当我尝试从Java中获取Magento的数据时,我收到了Signature无效问题 . 我的代码出了什么问题:
public class MagentoFacade {
final String MAGENTO_API_KEY = "apikey";
final String MAGENTO_API_SECRET = "apisecret";
final String MAGENTO_REST_API_URL = "urlmagento/api/rest";
public void testMethod() {
OAuthService service = new ServiceBuilder()
.provider(MagentoThreeLeggedOAuth.class)
.apiKey(MAGENTO_API_KEY)
.apiSecret(MAGENTO_API_SECRET)
.debug()
.build();
System.out.println("" + service.getVersion());
// start
Scanner in = new Scanner(System.in);
System.out.println("Magento's OAuth Workflow");
System.out.println();
// Obtain the Request Token
System.out.println("Fetching the Request Token...");
Token requestToken = service.getRequestToken();
System.out.println("Got the Request Token!");
System.out.println();
// Obtain the Authorization URL
System.out.println("Fetching the Authorization URL...");
String authorizationUrl = service.getAuthorizationUrl(requestToken);
System.out.println("Got the Authorization URL!");
System.out.println("Now go and authorize Main here:");
System.out.println(authorizationUrl);
System.out.println("And paste the authorization code here");
System.out.print(">>");
Verifier verifier = new Verifier(in.nextLine());
System.out.println();
System.out.println("Trading the Request Token for an Access Token...");
Token accessToken = service.getAccessToken(requestToken, verifier);
System.out.println("Got the Access Token!");
System.out.println("(if your curious it looks like this: "
+ accessToken + " )");
System.out.println();
OAuthRequest request = new OAuthRequest(Verb.GET, MAGENTO_REST_API_URL+ "/products?limit=2");
service.signRequest(accessToken, request);
Response response = request.send();
System.out.println();
System.out.println(response.getCode());
System.out.println(response.getBody());
System.out.println();
}
public static void main(String[] args) {
MagentoFacade mf = new MagentoFacade();
mf.testMethod();
}
}
public final class MagentoThreeLeggedOAuth extends DefaultApi10a {
private static final String BASE_URL = "urltoMagento/";
@Override
public String getRequestTokenEndpoint() {
return BASE_URL + "oauth/initiate";
}
@Override
public String getAccessTokenEndpoint() {
return BASE_URL + "oauth/token";
}
@Override
public String getAuthorizationUrl(Token requestToken) {
return BASE_URL + "richard/oauth_authorize?oauth_token="
+ requestToken.getToken(); //this implementation is for admin roles only...
}
}
签名是:NnRaB73FqCcFAAVB4evZtGkWE3k =所附额外的OAuth参数:{oauth_callback - > OOB,oauth_signature - > NnRaB73FqCcFAAVB4evZtGkWE3k =,oauth_version - > 1.0,oauth_nonce - > 753236685,oauth_signature_method - > HMAC-SHA1,oauth_consumer_key - > ptrij1xt8tjisjb6kmdqed2v4rpla8av,oauth_timestamp - > 1359710704}使用Http Header签名发送请求...响应状态码:401响应正文:oauth_problem = signature_invalid&debug_sbs = MCe / RB8 / GNuqV0qku00ubepc / Sc =线程“main”中的异常org.scribe.exceptions.OAuthException:响应正文不正确 . 无法从中提取令牌和秘密:org.scribe.extractors.TokenExtractorImpl中的'oauth_problem = signature_invalid&debug_sbs = MCe / RB8 / GNuqV0qku00ubepc / Sc ='at org.scribe.extractors.TokenExtractorImpl.extract(TokenExtractorImpl.java:41) . 在magento.MagentoFacade.main的magento.MagentoFacade.testMethod(MagentoFacade.java:39)的org.scribe.oauth.OAuth10aServiceImpl.getRequestToken(OAuth10aServiceImpl.java:52)中提取(TokenExtractorImpl.java:27)(MagentoFacade.java:73 )
2 回答
我可能会给你一个答案,但在你的情况下它可能不起作用 . 我努力找出为什么我的本地机器上的签名无效 .
事实证明,在Mage_Oauth_Model_Server :: _ validateSignature()中计算签名时,Magento构建请求URI部分 with the URL port path trimmed :
$this->_request->getHttpHost()
就我而言,本地网络服务器在端口81上运行,因此我的签名与Magento无法匹配 . 通过将
false
参数传递给getHttpHost
方法,您可以保持阻止端口修剪 .我知道这是非常具体的,但我失去了所有头发,弄清楚为什么所以我需要分享它 . 谁知道,也许这可能会有所帮助 .
干杯Bouni
我只想在Postman中添加它,我只需添加另一个getHttpHost的urlparameter,其值为false,并且也可以 . 我和他一起战斗了一整天 . 我希望这能节省别人的时间 .