我正在尝试访问我的 Magento 商店的 REST API,但我似乎无法获取访问令牌。我不断收到
400 Bad Request (OAuth::Unauthorized)
错误。
这是我正在使用的代码:
require 'oauth'
require 'mechanize'
@m = Mechanize.new
@title = @m.get('http://178.62.173.99/').title
@callback_url = 'http://178.62.173.99/'
@consumer = OAuth::Consumer.new(
'b3ba0db944d1ad0d416329844734db54',
'38fedbc5cdeed7803547b24a0980c834',
:request_token_path => '/oauth/initiate',
:authorize_path=>'/admin/oauth_authorize',
:access_token_path=>'/oauth/token',
:site => 'http://178.62.173.99'
)
@session = {}
@request_token = @consumer.get_request_token(:oauth_callback => @callback_url)
@session[:request_token] = @request_token
@session[:authorize_url] = @request_token.authorize_url(:oauth_callback => @callback_url)
@m.get(@session[:authorize_url]) do |login_page|
auth_page = login_page.form_with(:action => 'http://178.62.173.99/index.php/admin/oauth_authorize/index/') do |form|
form.elements[1].value = 'admin'
form.elements[2].value = 'goodfood88'
end.submit
authorize_form = auth_page.forms[0]
callback_page = authorize_form.submit
puts 'Successfully authorized application' unless callback_page.title != @title
end
@access_token = @request_token.get_access_token
它返回以下内容:
Successfully authorized application
/Users/narzero/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/oauth-0.4.7/lib/oauth/consumer.rb:216:in `token_request': 400 Bad Request (OAuth::Unauthorized)
from /Users/narzero/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/oauth-0.4.7/lib/oauth/tokens/request_token.rb:18:in `get_access_token'
from six.rb:37:in `<main>'
我已将重要数据存储到哈希中,这是它返回的内容:
@session
# => {:request_token=>
#<OAuth::RequestToken:0x007fe923161c00
@consumer=
#<OAuth::Consumer:0x007fe924083350
@http=#<Net::HTTP 178.62.173.99:80 open=false>,
@http_method=:post,
@key="b3ba0db944d1ad0d416329844734db54",
@options=
{:signature_method=>"HMAC-SHA1",
:request_token_path=>"/oauth/initiate",
:authorize_path=>"/admin/oauth_authorize",
:access_token_path=>"/oauth/token",
:proxy=>nil,
:scheme=>:header,
:http_method=>:post,
:oauth_version=>"1.0",
:site=>"http://178.62.173.99"},
@secret="38fedbc5cdeed7803547b24a0980c834">,
@params=
{:oauth_token=>"1bae7ce87f68d2090f131e7f3b98b26c",
"oauth_token"=>"1bae7ce87f68d2090f131e7f3b98b26c",
:oauth_token_secret=>"78921fcd23f6fa41356d56afadd8b1af",
"oauth_token_secret"=>"78921fcd23f6fa41356d56afadd8b1af",
:oauth_callback_confirmed=>"true",
"oauth_callback_confirmed"=>"true"},
@secret="78921fcd23f6fa41356d56afadd8b1af",
@token="1bae7ce87f68d2090f131e7f3b98b26c">,
:authorize_url=>
"http://178.62.173.99/admin/oauth_authorize?oauth_callback=http%3A%2F%2F178.62.173.99%2F&oauth_token=1bae7ce87f68d2090f131e7f3b98b26c"}
我可以尝试什么来获取访问令牌?
立即重新生成您的 API 令牌/秘密,并且不再公开发布它们。问题是您正在针对您自己的站点而不是 Magneto 的服务器发出 OAuth 请求。看看你的代码。没有一个对外部 URL 的引用。 OAuth::Consumer 构造函数调用中的站点参数设置为您自己的站点。这应该设置为 Magneto API OAuth 提供商的主机。
这是我编写的一个 Ruby 模块,用于为 Magento REST API 创建访问令牌:
module Token
def create_consumer
OAuth::Consumer.new(
CONSUMER_KEY,
CONSUMER_SECRET,
:request_token_path => '/oauth/initiate',
:authorize_path=>'/admin/oauth_authorize',
:access_token_path=>'/oauth/token',
:site => URL
)
end
def request_token(args = {})
args[:consumer].get_request_token(:oauth_callback => URL)
end
def get_authorize_url(args = {})
args[:request_token].authorize_url(:oauth_callback => URL)
end
def authorize_application(args = {})
m = Mechanize.new
m.get(args[:authorize_url]) do |login_page|
auth_page = login_page.form_with(:action => "#{URL}/index.php/admin/oauth_authorize/index/") do |form|
form.elements[1].value = ADMIN_USERNAME
form.elements[2].value = ADMIN_PASSWORD
end.submit
authorize_form = auth_page.forms[0]
@callback_page = authorize_form.submit
end
@callback_page.uri.to_s
end
def extract_oauth_verifier(args = {})
callback_page = "#{args[:callback_page]}".gsub!("#{URL}/?", '')
callback_page_query_string = CGI::parse(callback_page)
callback_page_query_string['oauth_verifier'][0]
end
def get_access_token(args = {})
args[:request_token].get_access_token(:oauth_verifier => args[:oauth_verifier])
end
def save_tokens_to_json(args = {})
auth = {}
auth[:time] = Time.now
auth[:token] = args[:access_token].token
auth[:secret] = args[:access_token].secret
File.open("#{args[:path]}#{args[:filename]}.json", 'w') {|f| f.write(auth.to_json)}
auth
end
def get_new_access_tokens
new_consumer = self.create_consumer
new_request_token = self.request_token(consumer: new_consumer)
new_authorize_url = self.get_authorize_url(request_token: new_request_token)
authorize_new_application = self.authorize_application(authorize_url: new_authorize_url)
extract_new_oauth_verifier = self.extract_oauth_verifier(callback_page: authorize_new_application)
new_access_token = self.get_access_token(request_token: new_request_token, oauth_verifier: extract_new_oauth_verifier)
save_tokens_to_json(filename: 'magento_oauth_access_tokens', path: '/', access_token: new_access_token)
return 'Successfully obtained new access tokens.'
end
end
运行
#get_new_access_tokens
获取访问令牌。
不要忘记定义以下变量: