向量api,401 http错误代码,签名不匹配.授权签名或客户凭证错误 [英] vector api, 401 http error code, Signature mismatch. Authorization signature or client credential is wrong
问题描述
我正在尝试使用在此映射矢量-平铺api .我已经从 developer.here.com 收到了我的凭据.我为HERE SDK for Android or iOS (Lite Edition)
创建了一个应用.然后,我创建了凭据,并使用here.access.key.id
作为我的密钥,并使用here.access.key.secret
作为我的秘密.
I'm trying to use the here maps vector-tiles api. I've received my credentials from developer.here.com. I created an app for HERE SDK for Android or iOS (Lite Edition)
. I then created credentials, and am using here.access.key.id
for my key and here.access.key.secret
for my secret.
我正在使用oauth-sign
npm包(大约为14.5) MM在撰写此问题时每周下载一次,因此我认为它应该可以正常运行),并附有以下代码段:
I'm using the oauth-sign
npm package (which as ~14.5MM weekly downloads at the time of writing this question, so I think it should be working properly) with the following code snippet:
import { hmacsign256 } from 'oauth-sign'
export const API_URL = 'https://account.api.here.com/oauth2/token'
export const nonceLength = 2**5
export interface TokenResponse {
AccessToken: string
TokenType: string
ExpiresIn: number
}
export const generateNonce = (length: number): string => {
let s = ''
do {
s += Math.random().toString(36).substr(2)
} while (s.length < length)
return s.substr(0, length)
}
export const fetchNewTokenFromAPI = async ({ key, secret }: { key: string, secret: string }): Promise<TokenResponse> => {
const url = API_URL
const method = 'POST'
const body = 'grant_type=client_credentials'
const auth = {
oauth_consumer_key: key,
oauth_nonce: generateNonce(nonceLength),
oauth_signature_method: 'HMAC-SHA256',
oauth_timestamp: String(Math.round(new Date().getTime() / 1000)),
oauth_version: '1.0',
}
const sig = encodeURIComponent(hmacsign256(method, API_URL, auth, key, secret))
const headers = {
'Content-Type': 'application/x-www-form-urlencoded',
'Authorization': `OAuth oauth_consumer_key="${auth['oauth_consumer_key']}",oauth_nonce="${auth['oauth_nonce']}",oauth_signature="${sig}",oauth_signature_method="HMAC-SHA256",oauth_timestamp="${auth['oauth_timestamp']}",oauth_version="1.0"`
}
const options: RequestInit = {
method,
headers,
body,
mode: 'cors',
}
const response = await fetch(url, options)
if (response.ok)
throw new Error(`expected 200 status, received ${response.status}`)
return await response.json()
}
运行该函数时,我从api中收到以下信息:
When I run that function, I recieve the following from the api:
{
"error": "invalid_client"
"errorCode": 401300
"errorId": "ERROR-32e365d0-11ce-4fff-86d7-5ca51970e017"
"error_description": "errorCode: '401300'. Signature mismatch. Authorization signature or client credential is wrong."
"httpStatus": 401
"message": "Signature mismatch. Authorization signature or client credential is wrong."
}
推荐答案
在邮递员上测试令牌生成API之后,共享CURL请求.使用者密钥和使用者密钥分别在此处.access.key.id和key.secret.签名方法:HMAC-SHA1,版本:1.0
Sharing the CURL request after testing the token generation API on postman. Consumer key and Consumer secret are here.access.key.id and key.secret respectively. signature method : HMAC-SHA1, Version : 1.0
curl -X POST \
https://account.api.here.com/oauth2/token \
-H 'Authorization: OAuth' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'Postman-Token: xxxxxxxxxxxx' \
-H 'cache-control: no-cache' \
-d grant_type=client_credentials
这篇关于向量api,401 http错误代码,签名不匹配.授权签名或客户凭证错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!