Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
577 views
in Technique[技术] by (71.8m points)

oauth 2.0 - Salesforce Authentication Failing

I am trying to use OAuth authentication to get the Salesforce Authentication Token, so I referred wiki docs, but after getting authorization code, when I make a Post request with 5 required parameters, I'm getting following exception

{"error":"invalid_grant","error_description":"authentication failure"} CODE 400
JSON = {"error":"invalid_grant","error_description":"authentication failure"}

which is I guess a bad request.

PostMethod post = new PostMethod("https://login.salesforce.com/services/oauth2/token");
post.addParameter("code",##############);
post.addParameter("grant_type","authorization_code");
post.addParameter("redirect_uri","#################");  
post.addParameter("client_id",this.client_id);
post.addParameter("client_secret",this.client_secret);
httpclient.executeMethod(post);
String responseBody = post.getResponseBodyAsString();
System.out.println(responseBody+" CODE "+post.getStatusCode());

Kindly reply, if exception known?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

For anyone who is as stuck and frustrated as I was, I've left a detailed blog post on the entire process (with pictures and ranty commentary!). Click the link if you want that:

http://www.calvinfroedge.com/salesforce-how-to-generate-api-credentials/

Here is a text only answer:

Step 1:

Create an account. You can create a (free) developer account at developer.salesforce.com


Step 2:

Ignore all the landing pages and getting started crap. It's an endless marketing loop.


Step 3:

Click the "Setup" link


Step 4:

In the lefthand toolbar, under "Create", click "Apps"


Step 5:

Under "Connected Apps" click "New"


Step 6:

Fill out the form. Important fields are the ones marked as required, and the oauth section. Note that you can leave any url for your callback (I used localhost).


Step 7:

Be advised that Salesforce has crappy availability.


Step 8:

Press continue. You finally have your client_id key (labelled 'Consumer Key') and client_secret (labelled 'Consumer Secret').


Step 9:

But wait! You're not done yet; select 'Manage' then 'Edit Policies'

  1. Make sure IP relaxation is set to Relax IP restrictions,

  2. and make sure that Permitted Users is set to "All users may self-authorize.",

  3. and also make sure the your Security > Network Access > Trusted IP Ranges has been set

OAuth settings

Security > Network Access > Trusted IP Ranges

If you're concerned about disabling security, don't be for now, you just want to get this working for now so you can make API calls. Tighten permissions once you have everything working, one at a time, so you can figure out what setting is giving you authentication errors.


Step 10:

Celebrate! This curl call should succeed:

on production:

curl -v https://login.salesforce.com/services/oauth2/token 
  -d "grant_type=password" 
  -d "client_id=YOUR_CLIENT_ID_FROM_STEP_8" 
  -d "client_secret=YOUR_CLIENT_SECRET_FROM_STEP_8" 
  -d "[email protected]" -d "[email protected]"

on sandbox or test:

curl -v https://test.salesforce.com/services/oauth2/token 
  -d "grant_type=password" 
  -d "client_id=YOUR_CLIENT_ID_FROM_STEP_8" 
  -d "client_secret=YOUR_CLIENT_SECRET_FROM_STEP_8" 
  -d "[email protected]" -d "[email protected]"

Notes:

  • You shouldn't be doing password authorization if you're building a multi-tenant app, where users need to authorize their own application. Use the Oauth2 workflow for that.

  • You may need to pass in your security token appended to your password.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...