1
我一直在尋找從Livecoding.tv獲取一些數據,並且我正在重新使用我用於抽動API的Oauth2控制器,這應該是非常簡單的。Laravel的冒險和表單+基本身份驗證問題
如果有人不知道,已由OAuth使用的流程如下:
重定向用戶第三方OAuth連接你的應用程序代碼。
用戶授權。
用戶重定向到您的網站再次,經過授權的令牌,然後你可以發佈到第三方,讓您刷新令牌等
現在在步驟3中,我遇到了一些問題。這裏是由顯影劑中的說明和示例:
獲取令牌:https://www.livecoding.tv/o/token/
部首
甲HTTP基本認證,使用application_code如用戶名,和application_secret如密碼,如在下面的例子。
POST身體
code=EXAMPLE Token gotten from redirect
grant_type=Your grant type (authorization_type)
redirect_uri=Your redirect URL
這裏是從工作捲曲請求的文檔的例子捲曲請求。
curl -X POST -d "grant_type=authorization_code&code=Php4iJpXGpDT8lCqgBcbfQ2yzhB0Av&client_id=vCk6rNsC&redirect_uri=http://localhost/externalapp" -u"vCk6rNsC:sfMxcHUuNnZ" https://www.livecoding.tv/o/token/
所以我試圖讓這個在郵差(https://www.getpostman.com/),其工作開箱,我接着問郵遞員將其轉換爲PHP,看看是否我已經錯過了什麼。這裏是工作的郵差請求的結果:
<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "https://www.livecoding.tv/o/token/",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "code=SOMECODE&client_id=SOMECLIENTID&redirect_uri=SOMEURL&grant_type=authorization_code",
CURLOPT_HTTPHEADER => array(
"authorization: Basic U09NRVVTRVI6U09NRVBBU1NXT1JE",
"cache-control: no-cache",
"content-type: application/x-www-form-urlencoded",
"postman-token: c8df4bbc-cbd0-73eb-df35-80210989db33"
),
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
我很高興這工作了向右走,所以我只是需要做出狂飲客戶做同樣的,已經工作了抽搐的Oauth,這裏是我的代碼:
{
$providers = ServiceProvider::findOrFail(2);
$client = new Client([
'base_uri' => $providers->oauth_url . '/token/',
'form_params' => [
'code' => $token,
'grant_type' => 'authorization_code',
'client_id' => $providers->application_code,
'redirect_uri' => $providers->redirection_url
],
'auth' => [
'somestring',
'someotherstring',
],
'headers' => [
'Content type' => 'application/x-www-form-urlencoded',
'cache-control' => 'no-cache'
]
]);
$response = $client->request('POST');
return ($response);
}
這將只返回給我一個401的,所以我決定做一些調試,並在這裏是來請求,如果我阻止它被送到右前:
Client {#637 ▼
-config: array:10 [▼
"base_uri" => Uri {#676 ▼
-scheme: "https"
-userInfo: ""
-host: "www.livecoding.tv"
-port: null
-path: "/o/token/"
-query: ""
-fragment: ""
}
"form_params" => array:4 [▼
"code" => "SOMECODE"
"grant_type" => "authorization_code"
"client_id" => "SOMECLIENTID"
"redirect_uri" => "http://REDIRECTURI"
]
"auth" => array:2 [▼
0 => "SOMECLIENTID"
1 => "SOMECLIENTSECRET"
]
"headers" => array:3 [▼
"Content type" => "application/x-www-form-urlencoded"
"cache-control" => "no-cache"
"User-Agent" => "GuzzleHttp/6.2.1 curl/7.26.0 PHP/5.6.27-1~dotdeb+7.1"
]
"handler" => HandlerStack {#664 ▼
-handler: Closure {#671 ▼
class: "GuzzleHttp\Handler\Proxy"
parameters: {▼
$request: {▼
typeHint: "Psr\Http\Message\RequestInterface"
}
$options: {▼
typeHint: "array"
}
}
use: {▼
$default: Closure {#669 ▼
class: "GuzzleHttp\Handler\Proxy"
parameters: {▼
$request: {▼
typeHint: "Psr\Http\Message\RequestInterface"
}
$options: {▼
typeHint: "array"
}
}
use: {▼
$default: CurlMultiHandler {#634 ▼
-factory: CurlFactory {#667 ▼
-handles: []
-maxHandles: 50
}
-selectTimeout: 1
-active: null
-handles: []
-delays: []
}
$sync: CurlHandler {#666 ▼
-factory: CurlFactory {#665 ▼
-handles: []
-maxHandles: 3
}
}
}
file: "/LARAVELPATH/vendor/guzzlehttp/guzzle/src/Handler/Proxy.php"
line: "25 to 29"
}
$streaming: StreamHandler {#670 ▼
-lastHeaders: []
}
}
file: "LARAVELPATH/vendor/guzzlehttp/guzzle/src/Handler/Proxy.php"
line: "49 to 53"
}
-stack: array:4 [▼
0 => array:2 [▼
0 => Closure {#672 ▼
class: "GuzzleHttp\Middleware"
parameters: {▶}
file: "LARAVELPATH/vendor/guzzlehttp/guzzle/src/Middleware.php"
line: "54 to 69"
}
1 => "http_errors"
]
1 => array:2 [▼
0 => Closure {#673 ▼
class: "GuzzleHttp\Middleware"
parameters: {▶}
file: "LARAVELPATH/vendor/guzzlehttp/guzzle/src/Middleware.php"
line: "148 to 150"
}
1 => "allow_redirects"
]
2 => array:2 [▼
0 => Closure {#674 ▼
class: "GuzzleHttp\Middleware"
parameters: {▶}
file: "LARAVELPATH/vendor/guzzlehttp/guzzle/src/Middleware.php"
line: "27 to 43"
}
1 => "cookies"
]
3 => array:2 [▼
0 => Closure {#675 ▼
class: "GuzzleHttp\Middleware"
parameters: {▶}
file: "LARAVELPATH/vendor/guzzlehttp/guzzle/src/Middleware.php"
line: "216 to 218"
}
1 => "prepare_body"
]
]
-cached: null
}
"allow_redirects" => array:5 [▼
"max" => 5
"protocols" => array:2 [▼
0 => "http"
1 => "https"
]
"strict" => false
"referer" => false
"track_redirects" => false
]
"http_errors" => true
"decode_content" => true
"verify" => true
"cookies" => false
]
}
正如你在這裏可以看到的,在這裏只有一個叫'auth'的參數,而不是在Guzzle這裏記錄的基本認證:http://docs.guzzlephp.org/en/latest/request-options.html#auth
雖然我會提到輸入正確的值。
對於我剛剛做的調試dd($client),我不知道這是否會給我所有的答案?
所以,另一種可能性是base64編碼它(就像它在基本身份驗證一般),並手動添加一個「授權」頭,我試過了,但我不知道如果我正確地做它,當我做:
$credentials = base64_encode($clientvariable . ':' . $clientsecretvariable)
這是正確的方法?雖然我寧願使用這個作爲最後的手段,如果我沒有得到auth參數在Guzzle中工作。
我知道關於Guzzle和基本身份驗證的其他Stackoverflow問題,是的,我已閱讀它們,希望我已提供足夠的信息來顯示。