将Guzzle POST提交到Bit Bucket访问令牌端点时出现错误请求

时间:2013-10-06 04:55:33

标签: php oauth bitbucket guzzle bitbucket-api

我一直在尝试使用OAuthv1.a和bit bucket实现简单的身份验证流程。当我使用先前提供的验证程序和oauth_token请求访问令牌时,我的问题就出现了。我总是被给出400错误而没有真正指示原因。

Client error response
[status code] 400
[reason phrase] BAD REQUEST
[url] https://bitbucket.org/api/1.0/oauth/access_token?oauth_consumer_key=<snip>&oauth_nonce=fba24cfb3147ca7d32b3924fad43fd509bbb9bc1&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1381034857&oauth_token=fFz369NUmCHNyn7PGj&oauth_verifier=6724267371&oauth_version=1.0&oauth_signature=1H7%2Bvx0fVh2Sj%2FcDAE2QzkTx8us%3D

我在guzzle中使用OauthPlugin类来构建签名参数并按照文档中的描述提交帖子请求。有没有人有这样的问题与任何其他OAuthv1提供商或Bit Bucket专门?

$client = new Client('https://bitbucket.org/api/1.0/');

    $oauth  = new OauthPlugin( array(
        'request_method' => OauthPlugin::REQUEST_METHOD_QUERY,
        'consumer_key'  => Config::get('oauthv1.key'),
        'token' => Input::get('oauth_token'),
        'verifier' => Input::get('oauth_verifier')
        )
    );

    $client->addSubscriber($oauth);
    $client->post('oauth/access_token')->send();

1 个答案:

答案 0 :(得分:5)

即使Bitbucket API文档没有提到它,对oauth / access_token端点的调用也需要consumer_secret和oauth_token_secret。消费者秘密由Bitbucket在您创建应用程序时生成,应存储在您的配置中。您可以从对oauth / request_token的调用的响应中获取oauth_token_secret。只需将其保存在会话中,以便在获取访问令牌时使用它。

申请请求令牌: 

$client = new Client('https://bitbucket.org/api/1.0');
$oauth = new OauthPlugin(array(
    'consumer_key'    => $app['bitbucket.key'],
    'consumer_secret' => $app['bitbucket.secret'],
    'callback'        => 'http://mysite.local/callback',        
));
$client->addSubscriber($oauth);
$response = $client->post('oauth/request_token')->send();

// Parse the response
parse_str($response->getBody(), $result);

// Save the token secret in the session
$app['session']->set('oauth_token_secret', $result['oauth_token_secret']);

// Redirect to Bitbucket to authorize the application
return $app->redirect(sprintf('https://bitbucket.org/api/1.0/oauth/authenticate?oauth_token=%s', $result['oauth_token']));

申请访问令牌: 

$token       = $app['request']->get('oauth_token');
$verifier    = $app['request']->get('oauth_verifier');
$tokenSecret = $app['session']->get('oauth_token_secret');

$client = new Client('https://bitbucket.org/api/1.0');
$oauth = new OauthPlugin(array(
    'consumer_key'    => $app['bitbucket.key'],
    'consumer_secret' => $app['bitbucket.secret'],
    'token'           => $token,
    'token_secret'    => $tokenSecret,
    'verifier'        => $verifier,
));
$client->addSubscriber($oauth);
$client->post('oauth/access_token')->send();

// Parse the response
$response = parse_str($response->getBody(), $result);

// Get the access token
$accessToken = $result['oauth_token'];
相关问题
最新问题