我几天来一直在努力解决这个问题。我有一个测试应用程序设置通过OAuth连接到LinkedIn。我希望能够更新用户的状态,但目前我根本无法与LinkedIn的API进行交互。
我能够成功获取requestToken,然后是accessToken,但是当我向API发出请求时,我看到一个“未经授权”的错误,看起来像这样:
object(OAuthException)#2 (8) {
["message:protected"]=> string(73) "Invalid auth/bad request (got a 401, expected HTTP/1.1 20X or a redirect)"
["string:private"]=> string(0) ""
["code:protected"]=> int(401)
["file:protected"]=> string(47) "/home/pmfeorg/public_html/dev/test/linkedin.php"
["line:protected"]=> int(48)
["trace:private"]=> array(1) {
[0]=> array(6) {
["file"]=> string(47) "/home/pmfeorg/public_html/dev/test/linkedin.php"
["line"]=> int(48)
["function"]=> string(5) "fetch"
["class"]=> string(5) "OAuth"
["type"]=> string(2) "->"
["args"]=> array(2) {
[0]=> string(35) "http://api.linkedin.com/v1/people/~"
[1]=> string(3) "GET"
}
}
}
["lastResponse"]=> string(358) " 401 1276375790558 0000 [unauthorized]. OAU:Bhgk3fB4cs9t4oatSdv538tD2X68-1OTCBg-KKL3pFBnGgOEhJZhFOf1n9KtHMMy|48032b2d-bc8c-4744-bb84-4eab53578c11|*01|*01:1276375790:xmc3lWhXJvLSUZh4dxMtrf55VVQ= "
["debugInfo"]=> array(5) {
["sbs"]=> string(329) "GET&http%3A%2F%2Fapi.linkedin.com%2Fv1%2Fpeople%2F~&oauth_consumer_key%3DBhgk3fB4cs9t4oatSdv538tD2X68-1OTCBg-KKL3pFBnGgOEhJZhFOf1n9KtHMMy%26oauth_nonce%3D7068001084c13f2ee6a2117.22312548%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1276375790%26oauth_token%3D48032b2d-bc8c-4744-bb84-4eab53578c11%26oauth_version%3D1.0"
["headers_sent"]=> string(401) "GET /v1/people/~?GET&oauth_consumer_key=Bhgk3fB4cs9t4oatSdv538tD2X68-1OTCBg-KKL3pFBnGgOEhJZhFOf1n9KtHMMy&oauth_signature_method=HMAC-SHA1&oauth_nonce=7068001084c13f2ee6a2117.22312548&oauth_timestamp=1276375790&oauth_version=1.0&oauth_token=48032b2d-bc8c-4744-bb84-4eab53578c11&oauth_signature=xmc3lWhXJvLSUZh4dxMtrf55VVQ%3D HTTP/1.1 User-Agent: PECL-OAuth/1.0-dev Host: api.linkedin.com Accept: */*"
["headers_recv"]=> string(148) "HTTP/1.1 401 Unauthorized Server: Apache-Coyote/1.1 Date: Sat, 12 Jun 2010 20:49:50 GMT Content-Type: text/xml;charset=UTF-8 Content-Length: 358"
["body_recv"]=> string(358) " 401 1276375790558 0000 [unauthorized]. OAU:Bhgk3fB4cs9t4oatSdv538tD2X68-1OTCBg-KKL3pFBnGgOEhJZhFOf1n9KtHMMy|48032b2d-bc8c-4744-bb84-4eab53578c11|*01|*01:1276375790:xmc3lWhXJvLSUZh4dxMtrf55VVQ= "
["info"]=> string(216) "About to connect() to api.linkedin.com port 80 (#0) Trying 64.74.98.83... connected Connected to api.linkedin.com (64.74.98.83) port 80 (#0) Connection #0 to host api.linkedin.com left intact Closing connection #0 "
}
}
我的代码看起来像这样(基于来自php.net的FireEagle示例):
$req_url = 'https://api.linkedin.com/uas/oauth/requestToken';
$authurl = 'https://www.linkedin.com/uas/oauth/authenticate';
$acc_url = 'https://api.linkedin.com/uas/oauth/accessToken';
$api_url = 'http://api.linkedin.com/v1/people/~';
$callback = 'http://www.pmfe.org/dev/test/linkedin.php';
$conskey = 'Bhgk3fB4cs9t4oatSdv538tD2X68-1OTCBg-KKL3pFBnGgOEhJZhFOf1n9KtHMMy';
$conssec = '####################SECRET KEY#####################';
session_start();
try {
$oauth = new OAuth($conskey,$conssec,OAUTH_SIG_METHOD_HMACSHA1,OAUTH_AUTH_TYPE_URI);
$oauth->enableDebug();
if(!isset($_GET['oauth_token'])) {
$request_token_info = $oauth->getRequestToken($req_url);
$_SESSION['secret'] = $request_token_info['oauth_token_secret'];
header('Location: '.$authurl.'?oauth_token='.$request_token_info['oauth_token']);
exit;
} else {
$oauth->setToken($_GET['oauth_token'],$_SESSION['secret']);
$access_token_info = $oauth->getAccessToken($acc_url);
$_SESSION['token'] = $access_token_info['oauth_token'];
$_SESSION['secret'] = $access_token_info['oauth_token_secret'];
}
$oauth->setToken($_SESSION['token'],$_SESSION['secret']);
$oauth->fetch($api_url, OAUTH_HTTP_METHOD_GET);
$response = $oauth->getLastResponse();
} catch(OAuthException $E) {
var_dump($E);
}
我已经成功建立了与Twitter的连接,并使用OAuth建立了一个与Facebook的连接,但LinkedIn一直在躲避我。如果有人能提出一些建议或指出我正确的方向,我将非常感激!
答案 0 :(得分:1)
好吧,我找到了问题的根源,但现在出现了一个新问题:
我原来的问题是错的 - 我根本没有获得accessToken。问题是我在getAccessToken调用期间没有传递验证程序代码(在requestToken步骤中获取)。
所以而不是......
$access_token_info = $oauth->getAccessToken($acc_url);
......我需要这样做......
$_SESSION['verifier'] = $_GET['oauth_verifier'];
$access_token_info = $oauth->getAccessToken($acc_url, $_SESSION['verifier'], $_SESSION['verifier']);
我希望此信息可以帮助其他人。这是我第一次使用OAuth,但看起来LinkedIn的实施非常严格。
无论如何,现在我需要弄清楚为什么LI在我尝试更新状态时返回401 ...我已授权应用程序,并且可以提取数据,但无法设置任何数据。也许在某些地方的LI设置中隐藏了其他权限?
答案 1 :(得分:0)
除非LinkedIn对HTTP状态代码有完全不同的看法,否则401意味着它期待WWW-Authenticate标题(即:base64格式的用户名/密码)并且没有得到它,因此它拒绝访问。< / p>
也许你必须做OAuth::setAuthType()。