Intuit API OAuth ApplicationAuthenticationFailed; errorCode = 003200

我正在使用this library for OAuth v1.0連接到QuickBooks Online API。我成功地使用三方認證並取回訪問令牌。我也能夠連接到大多數端點，沒有任何問題。但是，我遇到了使用URL參數連接到端點的問題。Intuit API OAuth ApplicationAuthenticationFailed; errorCode = 003200

例如，這個URL沒有問題返回：

https://sandbox-quickbooks.api.intuit.com/v3/company/123145723805019/customer/8

然而，這個URL返回與SignatureBaseString：錯誤401未經授權。

//sandbox-quickbooks.api.intuit.com/v3/company/123145723805019/query?query=select * from customer

我誤解一些關於如何訪問與URL參數端點OAuth的？任何幫助或見解將不勝感激。

工作代碼：

<cfset oAuthRequest = new com.brianflove.oauth.Request()> 
<cfset oAuthConsumer = new com.brianflove.oauth.Consumer()> 
<cfset oauthConsumer.setSecret(CONSUMER_SECRET)> 
<cfset oauthConsumer.setKey(CONSUMER_KEY)> 
<cfset oAuthRequest.setMethod("GET")> 
<cfset oAuthRequest.setUrl("https://sandbox-quickbooks.api.intuit.com/v3/company/123145723805019/customer/" & randrange(1,8))> 
<cfset oAuthRequest.setConsumer(oAuthConsumer)> 
<cfset oAuthRequest.setToken(session.token)> 

<!---use HMAC-SHA1 signature method---> 
<cfset signatureMethod = new com.brianflove.oauth.methods.HmacSha1SignatureMethod()> 

<!---sign request---> 
<cfset oAuthRequest.signWithSignatureMethod(signatureMethod=signatureMethod)> 


<!---POST using request URL---> 
<cfset httpRequest = new Http()> 
<cfset httpRequest.setUrl(oAuthRequest.getUrl())> 
<cfset httpRequest.setMethod(oAuthRequest.getMethod())> 
<cfset httpRequest.addParam(type="header", name="Authorization", value=oAuthRequest.toHeader())> 
<cfset httpRequest.addParam(type="header", name="Accept", value="application/json") /> 
<cfset httpRequest.setCharset("utf-8")> 
<cfset httpResult = httpRequest.send().getPrefix()> 

<cfdump var="#httpResult.filecontent#">

不工作代碼：

<cfset oAuthRequest = new com.brianflove.oauth.Request()> 
<cfset oAuthConsumer = new com.brianflove.oauth.Consumer()> 
<cfset oauthConsumer.setSecret(CONSUMER_SECRET)> 
<cfset oauthConsumer.setKey(CONSUMER_KEY)> 
<cfset oAuthRequest.setMethod("GET")> 
<cfset oAuthRequest.setUrl("https://sandbox-quickbooks.api.intuit.com/v3/company/123145723805019/query?query=select * from customer") /> 
<cfset oAuthRequest.setConsumer(oAuthConsumer)> 
<cfset oAuthRequest.setToken(session.token)> 

<!---use HMAC-SHA1 signature method---> 
<cfset signatureMethod = new com.brianflove.oauth.methods.HmacSha1SignatureMethod()> 

<!---sign request---> 
<cfset oAuthRequest.signWithSignatureMethod(signatureMethod=signatureMethod)> 

<!---POST using request URL---> 
<cfset httpRequest = new Http()> 
<cfset httpRequest.setUrl(oAuthRequest.getUrl())> 
<cfset httpRequest.setMethod(oAuthRequest.getMethod())> 
<cfset httpRequest.addParam(type="header", name="Authorization", value=oAuthRequest.toHeader())> 
<cfset httpRequest.addParam(type="header", name="Accept", value="application/json") /> 
<cfset httpRequest.setCharset("utf-8")> 
<cfset httpResult = httpRequest.send().getPrefix()> 

<cfdump var="#httpResult.filecontent#">

錯誤響應：

<?xml version="1.0" encoding="UTF-8" standalone="yes"?> 
<IntuitResponse time="2016-12-01T06:12:00.999-08:00" xmlns="http://schema.intuit.com/finance/v3"> 
    <Fault type="AUTHENTICATION"> 
     <Error code="3200"> 
      <Message>message=ApplicationAuthenticationFailed; errorCode=003200; statusCode=401</Message> 
      <Detail>SignatureBaseString: GET&amp;https%3A%2F%2Fsandbox-quickbooks.api.intuit.com%2Fv3%2Fcompany%2F123145723805019%2Fquery&amp;oauth_consumer_key%3DqyprdTVZH2CtDAXewG1YQKQYzUssYH%26oauth_nonce%3D420ADB0BF9EF309B785C531EEE8A7AAF%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1480601520%26oauth_token%3Dqyprd5g2WEiaxaVyI3MqeXqRvxvi26cXuauyMtFQaMZHdjVT%26oauth_version%3D1.0%26query%3Dselect%2520%252A%2520from%2520customer</Detail> 
     </Error> 
    </Fault> 
</IntuitResponse>

來源

2016-12-01 Ryan Crutchfield

OAuth等對簽名非常挑剔。只是猜測，但我懷疑，當查詢字符串參數直接包含在URL中時，簽名不能正確計算。相反，嘗試通過'addParameter（）'將參數添加到'oAuthRequest'對象。 – Leigh

@Leigh謝謝 - 我想我以前曾嘗試過，但只是爲了確保我再次嘗試使用 \t 並得到相同的回覆 –

（編輯）：好的，我目前沒有想法，但稍後我會有機會嘗試。與此同時，您是否可以發佈QB文檔的URL，以顯示您試圖複製的「客戶」示例？ – Leigh

ENCO在將查詢語句傳遞給URL之前，先查詢查詢語句。

使用下面的方法來執行編碼：

<cffunction name="encodePercent" returntype="string" access="public" 
      description="RFC 3986 encoding - keep [ALPHA, DIGIT, '-', '.', '_', '~'], %-encode the rest -> decoding '~', correctly encoding spaces('+') and '*'"> 
    <cfargument name="sValue"  required="true" type="string" hint="value to encode"> 
    <cfargument name="sEncoding" required="false" type="string" default="UTF-8" hint="encoding"> 
    <cfset var sResult = ""> 
    <!--- using javacast to call the appropriate encode method ---> 
    <cfif Len(arguments.sValue)> 
     <cfset sResult = CreateObject("java","java.net.URLEncoder"). 
          encode(JavaCast("String",arguments.sValue), JavaCast("String",arguments.sEncoding))> 
     <cfset sResult = Replace(sResult,"+","%20","all")> 
     <cfset sResult = Replace(sResult,"*","%2A","all")> 
     <cfset sResult = Replace(sResult,"%7E","~","all")> 
    </cfif> 

    <cfreturn sResult> 
</cffunction>

你可以保持「sEncoding」參數的默認值是。

來源

2016-12-02 07:03:05 Tantely

謝謝，但不工作。我嘗試了以下它會創建如下所示的URL：https：//sandbox-quickbooks.api.intuit.com/v3/company/123145723805019/query？query = select％20％2A％20from％20customer＆minorversion = 4 –

如果您檢查生成的http請求的其餘部分，它與工具的比較如何？忽略字符集，它似乎有正確的部分，並且Auth頭部看起來很相似 - 儘管「oath_xxx」參數似乎有稍微不同的順序（不確定是否重要）。 – Leigh

@Leigh如果我使用他們的API瀏覽器它顯示以下請求URI：https://sandbox-quickbooks.api.intuit.com/v3/company/123145723805019/query?query=select%20%2A%20from%20customer&minorversion= 4 Request Headers：Accept：application/json 授權：OAuth oauth_token =「************」，oauth_nonce =「77bb5009-69b1-4aad-ae3c-cb9dc66433d7」，oauth_consumer_key =「*** *********「，oauth_signature_method =」HMAC-SHA1「，oauth_timestamp =」1480686014「，oauth_version =」1.0「，oauth_signature =」w1Z％2FHSG5ETeynZ4DN2RUr％2BTFOpQ％3D「 intuit_tid：idg-ajrnbybr1pfzjregh1gzsjo2-5535777 用戶代理：APIExplorer –

Intuit API OAuth ApplicationAuthenticationFailed; errorCode = 003200

回答

相關問題