所以,如果你想通过GitHub的API来实现这一点,你的请求需要改变。
首先,你需要使用`/authorizations`端点,像这样:
/authorizations
endpoint。
POST /authorizations
Authorization: Basic ...
Content-Type: application/json
Content-Length: ...
{
"scopes": [
"repo",
"write:org"
],
"note": "Example from StackOverflow by @sigmavirus24",
"client_id": "Your client_id here",
"client_secret": "Your client_secret here",
"fingerprint": "1234",
}
然后应该返回一个带有以下内容的正文的201 Created
响应:
{
"id": 72249124,
"url": "https://api.github.com/authorizations/72249124",
"scopes": [
"repo",
"write:org"
],
"token": "abcdefgh12345678",
"token_last_eight": "12345678",
"hashed_token": "25f94a2a5c7fbaf499c665bc73d67c1c87e496da8985131633ee0a95819db2e8",
"app": {
"url": "http://my-github-app.com",
"name": "my github app",
"client_id": "abcde12345fghij67890"
},
"note": "optional note",
"note_url": "http://optional/note/url",
"updated_at": "2017-02-08T20:39:23Z",
"created_at": "2017-02-08T17:26:27Z",
"fingerprint": "1234"
}
除了它将是真实的。
话虽如此,看起来您正在尝试使用允许GitHub用作身份验证提供程序的端点。换句话说,您正在构建一个应用程序,允许用户使用GitHub登录。如果是这种情况,则需要特别遵循OAuth Web应用程序流程。
在这种情况下,您已经完成了一部分,但发送错误的参数。
首先,您发出一个GET请求:
GET https://github.com/login/oauth/authorize?client_id=<your-client_id>&scopes=repo%20write:org&state=something-random
然后你将从GitHub收到数据,你必须在POST请求中使用它。
POST https://github.com/login/oauth/access_token?client_id=<your-client_id>&client_secret=<your-client_secret>&code=<code-from-github>
Accept: application/json
之后,您发出的任何请求都必须具备
Authorization: token <token-received-in-response-to-POST>
加油!