我一直试图解决这个问题,这似乎是一个常见的问题,但人们正在做的其他事情似乎并没有起作用。
我正在使用Yahoo oAuth API(最终尝试导入联系人),但是一旦我进入本教程中的第4步(https://developer.yahoo.com/oauth/guide/oauth-accesstoken.html),这是我尝试获取access_token的步骤错误, array(1){[“oauth_problem”] => string(17)“signature_invalid”}
在getAccessToken()下的oauth_signature行上的我尝试用&,%26和%26&分隔。这些都没有奏效。我尝试使用HMAC-SHA1而不是PLAINTEXT分离&但所有这些都产生了相同的结果。我也尝试了urlencode()'一切,但没有用。当我 var_dump(\ Session :: get(\ Auth :: user() - > id。'。outh_token_secret'))我得到的东西看起来像一个真正的oauth_token_secret所以我不认为那是问题。
但无论如何,这里是代码(对不起整个地方的curl()方法)
<?php
namespace App\Models\oAuth2;
class Yahoo {
static public $consumer_key = 'xxx';
static public $consumer_secret = 'xxx';
static public function getContactsLink() {
parse_str(self::curl('https://api.login.yahoo.com/oauth/v2/get_request_token', 'post', NULL, [
'oauth_consumer_key' => self::$consumer_key,
'oauth_signature' => self::$consumer_secret . '&',
'oauth_signature_method' => 'PLAINTEXT',
'oauth_callback' => action('ImportController@yahooContacts'),
'oauth_nonce' => uniqid(rand()),
'oauth_timestamp' => time(),
'oauth_version' => '1.0',
'xoauth_lang_pref' => 'en-us'
]), $response);
\Session::put(\Auth::user()->id . '.oauth_token_secret', $response['oauth_token_secret']);
return $response['xoauth_request_auth_url'];
}
static public function getAccessToken() {
parse_str(self::curl('https://api.login.yahoo.com/oauth/v2/get_token', 'post', NULL, [
'oauth_consumer_key' => self::$consumer_key,
'oauth_signature' => self::$consumer_secret . '%26' . \Session::pull(\Auth::user()->id . '.oauth_token_secret'),
'oauth_signature_method' => 'PLAINTEXT',
'oauth_nonce' => uniqid(rand()),
'oauth_timestamp' => time(),
'oauth_version' => '1.0',
'oauth_verifier' => \Input::get('oauth_verifier'),
'oauth_token' => \Input::get('oauth_token')
]), $response);
dd($response);
}
static function curl($url, $method = 'get', $header = null, $postdata = null, $includeheader=FALSE, $timeout = 60) {
$s = curl_init();
curl_setopt($s,CURLOPT_URL, $url);
if ($header)
curl_setopt($s,CURLOPT_HTTPHEADER, $header);
/*if ($this->debug)*/
curl_setopt($s,CURLOPT_VERBOSE, FALSE);
curl_setopt($s,CURLOPT_TIMEOUT, $timeout);
curl_setopt($s,CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($s,CURLOPT_MAXREDIRS, 3);
curl_setopt($s,CURLOPT_RETURNTRANSFER, true);
curl_setopt($s,CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($s,CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($s,CURLOPT_COOKIEFILE, 'cookie.txt');
if(strtolower($method) == 'post')
{
curl_setopt($s,CURLOPT_POST, true);
curl_setopt($s,CURLOPT_POSTFIELDS, $postdata);
}
else if(strtolower($method) == 'delete')
{
curl_setopt($s,CURLOPT_CUSTOMREQUEST, 'DELETE');
}
else if(strtolower($method) == 'put')
{
curl_setopt($s,CURLOPT_CUSTOMREQUEST, 'PUT');
curl_setopt($s,CURLOPT_POSTFIELDS, $postdata);
}
curl_setopt($s,CURLOPT_HEADER, $includeheader);
//curl_setopt($s,CURLOPT_USERAGENT, 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1');
curl_setopt($s, CURLOPT_SSL_VERIFYPEER, false);
$html = curl_exec($s);
$status = curl_getinfo($s, CURLINFO_HTTP_CODE);
curl_close($s);
return $html;
}
}
答案 0 :(得分:0)
对于有这个问题的其他人,我想出了我的问题。 get_token调用必须显式为GET而不是POST(即使文档说GET&amp; POST)。
这是我更新的 getAccessToken()方法:
static public function getAccessToken() {
parse_str(self::curl(
'https://api.login.yahoo.com/oauth/v2/get_token?oauth_consumer_key=' . self::$consumer_key .'&oauth_signature=' . self::$consumer_secret . '%26' . \Session::pull(\Auth::user()->id . '.oauth_token_secret') . '&oauth_signature_method=PLAINTEXT&oauth_nonce=' . uniqid(rand()) . '&oauth_timestamp=' . time() . '&oauth_version=1.0&oauth_verifier=' . \Input::get('oauth_verifier') . '&oauth_token=' . \Input::get('oauth_token')
), $response);
dd($response);
}
并且效果很好。