf][0x99][0xe9][0x87][0x8c]</a> [0xe5][0x9b][0x9e][0xe5][0x88][0xb0][0xe9][0xa6][0x96][0xe9][0xa1][0xb5].</p>[\n]"
2017-05-27 10:36:28.747[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "</body>[\n]"
2017-05-27 10:36:28.747[DEBUG][35:org.apache.http.impl.conn.Wire.wire:72] http-outgoing-2 << "</html>[\n]"
2017-05-27 10:36:28.748[DEBUG][35:org.apache.http.impl.conn.LoggingManagedHttpClientConnection.onResponseReceived:113] http-outgoing-2 << HTTP/1.1 403 Forbidden
2017-05-27 10:36:28.749[DEBUG][35:org.apache.http.impl.conn.LoggingManagedHttpClientConnection.onResponseReceived:116] http-outgoing-2 << Date: Sat, 27 May 2017 03:01:32 GMT
2017-05-27 10:36:28.750[DEBUG][35:org.apache.http.impl.conn.LoggingManagedHttpClientConnection.onResponseReceived:116] http-outgoing-2 << Content-Type: text/html
2017-05-27 10:36:28.750[DEBUG][35:org.apache.http.impl.conn.LoggingManagedHttpClientConnection.onResponseReceived:116] http-outgoing-2 << Content-Length: 417
2017-05-27 10:36:28.751[DEBUG][35:org.apache.http.impl.conn.LoggingManagedHttpClientConnection.onResponseReceived:116] http-outgoing-2 << Connection: keep-alive
2017-05-27 10:36:28.751[DEBUG][35:org.apache.http.impl.conn.LoggingManagedHttpClientConnection.onResponseReceived:116] http-outgoing-2 << Set-Cookie: aliyungf_tc=AQAAAICrgS5Neg0ALtHIZa+7rotg8OT2; Path=/; HttpOnly
2017-05-27 10:36:28.752[DEBUG][35:org.apache.http.impl.conn.LoggingManagedHttpClientConnection.onResponseReceived:116] http-outgoing-2 << Server: nginx
2017-05-27 10:36:28.753[DEBUG][35:org.apache.http.impl.conn.LoggingManagedHttpClientConnection.onResponseReceived:116] http-outgoing-2 << ETag: "55b0a6c2-1a1"
2017-05-27 10:36:28.753[DEBUG][35:org.apache.http.impl.execchain.MainClientExec.execute:267] Connection can be kept alive indefinitely
2017-05-27 10:36:28.754[DEBUG][35:org.apache.http.client.protocol.ResponseProcessCookies.processCookies:117] Cookie accepted [aliyungf_tc="AQAAAICrgS5Neg0ALtHIZa+7rotg8OT2", version:0, domain:git.oschina.net, path:/, expiry:null]
2017-05-27 10:36:28.755[DEBUG][35:org.apache.http.impl.conn.PoolingHttpClientConnectionManager.releaseConnection:281] Connection [id: 2][route: {}->http://git.oschina.net:80] can be kept alive indefinitely
2017-05-27 10:36:28.756[DEBUG][35:org.apache.http.impl.conn.PoolingHttpClientConnectionManager.releaseConnection:287] Connection released: [id: 2][route: {}->http://git.oschina.net:80][total kept alive: 1; route allocated: 1 of 2; total allocated: 1 of 20]
2017-05-27 10:36:28.756[DEBUG][35:org.apache.http.impl.conn.PoolingHttpClientConnectionManager.shutdown:351] Connection manager is shutting down
2017-05-27 10:36:28.757[DEBUG][35:org.apache.http.impl.conn.LoggingManagedHttpClientConnection.close:79] http-outgoing-2: Close connection
2017-05-27 10:36:28.757[DEBUG][35:org.apache.http.impl.conn.LoggingManagedHttpClientConnection.close:79] http-outgoing-2: Close connection
2017-05-27 10:36:28.758[DEBUG][35:org.apache.http.impl.conn.PoolingHttpClientConnectionManager.shutdown:357] Connection manager shut down
2017-05-27 10:36:28.759[DEBUG][35:net.ymate.platform.webmvc.WebMVC.processRequest:447] --- [35] Total execution time: 121ms

@suninformation

不好意思啊,我这边没有重现,等我们开发看看吧

@maxiaoqian

好的,目前调用码云的授权服务就是403,另外开源中国的开放API授权接口也同样是403状态,不知道是什么原因,也请一并协助一下,3q!

@suninformation

我们这边测试是没问题的。如果osc主站跟码云都403。是不是有可能是你程序的问题呢?

顺便能解释一下数组里面的是啥意思呢?

输入图片说明

@frech

下图是上面数组转换为字符串后的内容:服务器拒绝处理您的请求。

输入图片说明

我感觉你们封了我们域名

不审核也可以使用啊

我这边看日志确实有请求

Apache-HttpClient/4.3.6 (java 1.5) 这个UA请求的返回403

PostmanRuntime/3.0.11-hotfix.2 这个UA请求的返回404

maxiaoqian 关闭了任务 8年前

输入图片说明

返回 401,确定参数没错

知道原因了,redirect_url要与应用回调地址一致才行

有没有人遇到,使用正常的token访问码云,获取仓库/分支列表总是时不时报403咋回事

问下调用refresh_token的时候返回40是什么问题?

诺墨 任务状态已完成 修改为已验收 6年前
诺墨 将工作项从 任务 迁移到 Task 3年前
诺墨 任务类型任务 修改为Task 3年前
诺墨 任务状态已验收 修改为结束任务 3年前

登录 后才可以发表评论

状态
负责人
项目
Pull Requests
关联的 Pull Requests 被合并后可能会关闭此 issue
预计工期 (小时)
开始日期   -   截止日期
-
置顶选项
成本中心
所属客户
未设置
确定
优先级
分支
参与者(10)
341631 maxiaoqian 1578920636 10397 suninformation 1578914701 905323 frech 1578935509 62561 kesin 1578916009 致自己-zxl17_admin 832 duguying2008 1578913886 58426 yashin 1578915792 2042758 cangjingge 1578964923 罗先生-luomin207123 子涵-demon-test-corp
Ruby
1
https://gitee.com/oschina/git-osc.git
git@gitee.com:oschina/git-osc.git
oschina
git-osc
Gitee Feedback

搜索帮助