1
我在編程上通過.NET信任我的yammer應用程序。在調試POST請求以信任應用程序時,響應可能會在響應嘗試重定向到SharePoint MySite主機時看起來隨意地呈現302或404。Yammer API替代響應302和404
如果我在同一個調試會話中循環我的請求,我會得到相同類型的響應。我必須重新啓動調試纔能有機會以不同的響應。我曾嘗試設定長時間的睡眠,以確保時間與我得到的迴應類型無關。相同的規則似乎適用:一個調試會話,一個響應類型。
我現在的問題是:我需要做些什麼來避免這些404的?
這裏的提琴手迴應:
302響應:
POST https://www.yammer.com/MYNETWORK/oauth2/decision?client_id=MYAPPCODE&redirect_uri=http%3a%2f%2fmy.devmachine.contoso.com&response_type=code HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: www.yammer.com
Cookie: yamtrak_id=[GUID]; _workfeed_session_id=[ID] Content-Length: 90
Expect: 100-continue
utf8=%E2%9C%93&authenticity_token=[TOKEN]=&allow=Allow
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 29 Sep 2014 13:21:51 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Status: 302 Found
Location: http://my.devmachine.contoso.com?code=[CODE] X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
X-UA-Compatible: IE=Edge,chrome=1
Set-Cookie: yamtrak_id=[ID]; path=/; expires=Tue, 29-Sep-2015 13:21:51 GMT; secure; HttpOnly
Set-Cookie: auth_token=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
Set-Cookie: auth_token_sso=; domain=yammer.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
X-Date: 1411996911966
X-Runtime: 0.073263
7e
<html><body>You are being <a href="http://my.devmachine.contoso.com?code=[CODE]">redirected</a>.</body></html>
0
404響應:
POST https://www.yammer.com/MYNETWORK/oauth2/decision?client_id=MYAPPCODE&redirect_uri=http%3a%2f%2fmy.devmachine.contoso.com&response_type=code HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: www.yammer.com
Cookie: yamtrak_id=[GUID]; _workfeed_session_id=[ID]
Content-Length: 90
Expect: 100-continue
utf8=%E2%9C%93&authenticity_token=[TOKEN]=&allow=Allow
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 29 Sep 2014 13:26:03 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 404 Not Found
Cache-Control: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
X-UA-Compatible: IE=Edge,chrome=1
X-Date: 1411997163223
X-Runtime: 0.068703
a45
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=8,chrome=1" />
<meta http-equiv="content-type" content="text/html;charset=UTF-8" />
<title>The page you were looking for doesn't exist (404)</title>
<link href="/stylesheets/yamkit/yam.css" media="screen, projection" rel="stylesheet" type="text/css" />
<style type="text/css">
body {
...
<div id="parallax-static">
<div id="parallax-static-text">
<h1>Oops!</h2>
<h2>The page you were looking for could not be found.</h2>
<a href="/" title="">Let's go back to your happy place.</a>
</div>
</div>
...
</body>
</html>
0
我知道在這個論壇的其他Yammer的線程,和我使用新的login_csrf_token cookie進行身份驗證,所以這不應該成爲問題。
感謝閱讀!我很感激任何有關如何解決這個問題的建議。
編輯:我已經嘗試設置另一個網站(谷歌)作爲我的重定向url,但交替行爲仍然存在。
您可能希望從您發佈的捕獲中刪除您的OAUTH令牌。 – anothermh 2014-09-30 21:12:52
沒有必要的上下文,代碼是沒用的,但你是對的。比對不起更安全! – PepperX 2014-10-01 10:59:51
您是否試圖模擬應該由瀏覽器處理的交互式流程?不要這樣做,打開瀏覽器。 – 2014-10-01 12:32:35