【发布时间】:2013-03-08 09:02:09
【问题描述】:
请注意
现在可以在以下 github 链接中找到有效的 Twitter Application Only Authentication Oauth PHP 库的完整实现:Twitter Application Only Authentication OAuth Php
我正在尝试让我的应用程序通过 Twitter 的仅应用程序身份验证进行身份验证。请参阅以下 URL 中的文档:
Twitter Developer Documentation fro Application-only authentication
我进入第 2 步并使用下面粘贴的代码请求不记名令牌。我收到如下回复:
HTTP/1.1 200 OK
Date: Tue, 19 Mar 2013 15:13:03 GMT
Status: 200 OK
X-Frame-Options: DENY
ETag: "6b7ec13d0ef1e9d8e0b39bec5266ba7b"
X-Runtime: 0.06008
Pragma: no-cache
Last-Modified: Tue, 19 Mar 2013 15:13:03 GMT
Content-Type: application/json; charset=utf-8
X-Transaction: 55809f2187d74c8e
X-MID: 4503f89925628df071cb1d27c3e6953709234b1b
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=10.37.190.122.1363705983314067; path=/; expires=Tue, 26-Mar-13 15:13:03 GMT; domain=.twitter.com
Set-Cookie: _twitter_sess=BAh7CSIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo%250ASGFzaHsABjoKQHVzZWR7ADoMY3NyZl9pZCIlZTI5MjJmNDI5ODY4MzM0NjAz%250AMzkwZTE2NDY5MzdiNGM6D2NyZWF0ZWRfYXRsKwhV8TWDPQE6B2lkIiU2NzEy%250AZjgzOTNjYjc4NjNhYzgwMjU2Mjc1Yzc0ZDYyMw%253D%253D--22b3f64a757c1f9f3c3ae8df9ee434848c43eee8; domain=.twitter.com; path=/; HttpOnly
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 138
Server: tfe
Set-Cookie: guest_id=v1%3A136370598331525689; Domain=.twitter.com; Path=/; Expires=Thu, 19-Mar-2015 15:13:03 UTC
‹«V*ÉÏNÍx‹/©,HU²RJJM,J-RÒQJLNN-.ŽKrű‚|sg(«¢Ê(Ô5*ÝÕÃÂGÕÈÌÃxß²(ÐÄÙ(Í4ØÍÔDÕØ¥2+È³Ô Ô¨Ê7«À«$,+ÛÃ"ß35
如您所见,返回的内容似乎返回了文档中描述的 json 字符串
HTTP/1.1 200 OK
Status: 200 OK
Content-Type: application/json; charset=utf-8
...
Content-Encoding: gzip
Content-Length: 140
{"token_type":"bearer","access_token":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA%2FAAAAAAAAAAAAAAAAAAAA%3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"}
如我们所见
‹«V*ÉÏNÍx‹/©,HU²RJJM,J-RÒQJLNN-.ŽKrű‚|sg(«¢Ê(Ô5*ÝÕÃÂGÕÈÌÃxß²(ÐÄÙ(Í4ØÍÔDÕØ¥2+È³Ô Ô¨Ê7«À«$,+ÛÃ"ß35
不等于
{"token_type":"bearer","access_token":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA%2FAAAAAAAAAAAAAAAAAAAA%3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"}
我想知道这是否可能是编码错误,或者我是否从根本上对 cURL 做错了什么。
我的代码粘贴在下面,任何帮助将不胜感激:
乔恩
<?php
// from https://dev.twitter.com/docs/auth/application-only-auth
$consumer_key = 'myconsumerkey';
$consumer_secret = 'myconsumersecret';
// step 1
// step 1.1 - url encode the consumer_key and consumer_secret in accordance with RFC 1738
$encoded_consumer_key = urlencode($consumer_key);
$encoded_consumer_secret = urlencode($consumer_secret);
// step 1.2 - concatinate encoded consumer, a colon character and the encoded consumer secr et
$bearer_token = $encoded_consumer_key.':'.$encoded_consumer_secret;
// step 1.3 - base64-encode bearer token
$base64_encoded_bearer_token = base64_encode($bearer_token);
// step 2
$url = "https://api.twitter.com/oauth2/token"; // url to send data to for authentication
$headers = array(
"POST /oauth2/token HTTP/1.1",
"Host: api.twitter.com",
"User-Agent: my Twitter App v.1",
//"Authorization: Basic ".$base64_encoded_bearer_token."",
"Authorization: Basic ".$base64_encoded_bearer_token."",
"Content-Type: application/x-www-form-urlencoded;charset=UTF-8",
"Content-Length: 29",
"Accept-Encoding: gzip"
);
$ch = curl_init(); // setup a curl
curl_setopt($ch, CURLOPT_URL,$url); // set url to send to
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); // set custom headers
curl_setopt($ch, CURLOPT_POST, 1); // send as post
curl_setopt($ch, CURLOPT_POSTFIELDS, "grant_type=client_credentials"); // post body/fields to be sent
$header = curl_setopt($ch, CURLOPT_HEADER, 1); // send custom headers
//$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$result = curl_exec($ch); // run the curl
curl_close($ch); // stop curling
?>
【问题讨论】:
-
我认为
Accept-Encoding: gzip标头可能是您的问题——您说您接受压缩后的响应,但是您不知道如何处理它……所以不要设置该标头。 -
这是问题 :D 感谢您的回复
-
这纯粹是为了代码的可读性,但是如果你使用
$bearer_token作为$encoded_consumer_key.':'.$encoded_consumer_secret的变量名,你实际上是在请求一个不记名令牌,所以是一个更好的变量名称将是$credentials和$base64cred。同样,纯粹是为了可读性。
标签: php curl twitter http-headers twitter-oauth