Tumblr API 博客方法返回 401“未授权”,但用户方法运行良好
因此,有一段代码使用 xAuth 身份验证来调用 tumblr API 方法:
import urllib
import urlparse
import oauth2 as oauth
consumer_key = "..."
consumer_secret = "..."
consumer = oauth.Consumer(consumer_key, consumer_secret)
client = oauth.Client(consumer)
resp, content = client.request('https://www.tumblr.com/oauth/access_token', "POST", urllib.urlencode({
'x_auth_mode': 'client_auth',
'x_auth_username': '[email protected]',
'x_auth_password': '...'
}))
token = dict(urlparse.parse_qsl(content))
print token
token = oauth.Token(token['oauth_token'], token['oauth_token_secret'])
client = oauth.Client(consumer, token)
response, data = client.request('http://api.tumblr.com/v2/blog/good.tumblr.com/followers', method='GET')
print data
它与 tumblr API 需要 OAuth 身份验证。 但当我尝试使用 OAuth 身份验证调用任何博客方法(例如 /followers)时,它会失败:
{"meta":{"status":401,"msg":"Not Authorized"},"response":[]}
除了一件事。如果我使用我的博客名称作为 {base-hostname} 参数,它可以正常工作,不会出现任何错误。 诡异的。这怎么可能?代码有问题吗?
So, there is a code that uses xAuth authentication to call tumblr API methods:
import urllib
import urlparse
import oauth2 as oauth
consumer_key = "..."
consumer_secret = "..."
consumer = oauth.Consumer(consumer_key, consumer_secret)
client = oauth.Client(consumer)
resp, content = client.request('https://www.tumblr.com/oauth/access_token', "POST", urllib.urlencode({
'x_auth_mode': 'client_auth',
'x_auth_username': '[email protected]',
'x_auth_password': '...'
}))
token = dict(urlparse.parse_qsl(content))
print token
token = oauth.Token(token['oauth_token'], token['oauth_token_secret'])
client = oauth.Client(consumer, token)
response, data = client.request('http://api.tumblr.com/v2/blog/good.tumblr.com/followers', method='GET')
print data
It works perfect with User methods from tumblr API that require OAuth authentication.
But it fails when i try to call any Blog method with OAuth authentication (/followers for example):
{"meta":{"status":401,"msg":"Not Authorized"},"response":[]}
Except one thing. If i use my blog name as {base-hostname} parameter it works without any errors.
Weird. How is that possible? Is something wrong with the code?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
那是因为您的 OAuth 访问令牌授予您访问博客的权限。 OAuth 无法授予您访问不属于您的博客方法的权限,因为这样您就可以向它们发布内容。
Well that is because your OAuth access token grants you access to your blogs. OAuth can't give you permission to access Blog methods that you do not own because then you could post to them.
当您发出 POST 请求时,enctype 必须是“multipart/form-data”。
我对 Zend_Oauth (php) 也有同样的问题,但现在已经解决了。
When you make POST request the enctype must be "multipart/form-data".
I had the same problem with Zend_Oauth (php), but is resolved now.