HTTP + JSON简单的api请求被发送为空白 [英] HTTP + JSON simple api request being sent as blank
问题描述
我正在尝试制作一个简单的API请求并且失败了。
I am trying to make a simple API request and failing miserably.
文档说这是如何发出请求:
The documentation says this is how to make the request:
POST https://api.yotpo.com/oauth/token
--------------------------------------
{
"client_id": "### Your client_id ###",
"client_secret": "### Your client_secret ###",
"grant_type": "client_credentials"
}
我试过通过HTML表单提交,只是为了测试:
I tried submitting this through an HTML form like so just to test:
<head>
<meta http-equiv="content-type" content="application/json; charset=UTF-8">
</head>
<?php
$json ='{"client_id": "creds",
"client_secret": "secret",
"grant_type": "client_credentials"}';
print_r($_POST);
?>
<form action="https://api.yotpo.com/oauth/token" enctype='application/json' method="POST">
<input type="hidden" name="post_data" <?php echo 'value="'.htmlspecialchars($json).'"'; ?> />
<input type="submit">
</form>
我被告知内容类型必须是 application / json 我已设定。
I was told that the content-type needs to be application/json which I have set.
我在我的服务器上通过PHP测试文件这样做,但我真的愿意以任何可能的方式完成这项工作,然后从那里搞清楚。
I am doing this on my server via a PHP test file but really I am open to having this work in any way possible and then figuring it out from there.
当我从当前的HTML表单提交时,页面重定向到yotpo页面,并且JSON数据显示为空白:
When I submit from my current HTML form the page redirects to yotpo page, and the JSON data appears to be blank:
{"status":{"message":"Couldn't find Account with app_key = ","code":404,"error_type":"Exceptions::RecordNotFound"}}
提交此API身份验证的最简单方法是什么?
What is the simplest way to submit this API authentication?
推荐答案
更新
应该是我的全部使用curl和php完成与api的交互?或者
使用html / jquery与api交互是安全的现在
凭证是以安全的方式生成的。
should all my interactions with the api be done using curl and php? Or is it "safe" to just use html/jquery to interact with the api now that the credentials are being generated in a safe way.
使用客户端来获取此类案例的授权是不安全的。即使在获得令牌之后,我也不会在客户端使用它们。相反,我会创建一些PHP页面/ api,javascript(ajax或其他)将调用它并完成工作!
Well its not safe to use client side for getting authorizations like this case. Even after getting token, I won't use them at client side for anything. Instead I would create some PHP pages/api, which javascript(ajax or something) will call it and get the job done!
返回access_token以JSON格式提供给我。如何在我将使用的jquery中使用
给定的访问令牌?我想
需要json_decode吗?
the return access_token is given to me in a JSON format. How can I use the given access token within the jquery i will use? I think I will need json_decode correct?
请参阅更新的代码。如果您仍想在jquery中使用 token ,请按照以下步骤操作:
Please see updated code. If you still want to use token in jquery, follow steps below:
- 创建php api,
/ auth授权和回声令牌。 - 制作一些请求(post,get)到
/ auth,这将返回token。保存并使用它。
- Create php api,
/authwhich does authorization and echoestoken. - Make some request(post, get) to
/auth, that will returntoken. Save it and use it.
问题是您的发布数据为 post_data 。所以在收到结束时,它就像 post_data = {...} ,他们没有看到apiKey。
Problem is your are posting data as post_data. So at receiving end, it will be like post_data = {...} which they are not looking at for apiKey.
在公共场合公开私钥也是不安全的。您可以使用纯PHP cURL请求获得授权。
Also it is not safe to expose private keys in public. You can use pure PHP cURL request to get authorization.
试试这个:
<?php
$json = array(
"client_id"=> "creds",
"client_secret"=> "secret",
"grant_type"=> "client_credentials"
);
$ch = curl_init( "https://api.yotpo.com/oauth/token" );
# Setup request to send json via POST.
$payload = json_encode( $json );
curl_setopt( $ch, CURLOPT_POSTFIELDS, $payload );
curl_setopt( $ch, CURLOPT_HTTPHEADER, array('Content-Type:application/json'));
# Return response instead of printing.
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
# Send request.
$result = curl_exec($ch);
curl_close($ch);
# Print response.
#echo "<pre>$result</pre>";
# use json_decode method to parse result.
$auth = json_decode($result, true);
echo $auth['access_token']; # Prints token
# For debugging, use var_dump($auth);
?>
现在你可以创建一个连接文件,它将获得授权密钥,然后所有其他php文件可以共享它。
Now you can make a connection file, which will get authorization keys, then all other php files can share it.
结帐phpfiddle示例: http ://phpfiddle.org/main/code/mpd1-swcn
Checkout phpfiddle example: http://phpfiddle.org/main/code/mpd1-swcn
这篇关于HTTP + JSON简单的api请求被发送为空白的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
