我尝试使用OpenID connect工作流实现Oauth2身份验证，Cloudfoundry UAA作为python flask应用程序中的后端身份验证提供者，使用伊斯兰会议组织oauth2. 在

我遇到了一个问题，当我尝试执行访问令牌请求时，遇到“No grant found for state”错误，即使我可以通过POST成功地卷曲并获得访问令牌

curl -k 'https://172.17.0.114:8443/oauth/token' -i -X POST -H 'Accept: application/json' -H 'Content-Type: application/x-www-form-urlencoded' -d 'client_id=ga4gh_server&client_secret=ga4gh_server&grant_type=authorization_code&response_type=id_token&code=1n3ILw&state=CyBAFDwl79YU19lCEdODalMD&token_format=opaque&redirect_uri=https%3A%2F%2F172.17.0.107%2Fga4gh%2Foauth2callback'
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-store
Pragma: no-cache
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Fri, 15 Jul 2016 20:45:05 GMT

{"access_token":"2f57ef6dd73c482cac5aa7b8826ba8b7","token_type":"bearer","id_token":"eyJhbGciOiJIUzI1NiIsImtpZCI6ImxlZ2FjeS10b2tlbi1rZXkiLCJ0eXAiOiJKV1QifQ.eyJzdWIiOiJlZmY5MjFjMi0wMDdiLTQwNDgtOGZlZC01ZmFjNjM1NjkyZmMiLCJ1c2VyX25hbWUiOiJyemhvdSIsIm9yaWdpbiI6ImxkYXAiLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODAvdWFhL29hdXRoL3Rva2VuIiwicmV2b2NhYmxlIjp0cnVlLCJub25jZSI6ImFqaHMzZ2V2NHQ4VEJEQjF6VHZCYkpKUCIsImNsaWVudF9pZCI6ImdhNGdoX3NlcnZlciIsImF1ZCI6WyJnYTRnaF9zZXJ2ZXIiXSwiemlkIjoidWFhIiwiZ3JhbnRfdHlwZSI6ImF1dGhvcml6YXRpb25fY29kZSIsInVzZXJfaWQiOiJlZmY5MjFjMi0wMDdiLTQwNDgtOGZlZC01ZmFjNjM1NjkyZmMiLCJhenAiOiJnYTRnaF9zZXJ2ZXIiLCJzY29wZSI6WyJvcGVuaWQiXSwiYXV0aF90aW1lIjoxNDY4NjE0NTU3LCJleHAiOjE0Njg2NTg3MDUsImlhdCI6MTQ2ODYxNTUwNSwianRpIjoiMmY1N2VmNmRkNzNjNDgyY2FjNWFhN2I4ODI2YmE4YjciLCJlbWFpbCI6InJ6aG91QGJjZ3NjLmNhIiwicmV2X3NpZyI6ImIyMzY1ZDU1IiwiY2lkIjoiZ2E0Z2hfc2VydmVyIn0.bDA3fLRMgtcPuUMw6laV89MwDqsIRkWi4-l0qvoN7qA","refresh_token":"2f57ef6dd73c482cac5aa7b8826ba8b7-r","expires_in":43199,"scope":"openid","nonce":"ajhs3gev4t8TBDB1zTvBbJJP","jti":"2f57ef6dd73c482cac5aa7b8826ba8b7"}

flask应用程序生成一个24个密钥的随机“nonce”和“state”来标识自己，但是“state”似乎没有被正确解析，导致我的访问令牌请求失败：（。在

下面是处理oauth2callback的代码，它是使用pyoidc实现的

成功登录auth服务器后，服务器将被重定向到具有以下参数的回调url。在

https://172.17.0.107/ga4gh/oauth2callback#token_type=bearer&id_token=eyJhbGciOiJIUzI1NiIsImtpZCI6ImxlZ2FjeS10b2tlbi1rZXkiLCJ0eXAiOiJKV1QifQ.eyJzdWIiOiJlZmY5MjFjMi0wMDdiLTQwNDgtOGZlZC01ZmFjNjM1NjkyZmMiLCJ1c2VyX25hbWUiOiJyemhvdSIsIm9yaWdpbiI6ImxkYXAiLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODAvdWFhL29hdXRoL3Rva2VuIiwibm9uY2UiOiJhamhzM2dldjR0OFRCREIxelR2QmJKSlAiLCJjbGllbnRfaWQiOiJnYTRnaF9zZXJ2ZXIiLCJhdWQiOlsiZ2E0Z2hfc2VydmVyIl0sInppZCI6InVhYSIsInVzZXJfaWQiOiJlZmY5MjFjMi0wMDdiLTQwNDgtOGZlZC01ZmFjNjM1NjkyZmMiLCJhenAiOiJnYTRnaF9zZXJ2ZXIiLCJzY29wZSI6WyJvcGVuaWQiXSwiYXV0aF90aW1lIjoxNDY4NjE0NTU3LCJleHAiOjE0Njg2NTg2NDYsImlhdCI6MTQ2ODYxNTQ0NiwianRpIjoiMGY2NTIyY2E3NTdlNDNiZWI1OWU2MGNiMmQzYWZjZmIiLCJlbWFpbCI6InJ6aG91QGJjZ3NjLmNhIiwicmV2X3NpZyI6ImIyMzY1ZDU1IiwiY2lkIjoiZ2E0Z2hfc2VydmVyIn0.tXC1kP2nT_8cLaM0Gyk_rcDEetqIo39J_C3jtulTDm4&code=1n3ILw&state=CyBAFDwl79YU19lCEdODalMD&expires_in=43199&nonce=ajhs3gev4t8TBDB1zTvBbJJP&jti=0f6522ca757e43beb59e60cb2d3afcfb

但是，出于某种原因，我似乎无法解析这个回调url的状态参数，以便继续我的访问令牌请求。在

任何关于如何解决这一点的想法将不胜感激！在

非常感谢！在