从BitBucket请求OAuth令牌 [英] Request OAuth token from BitBucket

问题描述

我一直在尝试在过去4小时内将BitBucket整合到我的应用程式中。

阅读到位桶的REST API文档，我注意到，你需要使用OAuth - 没关系，我使用JR Conlin的 OAuthSimple 库，如果我很好，我尝试了 oauth-php ，但它有点复杂 - 我不需要所有这些选项，这样小的集成）。

根据我的理解，使用OAuth进行身份验证的第一步是通过POST请求一个新令牌。当提供必要的参数，你应该从到位桶的响应，是这样的：

组oauth_token = Z6eEdO8lOmk394WozF9oJyuAv899l4llqo7hhlSLik&安培; oauth_token_secret = Jd79W4OQfb2oJTV0vzGzeXftVAwglnEJ9lumzYcl&安培; oauth_callback_confirmed = TRUE

为此，我使用cURL和OAuthSimple：

  $ key ='key_provided_by_bitbucket'; 
 $ secret ='key_provided_by_bitbucket'; 
 $ path ='https://api.bitbucket.org/1.0/oauth/request_token'; 
 
 $ PARAMS =阵列（
'oauth_consumer_key'=> $键，
'oauth_nonce'=> base_convert（mt_rand（10000，90000），10，32）。 一个，
位oauth_signature'=>'HMAC-SHA1，
位oauth_signature_method'=>'HMAC-SHA1，
位oauth_timestamp'=>时间（）， 
'oauth_callback'=> base_url（'dashboard'），
'oauth_version'=>'1.0a'
）; 
 
 $ oauth = new OAuthSimple（$ key，$ secret）; 
 $ result = $ oauth-> sign（array（
'action'=>'POST'，
'path'=> $ path，
' => $ params 
））; 
 
 //将生成的url加载到字符串
 $ ch = curl_init（$ result ['signed_url']）; 
 curl_setopt（$ ch，CURLOPT_RETURNTRANSFER，1）; 
 $ r = curl_exec（$ ch）; 
 curl_close（$ ch）; 
  

事情是，当我发送请求时，会发生以下两种情况之一：

1. 如果我发送它在这里发布，我会得到一个401错误（我可以看到通过curl_getinfo（$ ch））


2. 如果我设置curl_setopt（$ ch，CURLOPT_POST，1），我得到一个400错误的请求

（存储在 $ r 中）是一个空字符串。 signed_url 是正确组成的网址AFAIK，如下所示：

https ：？//api.bitbucket.org/1.0/oauth/request_token oauth_callback =的http％3A％2F％2Flocalhost％2Fidv&安培; oauth_consumer_key = key_provided_by_bitbucket&安培; oauth_nonce = b47a和放大器; oauth_signature = 3A1R％2FoKxTqh6Q23poaS％2BVNzhwpE％3D&安培; oauth_signature_method = HMAC-SHA1和放大器; oauth_timestamp = 1347167282&安培; oauth_version = 1.0A

如果我手动输入该地址到浏览器中我的地址栏，我会得到一个认证对话框的BitBucket API，端口443.我不能登录我的凭据，虽然。然后它会一直说无法验证OAuth请求。

我不知道我在做什么，因为这是我第一次使用OAuth。 / p>

任何帮助都感激不尽！

解决方案

问题是，

要解决此问题，您可以告诉Curl忽略SSL证书的验证：

  curl_setopt（$ ch，CURLOPT_SSL_VERIFYPEER，false）; 
  

I've been trying to integrate BitBucket to my application for the past 4 hours to no avail.

While reading through BitBucket's RESTful API documentation, I noticed that you need to use OAuth — it's OK, I'm using J.R Conlin's OAuthSimple library, which if fine by me (I tried oauth-php but it was kinda complicated — I didn't need all of those options for such a small integration).

For what I understand, the first step to authenticate with OAuth is to request a new token via POST. When providing the necessary parameters, you should get a response from BitBucket, like this:

oauth_token=Z6eEdO8lOmk394WozF9oJyuAv899l4llqo7hhlSLik&oauth_token_secret=Jd79W4OQfb2oJTV0vzGzeXftVAwglnEJ9lumzYcl&oauth_callback_confirmed=true

To do that, I'm using cURL and OAuthSimple:

$key    = 'key_provided_by_bitbucket';
$secret = 'key_provided_by_bitbucket';
$path   = 'https://api.bitbucket.org/1.0/oauth/request_token';

$params = array(
    'oauth_consumer_key'        => $key,
    'oauth_nonce'               => base_convert(mt_rand(10000, 90000), 10, 32) . 'a',
    'oauth_signature'           => 'HMAC-SHA1',
    'oauth_signature_method'    => 'HMAC-SHA1',
    'oauth_timestamp'           => time(),
    'oauth_callback'            => base_url('dashboard'),
    'oauth_version'             => '1.0a'
);

$oauth  = new OAuthSimple($key, $secret);
$result = $oauth->sign(array(
    'action'        => 'POST',
    'path'          => $path,
    'parameters'    => $params
));

// load resulting url into a string
$ch = curl_init($result['signed_url']);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$r = curl_exec($ch);
curl_close($ch);

The thing is that, when I send my request, one of two things happen:

1. If I send it like posted here, I will get a 401 error (I can see that via curl_getinfo($ch))
2. If I set curl_setopt($ch, CURLOPT_POST, 1), I get a 400 Bad request

The resulting string (stored in $r) is an empty string. The signed_url is a correctly formed URL AFAIK, which is something like this:

https://api.bitbucket.org/1.0/oauth/request_token?oauth_callback=http%3A%2F%2Flocalhost%2Fidv&oauth_consumer_key=key_provided_by_bitbucket&oauth_nonce=b47a&oauth_signature=3A1R%2FoKxTqh6Q23poaS%2BVNzhwpE%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1347167282&oauth_version=1.0a

If I enter manually that address into my address bar in a browser, I'll get an Authentication Dialog to the BitBucket API, port 443. I can't login with my credentials, though. Then it will just keep saying "Could not verify OAuth request."

I don't know what I'm doing wrong, since it's my first time using OAuth.

Any help's appreciated!

解决方案

The problem is that Curl will verify the SSL certificate.

To solve the problem you can tell Curl to ignore the verification of the SSL certificates:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

这篇关于从BitBucket请求OAuth令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！