如何获取Magento REST API的OAuth访问令牌?
我正在尝试访问我的Magento商店的REST API,但我似乎“似乎获得了访问令牌。 我一直收到400 Bad Request (OAuth::Unauthorized)错误。
这是我正在使用的代码:
require 'oauth' require 'mechanize' @m = Mechanize.new @title = @m.get('http://178.62.173.99/').title @callback_url = 'http://178.62.173.99/' @consumer = OAuth::Consumer.new( 'b3ba0db944d1ad0d416329844734db54', '38fedbc5cdeed7803547b24a0980c834', :request_token_path => '/oauth/initiate', :authorize_path=>'/admin/oauth_authorize', :access_token_path=>'/oauth/token', :site => 'http://178.62.173.99' ) @session = {} @request_token = @consumer.get_request_token(:oauth_callback => @callback_url) @session[:request_token] = @request_token @session[:authorize_url] = @request_token.authorize_url(:oauth_callback => @callback_url) @m.get(@session[:authorize_url]) do |login_page| auth_page = login_page.form_with(:action => 'http://178.62.173.99/index.php/admin/oauth_authorize/index/') do |form| form.elements[1].value = 'admin' form.elements[2].value = 'goodfood88' end.submit authorize_form = auth_page.forms[0] callback_page = authorize_form.submit puts 'Successfully authorized application' unless callback_page.title != @title end @access_token = @request_token.get_access_token
它返回以下内容:
Successfully authorized application /Users/narzero/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/oauth-0.4.7/lib/oauth/consumer.rb:216:in `token_request': 400 Bad Request (OAuth::Unauthorized) from /Users/narzero/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/oauth-0.4.7/lib/oauth/tokens/request_token.rb:18:in `get_access_token' from six.rb:37:in `'
我已将重要数据存储到Hash中,这是它返回的内容:
@session # => {:request_token=> #<OAuth::RequestToken:0x007fe923161c00 @consumer= #<OAuth::Consumer:0x007fe924083350 @http=#, @http_method=:post, @key="b3ba0db944d1ad0d416329844734db54", @options= {:signature_method=>"HMAC-SHA1", :request_token_path=>"/oauth/initiate", :authorize_path=>"/admin/oauth_authorize", :access_token_path=>"/oauth/token", :proxy=>nil, :scheme=>:header, :http_method=>:post, :oauth_version=>"1.0", :site=>"http://178.62.173.99"}, @secret="38fedbc5cdeed7803547b24a0980c834">, @params= {:oauth_token=>"1bae7ce87f68d2090f131e7f3b98b26c", "oauth_token"=>"1bae7ce87f68d2090f131e7f3b98b26c", :oauth_token_secret=>"78921fcd23f6fa41356d56afadd8b1af", "oauth_token_secret"=>"78921fcd23f6fa41356d56afadd8b1af", :oauth_callback_confirmed=>"true", "oauth_callback_confirmed"=>"true"}, @secret="78921fcd23f6fa41356d56afadd8b1af", @token="1bae7ce87f68d2090f131e7f3b98b26c">, :authorize_url=> "http://178.62.173.99/admin/oauth_authorize?oauth_callback=http%3A%2F%2F178.62.173.99%2F&oauth_token=1bae7ce87f68d2090f131e7f3b98b26c"}
我可以尝试获取访问令牌?
立即重新生成您的API令牌/秘密,绝不再公开发布。 问题是您正在针对您自己的网站发出OAuth请求,而不是Magneto的服务器。 看看你的代码。 没有对外部URL的引用。 OAuth :: Consumer构造函数调用中的site参数设置为您自己的站点。 这应该设置为Magneto API OAuth提供程序的主机。
这是我编写的Ruby模块,用于为Magento REST API创建访问令牌:
module Token def create_consumer OAuth::Consumer.new( CONSUMER_KEY, CONSUMER_SECRET, :request_token_path => '/oauth/initiate', :authorize_path=>'/admin/oauth_authorize', :access_token_path=>'/oauth/token', :site => URL ) end def request_token(args = {}) args[:consumer].get_request_token(:oauth_callback => URL) end def get_authorize_url(args = {}) args[:request_token].authorize_url(:oauth_callback => URL) end def authorize_application(args = {}) m = Mechanize.new m.get(args[:authorize_url]) do |login_page| auth_page = login_page.form_with(:action => "#{URL}/index.php/admin/oauth_authorize/index/") do |form| form.elements[1].value = ADMIN_USERNAME form.elements[2].value = ADMIN_PASSWORD end.submit authorize_form = auth_page.forms[0] @callback_page = authorize_form.submit end @callback_page.uri.to_s end def extract_oauth_verifier(args = {}) callback_page = "#{args[:callback_page]}".gsub!("#{URL}/?", '') callback_page_query_string = CGI::parse(callback_page) callback_page_query_string['oauth_verifier'][0] end def get_access_token(args = {}) args[:request_token].get_access_token(:oauth_verifier => args[:oauth_verifier]) end def save_tokens_to_json(args = {}) auth = {} auth[:time] = Time.now auth[:token] = args[:access_token].token auth[:secret] = args[:access_token].secret File.open("#{args[:path]}#{args[:filename]}.json", 'w') {|f| f.write(auth.to_json)} auth end def get_new_access_tokens new_consumer = self.create_consumer new_request_token = self.request_token(consumer: new_consumer) new_authorize_url = self.get_authorize_url(request_token: new_request_token) authorize_new_application = self.authorize_application(authorize_url: new_authorize_url) extract_new_oauth_verifier = self.extract_oauth_verifier(callback_page: authorize_new_application) new_access_token = self.get_access_token(request_token: new_request_token, oauth_verifier: extract_new_oauth_verifier) save_tokens_to_json(filename: 'magento_oauth_access_tokens', path: '/', access_token: new_access_token) return 'Successfully obtained new access tokens.' end end
运行#get_new_access_tokens以获取访问令牌。
不要忘记定义以下变量:
- CONSUMER_KEY
- CONSUMER_SECRET
- url
- ADMIN_USERNAME
- ADMIN_PASSWORD