doubiao7410 2011-09-29 13:47
浏览 67
已采纳

谷歌API 2支持Oauth:“令牌无效 - 无效的AuthSub令牌。”

I've based my code on http://gdatatips.blogspot.com/2008/11/2-legged-oauth-in-php.html.

Here's my code, I want to work with the Google Doc (Document List) API :

        $endpoint = 'https://www.google.com/accounts/OAuthGetRequestToken';
        $consumer = new OAuthConsumer(GOOGLE_API_DOCLIST_CONSUMER_KEY, GOOGLE_API_DOCLIST_CONSUMER_SECRET, NULL);

        $arrParams = array(
                    'scope' => 'https://docs.google.com/feeds/'
                    ,'xoauth_requestor_id' => GOOGLE_API_DOCLIST_USER_EMAIL
                    );
        $req = OAuthRequest::from_consumer_and_token($consumer, NULL, "GET", $endpoint, $arrParams);
        $req->sign_request(new OAuthSignatureMethod_HMAC_SHA1(), $consumer, null);


        $curl = new Auth_Curl();
        $content = $curl->request($req->to_url());


        $docAPI = new GoogleAPI_DocumentList(new Auth_Curl(), $req->to_header());

        var_dump($req->to_header());
        echo '<br />-- Getting Collections list';

        $url = 'https://docs.google.com/feeds/default/private/full/-/folder' . '?xoauth_requestor_id=' . GOOGLE_API_DOCLIST_USER_EMAIL;
        $raw = $docAPI->getCollectionList($url);
        var_dump($raw);
        die();

I constantly get:

Token invalid - Invalid AuthSub token.

What am I doing wrong ?

Edit: Here's some "hints":

  • They seem to mix the API endpoint and the base feed. I've put the OAuthGetRequestToken for the endpoint. It seem to generate a valid response.
  • I've kept it, but I'm not sure that the xoauth_requestor_id is required.
  • The documentation tells us to use space to separate the parameters in the Authorization header. the library use comma.
  • 写回答

1条回答 默认 最新

  • douyan1244 2011-09-30 17:55
    关注

    Here's the corrected code:

        $endpoint = 'https://docs.google.com/feeds/default/private/full/-/folder';
    $consumer = new OAuthConsumer(GOOGLE_API_DOCLIST_CONSUMER_KEY, GOOGLE_API_DOCLIST_CONSUMER_SECRET, NULL);

    $arrParams = array(
                'xoauth_requestor_id' => GOOGLE_API_DOCLIST_USER_EMAIL
                );
    $req = OAuthRequest::from_consumer_and_token($consumer, NULL, "GET", $endpoint, $arrParams);
    $req->sign_request(new OAuthSignatureMethod_HMAC_SHA1(), $consumer, null);

    $docAPI = new GoogleAPI_DocumentList(new Auth_Curl(), $req->to_header());

    var_dump($req->to_header());
    echo '<br />-- Getting Collections list';

    $url = 'https://docs.google.com/feeds/default/private/full/-/folder' . '?xoauth_requestor_id=' . GOOGLE_API_DOCLIST_USER_EMAIL;
    $raw = $docAPI->getCollectionList($url);
    var_dump($raw);
    die();
    • The API and EndPoint were not mixed. On OAuth v1.0, you don't ask the server to generate a token to be used in the authorization header, the authorization header is generated 100% locally. ( I think the URL is used at some point to render the authorization header )
    • As you don't generate an access_token, you don't need to define a scope.
    • Make sure you have a business account
      • Only business account allow you to activate 2 legged Authentication.
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 kafka 分区副本增加会导致消息丢失或者不可用吗?
  • ¥15 微信公众号自制会员卡没有收款渠道啊
  • ¥15 stable diffusion
  • ¥100 Jenkins自动化部署—悬赏100元
  • ¥15 关于#python#的问题:求帮写python代码
  • ¥20 MATLAB画图图形出现上下震荡的线条
  • ¥15 关于#windows#的问题:怎么用WIN 11系统的电脑 克隆WIN NT3.51-4.0系统的硬盘
  • ¥15 perl MISA分析p3_in脚本出错
  • ¥15 k8s部署jupyterlab,jupyterlab保存不了文件
  • ¥15 ubuntu虚拟机打包apk错误