带有curl POST请求的无效客户端错误 [英] Invalid client error with curl POST request
问题描述
我在尝试从oauth端点获取访问令牌时遇到麻烦。
I'm having troubles trying to get an access token from an oauth endpoint.
我正在通过以下方式发出curl POST请求
I'm making a curl POST request in the following way
$username = 'Joe';
$password = 'Doe@#!'
$auth = 'Basic Y245Y3BleGF4aTp2ZWludGZxMmVwbGd5anU1Y2N6aGZtNmZ3OXdlNmJ=';
$headers = [
'Authorization' => $auth,
'Content-Type' => 'application/x-www-form-urlencoded',
];
$form_params = [
'username' => $username,
'password' => $password,
'grant_type' => 'password',
'scope' => 'auto'
];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://oauth.wildapricot.org/auth/token");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($form_params));
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
curl_close($ch);
return $response;
但我一直收到无效的客户端错误( $ auth 变量包含在客户端和用base 64编码的密码中)。
我曾尝试编码后场,但没有帮助。我已经硬编码了 $ auth 变量,以防 base64_encode 函数弄乱了(我用它生成了它函数之前),但它没有任何改变。
but I keep getting a invalid client error (the $auth variable consists in the client and secret encoded with base 64).
I've tried encoding the postfields but didn't help. I've hardcoded the $auth variable just in case the base64_encode function was messing it up (I generated it with that function before), but it didn't change anything.
我检查了端点是否实际上与Postman一起使用,并且确实如此。
I've checked that the endpoint was actually working with Postman and it actually is.
关于
编辑:我刚刚在代码中添加了一些调试行,这就是我所得到的(如果有帮助的话)
I've just added some debugging lines into the code and this is what I got (if that's of any help)
* Trying 34.226.77.200:443...
* TCP_NODELAY set
* Connected to oauth.wildapricot.org (34.226.77.200) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /usr/local/etc/openssl/cert.pem
CApath: /usr/local/etc/openssl/certs
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=CA; postalCode=M5J 2L7; ST=Ontario; L=Toronto; street=144 Front Street West; O=Wild Apricot Inc.; OU=PremiumSSL Wildcard; CN=*.wildapricot.org
* start date: Sep 20 00:00:00 2018 GMT
* expire date: Nov 17 23:59:59 2020 GMT
* subjectAltName: host "oauth.wildapricot.org" matched cert's "*.wildapricot.org"
* issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO RSA Organization Validation Secure Server CA
* SSL certificate verify ok.
> POST /auth/token HTTP/1.1
Host: oauth.wildapricot.org
Accept: */*
Content-Length: 76
Content-Type: application/x-www-form-urlencoded
* upload completely sent off: 76 out of 76 bytes
* Mark bundle as not supporting multiuse
< HTTP/1.1 401 Unauthorized
< Cache-Control: no-cache
< Pragma: no-cache
< Content-Length: 68
< Content-Type: application/json; charset=utf-8
< Expires: -1
< WWW-Authenticate: Basic realm="authentication required"
< X-Powered-By: ASP.NET
< Access-Control-Allow-Origin: *
< Date: Fri, 15 Nov 2019 12:29:30 GMT
< Connection: close
< X-Backend-Server: lap1wue1b-62e2
< X-LB-Server: llblue1b-5471
<
* Closing connection 0
推荐答案
该行告诉我们的身份验证存在问题:
This line tells us there's a problem with your authentication:
WWW-Authenticate:基本领域=需要身份验证
Curl为HTTP Basic身份验证提供了一种更简单的方法。尝试删除 Authorization 标头,然后设置 CURLOPT_USERPWD 选项:
Curl provides a simpler method for HTTP Basic auth. Try removing the Authorization header and setting the CURLOPT_USERPWD option instead:
curl_setopt($ ch,CURLOPT_USERPWD,$ username。:。$ password);
这篇关于带有curl POST请求的无效客户端错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
