下面的 php 脚本是我们的其余 api,用于以管理员身份检索客户信息 -脚本正确获取管理员登录和授权页面,但授权后出现错误
OAuthException 对象([消息:受保护] => 无效的身份验证/错误 请求(收到 403、预期 HTTP/1.1 20X 或重定向) [字符串:异常:私有] => [代码:受保护] => 403 [文件:受保护] => /home/xxxx/public_html/oauth_admin.php [line:protected] => 39 [trace:Exception:private] => 数组 ( [0] => 数组 ( [file] => /home/xxxxx/public_html/oauth_admin.php [行] => 39 [功能] => 获取 [class] => OAuth [type] => -> [args] => 数组 ( [0] => http://www.xxxxx.com/api/rest/customers [1] => 数组 ( ) [2] => GET [3] => 数组 ( [Content-Type] => application/xml [接受] => / ) ) ) ) [上一个:异常:私有] => [最后响应] => {"messages":{"error":[{"code":403,"message":"访问被拒绝"}]}} [debugInfo] => 数组 ( [sbs] => xxxxx [body_recv] => {“消息”:{“错误”:[{“代码”:403,“消息”:“访问被拒绝”}]}})))
我已经尝试了每个博客/帖子来尝试使其正常工作,在这个阶段,毫无疑问它是非常明显的,但我无法发现它......非常感谢帮助!
<?php
$callbackUrl = "http://www.site2.com/oauth_admin.php";
$temporaryCredentialsRequestUrl = "http://www.site1.com/oauth/initiate?oauth_callback=" . urlencode($callbackUrl);
$adminAuthorizationUrl = 'https://www.site1.com/admin/oauth_authorize';
$accessTokenRequestUrl = 'http://www.site1.com/oauth/token';
$apiUrl = 'http://www.site1.com/api/rest';
$consumerKey = 'xxxxx';
$consumerSecret = 'xxxxx';
session_start();
if (!isset($_GET['oauth_token']) && isset($_SESSION['state']) && $_SESSION['state'] == 1) {
$_SESSION['state'] = 0;
}
try {
$authType = ($_SESSION['state'] == 2) ? OAUTH_AUTH_TYPE_AUTHORIZATION : OAUTH_AUTH_TYPE_URI;
$oauthClient = new OAuth($consumerKey, $consumerSecret, OAUTH_SIG_METHOD_HMACSHA1, $authType);
$oauthClient->enableDebug();
if (!isset($_GET['oauth_token']) && !$_SESSION['state']) {
$requestToken = $oauthClient->getRequestToken($temporaryCredentialsRequestUrl);
$_SESSION['secret'] = $requestToken['oauth_token_secret'];
$_SESSION['state'] = 1;
header('Location: ' . $adminAuthorizationUrl . '?oauth_token=' . $requestToken['oauth_token']);
exit;
} else if ($_SESSION['state'] == 1) {
$oauthClient->setToken($_GET['oauth_token'], $_SESSION['secret']);
$accessToken = $oauthClient->getAccessToken($accessTokenRequestUrl);
$_SESSION['state'] = 2;
$_SESSION['token'] = $accessToken['oauth_token'];
$_SESSION['secret'] = $accessToken['oauth_token_secret'];
header('Location: ' . $callbackUrl);
exit;
} else {
$oauthClient->setToken($_SESSION['token'], $_SESSION['secret']);
$resourceUrl = "$apiUrl/customers";
//$oauthClient->fetch($resourceUrl);
$oauthClient->fetch($resourceUrl, array(), 'GET', array('Content-Type' => 'application/xml', 'Accept' => '*/*'));
$customers = json_decode($oauthClient->getLastResponse());
print_r($customers);
}
} catch (OAuthException $e) {
print_r($e);
}
还不能发表评论,但用户是否拥有正确的角色?遇到了同样的问题,结果是一个用户不被允许访问 Magento 的部分内容。
这里有一个 Magento 文档的链接,解释了这一点:http://devdocs.magento.com/guides/m1x/api/rest/permission_settings/permission_settings.html
另外:转到“系统”>“权限”并检查用于连接到 api 的用户是否具有适当的权限。