我无法使用oauth2登录Paypal获取持有人令牌,在我的C#代码中获取HTTP 500 - 内部服务器错误,cUrl显示SSL错误。我是否需要在我的机器上安装任何证书?如果是的话 - 我从哪里获得它们?
当我输入" https://api.sandbox.paypal.com/v1/oauth2"直接在我的浏览器中显示绿色挂锁,单击它显示该网站的SSL证书有效。
服务器和单元测试是C#,但是在使用cUrl进行调用时我发现了一个问题:
curl https://api.sandbox.paypal.com/v1/oauth2/token
-H "Accept: application/json"
-H "Accept-Language: en_US"
-u "SOMELONGB64CONTENTHERE/USER:PASSWORD"
-d "grant_type=client_credentials" -v
此调用显示与SSL相关的错误:
* About to connect() to api.sandbox.paypal.com port 443 (#0)
* Trying 173.0.82.78... connected
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS alert, Server hello (2):
* SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify faile
d
* Closing connection #0
curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify faile
d
当我向cUrl添加 --insecure
选项时,该调用将返回预期的内容。
* UPDATE:* 当我在Mac上运行完全相同的cUrl命令时,响应正常,并且有我期望的持有者令牌。
C#中的单元测试代码(截断的错误处理和日志记录):
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create("https://api.sandbox.paypal.com/v1/oauth2/token");
request.Method = "POST";
request.Accept = "application/json";
request.Headers.Add("Accept-Language:en_US");
string authInfo = "SOMELONGB64CONTENTHERE/USER:PASSWORD";
authInfo = Convert.ToBase64String(Encoding.Default.GetBytes(authInfo));
request.Headers["Authorization"] = "Basic " + authInfo;
using (StreamWriter swt = new StreamWriter(request.GetRequestStream()))
{
swt.Write("grant_type=client_credentials");
}
request.BeginGetResponse((r) =>
{
HttpWebResponse response = request.EndGetResponse(r) as HttpWebResponse; // Exception HTTP500 here
// truncated code that reads the bearer token
}, null);
* 更新:* 当使用Fiddler捕获时,来自该单元测试的原始流量如下:
请求:
POST https://api.sandbox.paypal.com/v1/oauth2/token HTTP/1.1
Accept: application/json
Accept-Language: en_US
Authorization: Basic SOMELONGB64CONTENTHERE/USER:PASSWORD
Host: api.sandbox.paypal.com
Content-Length: 29
Expect: 100-continue
Connection: Keep-Alive
grant_type=client_credentials
响应:
HTTP/1.1 500 Internal Server Error
Server: Apache-Coyote/1.1
Content-Type: application/json
Content-Length: 118
Date: Sun, 30 Jun 2013 22:21:53 GMT
Connection: close
{"name":"INTERNAL_SERVICE_ERROR","information_link":"https://api.sandbox.paypal.com/docs/api/#INTERNAL_SERVICE_ERROR"}
答案 0 :(得分:1)
证书似乎没有问题且由VeriSign签发,于2016年到期.cUrl是否有可能无法正确处理?
我认为您的代码有误,请参阅此处:http://msdn.microsoft.com/en-us/library/d4cek6cc.aspx
您的应用程序不能为特定请求混合使用同步和异步方法。如果调用GetRequestStream方法,则必须使用GetResponse方法来检索响应。
答案 1 :(得分:0)
显然这是由于Paypal的API发生了重大变化。另一个SO post导致Paypal自己的C# wrappers git,在第80行附近,您可以看到ContentType标头设置为以下两个值之一:
httpRequest.ContentType =“application / x-www-form-urlencoded”;
OR
httpRequest.ContentType =“application / json”;
最近引入了重大变化,修复时间是2013年6月20日。