开发者

Programmatically Revoke OAuth token for google account

So here at the end of the page says a way to be able to revoke this token via the AuthSub api (the old api).

I manage the whole authentication system with the new api OAuth and when I try to revoke the开发者_高级运维 token with the authsub steps its just sending me an "HTTP Error 403: Invalid AuthSub token."

Here is my code in python:

req = urllib2.Request("https://www.google.com/accounts/AuthSubRevokeToken",headers=
      {'Authorization':'AuthSub token="mysuperloluselesstoken"'})
urllib2.open(req)

Is there an easier way to do this? Should I do something with the secret_token + user_token + consumer?


Just answered over here: Server side removal of Oauth token

You have the correct URL to request revocation of an OAuth 1.0 token (using the AuthSub endpoint). The primary issue above is that you're constructing an AuthSub Authorization header. Instead, you should construct an OAuth 1.0 signed request (in the same way you sign any other request via OAuth 1.0): https://www.rfc-editor.org/rfc/rfc5849#section-3.5.1

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜