LinkedIn API 返回“未经授权”响应（PHP OAuth）

发布于 2024-09-06 02:54:18 字数 4269 浏览 7 评论 0原文

我已经为这个问题苦苦挣扎了好几天了。我已经设置了一个测试应用程序，可以通过 OAuth 连接到 LinkedIn。我希望能够更新用户的状态，但目前我根本无法与 LinkedIn 的 API 进行交互。

我能够成功获取 requestToken，然后获取 accessToken，但是当我向 API 发出请求时，我看到一个“未经授权”错误，如下所示：

object(OAuthException)#2 (8) { 
 ["message:protected"]=>  string(73) "Invalid auth/bad request (got a 401, expected HTTP/1.1 20X or a redirect)" 
 ["string:private"]=>  string(0) "" 
 ["code:protected"]=>  int(401) 
 ["file:protected"]=>  string(47) "/home/pmfeorg/public_html/dev/test/linkedin.php" 
 ["line:protected"]=>  int(48) 
 ["trace:private"]=>  array(1) { 
  [0]=>  array(6) { 
   ["file"]=>  string(47) "/home/pmfeorg/public_html/dev/test/linkedin.php" 
   ["line"]=>  int(48) 
   ["function"]=>  string(5) "fetch" 
   ["class"]=>  string(5) "OAuth" 
   ["type"]=>  string(2) "->" 
   ["args"]=>  array(2) { 
    [0]=>  string(35) "http://api.linkedin.com/v1/people/~" 
    [1]=>  string(3) "GET" 
   } 
  } 
 } 
 ["lastResponse"]=>  string(358) "  401  1276375790558  0000  [unauthorized]. OAU:Bhgk3fB4cs9t4oatSdv538tD2X68-1OTCBg-KKL3pFBnGgOEhJZhFOf1n9KtHMMy|48032b2d-bc8c-4744-bb84-4eab53578c11|*01|*01:1276375790:xmc3lWhXJvLSUZh4dxMtrf55VVQ= " 
 ["debugInfo"]=>  array(5) { 
 ["sbs"]=>  string(329) "GET&http%3A%2F%2Fapi.linkedin.com%2Fv1%2Fpeople%2F~&oauth_consumer_key%3DBhgk3fB4cs9t4oatSdv538tD2X68-1OTCBg-KKL3pFBnGgOEhJZhFOf1n9KtHMMy%26oauth_nonce%3D7068001084c13f2ee6a2117.22312548%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1276375790%26oauth_token%3D48032b2d-bc8c-4744-bb84-4eab53578c11%26oauth_version%3D1.0" 
 ["headers_sent"]=>  string(401) "GET /v1/people/~?GET&oauth_consumer_key=Bhgk3fB4cs9t4oatSdv538tD2X68-1OTCBg-KKL3pFBnGgOEhJZhFOf1n9KtHMMy&oauth_signature_method=HMAC-SHA1&oauth_nonce=7068001084c13f2ee6a2117.22312548&oauth_timestamp=1276375790&oauth_version=1.0&oauth_token=48032b2d-bc8c-4744-bb84-4eab53578c11&oauth_signature=xmc3lWhXJvLSUZh4dxMtrf55VVQ%3D HTTP/1.1 User-Agent: PECL-OAuth/1.0-dev Host: api.linkedin.com Accept: */*" 
 ["headers_recv"]=>  string(148) "HTTP/1.1 401 Unauthorized Server: Apache-Coyote/1.1 Date: Sat, 12 Jun 2010 20:49:50 GMT Content-Type: text/xml;charset=UTF-8 Content-Length: 358" 
 ["body_recv"]=>  string(358) "  401  1276375790558  0000  [unauthorized]. OAU:Bhgk3fB4cs9t4oatSdv538tD2X68-1OTCBg-KKL3pFBnGgOEhJZhFOf1n9KtHMMy|48032b2d-bc8c-4744-bb84-4eab53578c11|*01|*01:1276375790:xmc3lWhXJvLSUZh4dxMtrf55VVQ= " 
 ["info"]=>  string(216) "About to connect() to api.linkedin.com port 80 (#0) Trying 64.74.98.83... connected Connected to api.linkedin.com (64.74.98.83) port 80 (#0) Connection #0 to host api.linkedin.com left intact Closing connection #0 " 
 }
}

我的代码如下所示（基于 php.ini 中的 FireEagle 示例） net)：

$req_url = 'https://api.linkedin.com/uas/oauth/requestToken';
$authurl = 'https://www.linkedin.com/uas/oauth/authenticate';
$acc_url = 'https://api.linkedin.com/uas/oauth/accessToken';
$api_url = 'http://api.linkedin.com/v1/people/~';
$callback = 'http://www.pmfe.org/dev/test/linkedin.php';
$conskey = 'Bhgk3fB4cs9t4oatSdv538tD2X68-1OTCBg-KKL3pFBnGgOEhJZhFOf1n9KtHMMy';
$conssec = '####################SECRET KEY#####################';

session_start();

try {
  $oauth = new OAuth($conskey,$conssec,OAUTH_SIG_METHOD_HMACSHA1,OAUTH_AUTH_TYPE_URI);
  $oauth->enableDebug();

  if(!isset($_GET['oauth_token'])) {
    $request_token_info = $oauth->getRequestToken($req_url);
    $_SESSION['secret'] = $request_token_info['oauth_token_secret'];
    header('Location: '.$authurl.'?oauth_token='.$request_token_info['oauth_token']);
    exit;
  } else {
    $oauth->setToken($_GET['oauth_token'],$_SESSION['secret']);
    $access_token_info = $oauth->getAccessToken($acc_url);
    $_SESSION['token'] = $access_token_info['oauth_token'];
    $_SESSION['secret'] = $access_token_info['oauth_token_secret'];
  } 
    $oauth->setToken($_SESSION['token'],$_SESSION['secret']);
 $oauth->fetch($api_url, OAUTH_HTTP_METHOD_GET);

 $response = $oauth->getLastResponse();
} catch(OAuthException $E) {
  var_dump($E);
}

我已经使用 OAuth 成功建立了与 Twitter 的连接和与 Facebook 的连接，但 LinkedIn 始终无法连接到我。如果有人可以提供一些建议或指出我正确的方向，我将非常感激！

原文

I've been struggling with this one for a few days now. I've got a test app set up to connect to LinkedIn via OAuth. I want to be able to update a user's status, but at the moment I'm unable to interact with LinkedIn's API at all.

I am able to successfully get a requestToken, then an accessToken, but when I issue a request to the API, I see an 'unauthorized' error that looks something like this:

object(OAuthException)#2 (8) { 
 ["message:protected"]=>  string(73) "Invalid auth/bad request (got a 401, expected HTTP/1.1 20X or a redirect)" 
 ["string:private"]=>  string(0) "" 
 ["code:protected"]=>  int(401) 
 ["file:protected"]=>  string(47) "/home/pmfeorg/public_html/dev/test/linkedin.php" 
 ["line:protected"]=>  int(48) 
 ["trace:private"]=>  array(1) { 
  [0]=>  array(6) { 
   ["file"]=>  string(47) "/home/pmfeorg/public_html/dev/test/linkedin.php" 
   ["line"]=>  int(48) 
   ["function"]=>  string(5) "fetch" 
   ["class"]=>  string(5) "OAuth" 
   ["type"]=>  string(2) "->" 
   ["args"]=>  array(2) { 
    [0]=>  string(35) "http://api.linkedin.com/v1/people/~" 
    [1]=>  string(3) "GET" 
   } 
  } 
 } 
 ["lastResponse"]=>  string(358) "  401  1276375790558  0000  [unauthorized]. OAU:Bhgk3fB4cs9t4oatSdv538tD2X68-1OTCBg-KKL3pFBnGgOEhJZhFOf1n9KtHMMy|48032b2d-bc8c-4744-bb84-4eab53578c11|*01|*01:1276375790:xmc3lWhXJvLSUZh4dxMtrf55VVQ= " 
 ["debugInfo"]=>  array(5) { 
 ["sbs"]=>  string(329) "GET&http%3A%2F%2Fapi.linkedin.com%2Fv1%2Fpeople%2F~&oauth_consumer_key%3DBhgk3fB4cs9t4oatSdv538tD2X68-1OTCBg-KKL3pFBnGgOEhJZhFOf1n9KtHMMy%26oauth_nonce%3D7068001084c13f2ee6a2117.22312548%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1276375790%26oauth_token%3D48032b2d-bc8c-4744-bb84-4eab53578c11%26oauth_version%3D1.0" 
 ["headers_sent"]=>  string(401) "GET /v1/people/~?GET&oauth_consumer_key=Bhgk3fB4cs9t4oatSdv538tD2X68-1OTCBg-KKL3pFBnGgOEhJZhFOf1n9KtHMMy&oauth_signature_method=HMAC-SHA1&oauth_nonce=7068001084c13f2ee6a2117.22312548&oauth_timestamp=1276375790&oauth_version=1.0&oauth_token=48032b2d-bc8c-4744-bb84-4eab53578c11&oauth_signature=xmc3lWhXJvLSUZh4dxMtrf55VVQ%3D HTTP/1.1 User-Agent: PECL-OAuth/1.0-dev Host: api.linkedin.com Accept: */*" 
 ["headers_recv"]=>  string(148) "HTTP/1.1 401 Unauthorized Server: Apache-Coyote/1.1 Date: Sat, 12 Jun 2010 20:49:50 GMT Content-Type: text/xml;charset=UTF-8 Content-Length: 358" 
 ["body_recv"]=>  string(358) "  401  1276375790558  0000  [unauthorized]. OAU:Bhgk3fB4cs9t4oatSdv538tD2X68-1OTCBg-KKL3pFBnGgOEhJZhFOf1n9KtHMMy|48032b2d-bc8c-4744-bb84-4eab53578c11|*01|*01:1276375790:xmc3lWhXJvLSUZh4dxMtrf55VVQ= " 
 ["info"]=>  string(216) "About to connect() to api.linkedin.com port 80 (#0) Trying 64.74.98.83... connected Connected to api.linkedin.com (64.74.98.83) port 80 (#0) Connection #0 to host api.linkedin.com left intact Closing connection #0 " 
 }
}

My code looks like this (based on the FireEagle example from php.net):

$req_url = 'https://api.linkedin.com/uas/oauth/requestToken';
$authurl = 'https://www.linkedin.com/uas/oauth/authenticate';
$acc_url = 'https://api.linkedin.com/uas/oauth/accessToken';
$api_url = 'http://api.linkedin.com/v1/people/~';
$callback = 'http://www.pmfe.org/dev/test/linkedin.php';
$conskey = 'Bhgk3fB4cs9t4oatSdv538tD2X68-1OTCBg-KKL3pFBnGgOEhJZhFOf1n9KtHMMy';
$conssec = '####################SECRET KEY#####################';

session_start();

try {
  $oauth = new OAuth($conskey,$conssec,OAUTH_SIG_METHOD_HMACSHA1,OAUTH_AUTH_TYPE_URI);
  $oauth->enableDebug();

  if(!isset($_GET['oauth_token'])) {
    $request_token_info = $oauth->getRequestToken($req_url);
    $_SESSION['secret'] = $request_token_info['oauth_token_secret'];
    header('Location: '.$authurl.'?oauth_token='.$request_token_info['oauth_token']);
    exit;
  } else {
    $oauth->setToken($_GET['oauth_token'],$_SESSION['secret']);
    $access_token_info = $oauth->getAccessToken($acc_url);
    $_SESSION['token'] = $access_token_info['oauth_token'];
    $_SESSION['secret'] = $access_token_info['oauth_token_secret'];
  } 
    $oauth->setToken($_SESSION['token'],$_SESSION['secret']);
 $oauth->fetch($api_url, OAUTH_HTTP_METHOD_GET);

 $response = $oauth->getLastResponse();
} catch(OAuthException $E) {
  var_dump($E);
}

I've successfully set up a connection to Twitter and one to Facebook using OAuth, but LinkedIn keeps eluding me. If anyone could offer some advice or point me in the right direction, I will be extremely appreciative!

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

我乃一代侩神 2024-09-13 02:54:18

好吧，我找到了问题的根源，但现在有一个新问题：

我原来的问题是错误的 - 我根本没有获得 accessToken。问题是我在 getAccessToken 调用期间没有传递验证程序代码（在 requestToken 步骤中获得）。

所以不是这个...

$access_token_info = $oauth->getAccessToken($acc_url);

...我需要这样做...

$_SESSION['verifier'] = $_GET['oauth_verifier'];
$access_token_info = $oauth->getAccessToken($acc_url, $_SESSION['verifier'], $_SESSION['verifier']);

我希望这个信息可以帮助其他人。这是我第一次使用 OAuth，但 LinkedIn 的实施似乎非常严格。

不管怎样，现在我需要弄清楚为什么当我尝试更新我的状态时 LI 返回 401...我已经授权了该应用程序，并且可以拉取数据，但无法设置任何数据。也许 LI 的设置中隐藏了其他权限？

Well, I found the source of the problem, but there's a new problem now:

My original question was wrong - I wasn't getting an accessToken at all. The problem was that I wasn't passing the verifier code (obtained during the requestToken step) during the getAccessToken call.

So rather than this...

$access_token_info = $oauth->getAccessToken($acc_url);

...I needed to do this...

$_SESSION['verifier'] = $_GET['oauth_verifier'];
$access_token_info = $oauth->getAccessToken($acc_url, $_SESSION['verifier'], $_SESSION['verifier']);

I hope this info helps someone else out. This is the first time I've worked with OAuth, but it seems like LinkedIn has a very strict implementation.

Anyway, now I need to figure out why LI is returning a 401 when I try to update my status... I've authorized the app, and can pull data down, but am unable to set any data. Maybe there are additional permissions hidden in LI's settings somewhere?

回复收藏 0 原文