我对编码很陌生。我正在使用谷歌应用程序脚本,它应该是基于javascript和库管理OAuth1 api身份验证。我正在尝试与可汗学院进行认证。我从谷歌应用程序网站获得的这个脚本是有用的。函数'listTweets'将我带到'else'分支并记录url,将我带到Khan Academy,授予脚本进行调用的权限。我接受并且应该重新运行该函数并最终进入'if-then-else'语句的'then'分支。我只是不断被送到别的地方。有谁知道是什么给出的?在此先感谢您的帮助。
var CONSUMER_KEY = 'my key';
var CONSUMER_SECRET = 'my secret';
var PROJECT_KEY = 'my google project key';
function listTweets() {
var service = getTwitterService();
if (service.hasAccess()) {
var response = service.fetch('https://www.khanacademy.org//api/v1/user/exercises');
var tweets = JSON.parse(response.getContentText());
Logger.log(tweets);
} else {
var authorizationUrl = service.authorize();
Logger.log('Please visit the following URL and then re-run the script: ' + authorizationUrl);
}
}
function getTwitterService() {
var service = OAuth1.createService('twitter');
service.setAccessTokenUrl('https://www.khanacademy.org/api/auth2/access_token')
service.setRequestTokenUrl('https://www.khanacademy.org/api/auth2/request_token')
service.setAuthorizationUrl('https://www.khanacademy.org/api/auth2/authorize')
service.setConsumerKey(CONSUMER_KEY);
service.setConsumerSecret(CONSUMER_SECRET);
service.setProjectKey(PROJECT_KEY);
service.setCallbackFunction('authCallback');
service.setPropertyStore(PropertiesService.getScriptProperties());
service.setOAuthVersion('1.0');
return service;
}
function authCallback(request) {
var service = getTwitterService();
var isAuthorized = service.handleCallback(request);
if (isAuthorized) {
return HtmlService.createHtmlOutput('Success! You can close this page.');
} else {
return HtmlService.createHtmlOutput('Denied. You can close this page');
}
}
答案 0 :(得分:2)
我不熟悉这个特定的API,但通过their documentation阅读,并查看PHP example,似乎他们希望OAuth参数可以在URL而不是授权中传递报头中。
默认情况下,OAuth服务使用授权标头,但可以使用service.setParamLocation('uri-query')覆盖此标头。
答案 1 :(得分:1)
我能够重现并追踪您的问题。有趣的是,它最终是一个单字符修复(在已经提到的setParamLocation修复之后):你只需要使用OAuth版本“1.0a”而不是“1.0”。 OAuth版本1.0a更改了OAuth回调如何解决安全问题的一些细节,我想这个OAuth库在使用OAuth 1.0a时仅在request_token步骤中包含回调URL。 KA API始终使用request_token步骤中指定的回调,因此以前版本的应用程序脚本从不运行回调。
以下是一些适用于我的代码:
var CONSUMER_KEY = 'FILL ME IN';
var CONSUMER_SECRET = 'FILL ME IN';
var PROJECT_KEY = 'FILL ME IN';
function listExercises() {
var service = getKhanAcademyService();
if (service.hasAccess()) {
var response = service.fetch('https://www.khanacademy.org/api/v1/user/exercises');
var exercises = JSON.parse(response.getContentText());
Logger.log(exercises);
} else {
var authorizationUrl = service.authorize();
Logger.log('Please visit the following URL and then re-run the script: ' + authorizationUrl);
}
}
function getKhanAcademyService() {
var service = OAuth1.createService('khanAcademy');
service.setAccessTokenUrl('https://www.khanacademy.org/api/auth2/access_token')
service.setRequestTokenUrl('https://www.khanacademy.org/api/auth2/request_token')
service.setAuthorizationUrl('https://www.khanacademy.org/api/auth2/authorize')
service.setConsumerKey(CONSUMER_KEY);
service.setConsumerSecret(CONSUMER_SECRET);
service.setProjectKey(PROJECT_KEY);
service.setCallbackFunction('authCallback');
service.setPropertyStore(PropertiesService.getScriptProperties());
service.setOAuthVersion('1.0a');
service.setParamLocation('uri-query');
return service;
}
function authCallback(request) {
var service = getKhanAcademyService();
var isAuthorized = service.handleCallback(request);
if (isAuthorized) {
return HtmlService.createHtmlOutput('Success! You can close this page');
} else {
return HtmlService.createHtmlOutput('Denied. You can close this page');
}
}