我的项目正在使用php与gmail oauth并面临此错误,因为401目标无效,其他项目使用相同的方式工作正常(不同的ID和秘密但相同的域)。例如: -
xxx.com/abc xxx.com/def
HTTP/1.1 401 Token invalid - Target is invalid.
Content-Type: text/html; charset=utf-8
Date: Mon, 19 May 2014 02:03:50 GMT
Expires: Mon, 19 May 2014 02:03:50 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alternate-Protocol: 443:quic
Transfer-Encoding: chunked
如何解决此问题?感谢任何评论和帮助。
GmailOath代码
$url = 'https://www.google.com/accounts/OAuthGetRequestToken';
$params['oauth_version'] = '1.0';
$params['oauth_nonce'] = mt_rand();
$params['oauth_timestamp'] = time();
$params['oauth_consumer_key'] = $oauth->oauth_consumer_key;
$params['oauth_callback'] = $oauth->callback;
$params['scope'] = 'https://www.google.com/m8/feeds';
更新 我猜这可能是个问题。下面不同的是Content-type,它应该是'application / json'。但不知道在哪里改变它们......
更新 经过进一步调查后,只有在https://console.developers.google.com/更换旧应用程序的客户端ID和机密后,它才会起作用。无论我尝试生成多少新应用程序,它都无法正常工作。发生了什么事?
工作电话: -
[url] => https://www.google.com/m8/feeds/contacts/default/full?alt=json&max-results=1000&oauth_consumer_key=59093836836-0c8mb4u395gklok3k52cr2b0oml3gmcg.apps.googleusercontent.com&oauth_nonce=1103659829&oauth_signature=ORgJZEli8Y0b1Bv1xUwFWysdJgA%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1400465100&oauth_token=1%2FL0o-ttvJP0haJ2RF9I-jd6hOIW2-kFYiQmlNx7UWVkw&oauth_version=1.0
[content_type] => application/json; charset=UTF-8
[http_code] => 200
[header_size] => 525
[request_size] => 743
[filetime] => -1
[ssl_verify_result] => 0
[redirect_count] => 0
[total_time] => 2.250314
[namelookup_time] => 4.7E-5
[connect_time] => 0.012625
[pretransfer_time] => 0.040877
[size_upload] => 0
[size_download] => 997382
[speed_download] => 443219
[speed_upload] => 0
[download_content_length] => -1
[upload_content_length] => 0
[starttransfer_time] => 0.423671
[redirect_time] => 0
不工作电话: -
[url] => https://www.google.com/m8/feeds/contacts/default/full?alt=json&max-results=1000&oauth_consumer_key=59093836836-57psirebb7ntghd1259g4iiml5eq0l70.apps.googleusercontent.com&oauth_nonce=995553446&oauth_signature=8yPK5su1np6sC0z8vmZ%2BHOW7CuE%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1400465030&oauth_token=1%2FrDfOd04W2oUs2MHfLoFIJoVngnM0n3MWZwWMRoeFDOg&oauth_version=1.0
[content_type] => text/html; charset=utf-8
[http_code] => 401
[header_size] => 369
[request_size] => 745
[filetime] => -1
[ssl_verify_result] => 0
[redirect_count] => 0
[total_time] => 0.337964
[namelookup_time] => 4.7E-5
[connect_time] => 0.017053
[pretransfer_time] => 0.054309
[size_upload] => 0
[size_download] => 11875
[speed_download] => 35136
[speed_upload] => 0
[download_content_length] => -1
[upload_content_length] => 0
[starttransfer_time] => 0.337551
[redirect_time] => 0
如果上述问题未完成,请询问更多信息。感谢。
答案 0 :(得分:1)
找到解决方案,
看起来新生成的客户端ID和客户端密钥已经淘汰了旧版本的API。实现这一目标的唯一方法是实施Google Contact APIv3并使用OAuth2。
希望这有助于其他有同样问题的人。
答案 1 :(得分:0)
401错误是指示Unauthorized的HTTP代码,这意味着请求需要身份验证。在此处查看:10 Status Code Definitions搜索401
10.4.2 401 Unauthorized
The request requires user authentication. The response MUST include a
WWW-Authenticate header field (section 14.47) containing a challenge applicable
to the requested resource. The client MAY repeat the request with a
suitable Authorization header field (section 14.8). If the request already
included Authorization credentials, then the 401 response indicates
that authorization has been refused for those credentials. If the 401 response
contains the same challenge as the prior response, and the user agent has
already attempted authentication at least once, then the user SHOULD be
presented the entity that was given in the response, since that entity might
include relevant diagnostic information. HTTP access authentication is explained
in "HTTP Authentication: Basic and Digest Access Authentication"
<强>更新
由于您的请求彼此不同,因此工作的请求被授予访问权限,而第二个请求不具有访问权限。我已经使用Winmerge检查了您的请求,他们来自两个不同的应用程序。因此,您可以尝试通过JSON发送第一个,看看会发生什么。
您是否有可能未将其他应用媒体资源配置为在整个Google API中进行访问。
我仍然坚持我之前的回答,因为这是401代码的问题,未经授权的访问。