我可以在本地通过LinkedIn对我的应用进行授权,但是在服务器上失败。我检查了两者是否都运行相同的代码。
我被带到LinkedIn,对该应用进行了授权,但是当我尝试交换令牌的代码时,我得到了:
{“错误”:“ invalid_client”,“错误说明”:“客户端身份验证失败”}
我检查了所有机密是否相同,等等,并且确保使用了TLS 1.2和https。我不知所措以弥补任何差异。
这是失败的地方:
$curl = curl_init();
$arr = array();
$arr['grant_type'] = 'authorization_code'; // The value of this field should always be: authorization_code
$arr['code'] = $_GET['code']; // The authorization code you received in Step 2.
$arr['redirect_uri'] = SITE_ROOT.'/checkout/linkedin'; // The same redirect_uri value that you passed in the previous step. Yes
$arr['client_id'] = LINKEDIN_CLIENT_ID; // The Client ID value generated in Step 1.
$arr['client_secret'] = LINKEDIN_CLIENT_SECRET; // The Secret Key value generated in Step 1. See the Best Practices Guide for ways to keep your client_secret value secure.
//Get Authorization
curl_setopt_array($curl, array(CURLOPT_VERBOSE => true, CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_URL => 'https://www.linkedin.com/oauth/v2/accessToken', CURLOPT_POST => 1, CURLOPT_HTTPHEADER => array('Content-Type: application/x-www-form-urlencoded'), CURLOPT_POSTFIELDS => http_build_query($arr)));
$resp = curl_exec($curl);
$resp_decode = json_decode($resp);
$access_token = $resp_decode->access_token;
curl_close($curl);
我希望获得一个Authorization令牌,但是(同样,仅在服务器上)我得到:
{“错误”:“ invalid_client”,“错误说明”:“客户端身份验证失败”}
任何帮助将不胜感激。