使用Oauth＆curl創建產品

Question

我試圖使用RESTful Api創建產品。使用RESTCLIENT firefox插件實現此功能，但使用腳本失敗。我可以列出產品但我不能使用腳本創建產品。獲取訪問被拒絕的錯誤。誰能幫我？

這是我的腳本。

$url = 'http://magento.com/api/rest/products'; 
$method = 'POST'; 

# headers and data (this is API dependent, some uses XML) 
$headers = array(
'Accept: application/json', 
'Content-Type: application/json', 
'oauth_signature_method : HMAC-SHA1', 
'oauth_nonce : ilJuravy9KVYm6R', 
'oauth_timestamp : 1363848967', 
'oauth_consumer_key : xxx', 
'oauth_consumer_secret : yyy', 
'oauth_token : zzz', 
'oauth_token_secret : xyz', 
'oauth_signature : 4admodOkAj2pKwhO5Tk6TEjc7Rg%3D', 
'oauth_verifier: mrr1350pp0j8hiyv31kzxhko97hyyuwx', 
'oauth_version : 1.0', 
); 
$data = json_encode(
array(
    'type_id'   => 'simple', 
    'attribute_set_id' => 4, 
    'sku'    => 'simple' . uniqid(), 
    'weight'   => 1, 
    'status'   => 1, 
    'visibility'  => 4, 
    'name'    => 'Simple Product', 
    'description'  => 'Simple Description', 
    'short_description' => 'Simple Short Description', 
    'price'    => 99.95, 
    'tax_class_id'  => 0, 
) 
); 

$handle = curl_init(); 
curl_setopt($handle, CURLOPT_URL, $url); 
curl_setopt($handle, CURLOPT_HTTPHEADER, $headers); 
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true); 
curl_setopt($handle, CURLOPT_SSL_VERIFYHOST, false); 
curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, false); 

switch($method) { 
case 'GET': 
break; 
case 'POST': 
curl_setopt($handle, CURLOPT_POST, true); 
curl_setopt($handle, CURLOPT_POSTFIELDS, $data); 
break; 
case 'PUT': 
curl_setopt($handle, CURLOPT_CUSTOMREQUEST, 'PUT'); 
curl_setopt($handle, CURLOPT_POSTFIELDS, $data); 
break; 
case 'DELETE': 
curl_setopt($handle, CURLOPT_CUSTOMREQUEST, 'DELETE'); 
break; 
} 

echo $response = curl_exec($handle); 
echo $code = curl_getinfo($handle, CURLINFO_HTTP_CODE); 

Answer 1

必須生成3以下的事情提和其他東西都是靜態的像oauth_consumer_key，組oauth_token等

1.timestmap 2.signature 3.nonce

我已經生成的所有事情見下面的代碼。

$nonce = substr(md5(uniqid('nonce_', true)),0,16); 
$temprealm="http://magentohost/api/rest/products"; 
$realm=urlencode($temprealm); 
$oauth_version="1.0"; 
$oauth_signature_method="HMAC-SHA1"; 
$oauth_consumer_key="lro2hnoh3c8luvhcr49j6qgygmyvw7e3"; 
$oauth_access_token="xbqe4wnu3zv357gimpdnuejvcbtk51ni"; 
$oauth_method="GET"; 
$oauth_timestamp=time(); 
$algo="sha1"; 
$key="sb88hfdihyg25ipt1by559yzbj2m3861&s7uhaheu8nrx961oxg6uc3os4zgyc2tm"; //consumer secret & token secret //Both are used in generate signature 
$data="oauth_consumer_key=".$oauth_consumer_key."&oauth_nonce=".$nonce."&oauth_signature_method=".$oauth_signature_method."&oauth_timestamp=".$oauth_timestamp."&oauth_token=".$oauth_access_token."&oauth_version=".$oauth_version; 

$send_data=$oauth_method."&".$realm."&".urlencode($data); 
$sign=hash_hmac($algo,$send_data,$key,1); // consumer key and token secrat used here 
$fin_sign=base64_encode($sign); 
$curl = curl_init(); 



curl_setopt($curl,CURLOPT_HTTPHEADER,array('Authorization : OAuth realm='.$realm.', oauth_version="1.0", oauth_signature_method="HMAC-SHA1", oauth_nonce="'.$nonce.'", oauth_timestamp="'.$oauth_timestamp.'", oauth_consumer_key='.$oauth_consumer_key.', oauth_token='.$oauth_access_token.', oauth_signature="'.$fin_sign.'"')); 

curl_setopt ($curl, CURLOPT_URL,$temprealm); 
$xml=curl_exec($curl);