无法使 OAuth 在 Drupal 6 / Services 3 中工作
我正在开发一个项目,客户要求我使用 OAuth 来保护我构建的一些自定义服务。我已经在不使用身份验证和会话身份验证的情况下使一切正常工作,但使用 OAuth 会使整个事情崩溃。我还没有找到任何真正好的分步教程。
基本上我已经在 D6 上安装了 Services 6.x-3.1 和 OAuth 6.x-3.0-beta4 模块。我使用本文档创建了一个oauth上下文。然后我设置了一个虚拟用户,因为我只想为所有客户创建一组消费者凭据。我将上下文分配给用户和服务。我使用 http://mydomain/oauth/authorized 作为回调网址。
为了测试我使用 http://term.ie/oauth/example/client.php 进行连接。我使用端点http://mydomain/oauth/request_token。我将响应令牌添加到适当的字段。然后我将端点更改为 http://mydomain/oauth/authorize。它会将我带到一个页面,我必须单击该页面才能允许连接。我被带到 http://mydomain/oauth/authorized 页面,在那里我收到一条成功消息。
现在,我将端点更改为 http://mydomain/oauth/access_token 并收到带有新令牌的响应。根据这些说明,我替换了新的访问令牌并将端点更改为http:// /mydomain/myserviceendpoint。它使用 GET 请求进行连接并返回
401 Unauthorized:消费者无权访问此内容 服务。
感觉就像我错过了什么。系统中只有一个上下文,它被分配给消费者和服务。消费者密钥和秘密与访问令牌一起是最终 URL 的一部分。我查看了权限,没有发现任何不合适的地方。我什至将我的服务更改为仅让 hook_services_access 返回 TRUE 以绕过权限。
有什么想法吗?
I'm working on a project and the client requested i use OAuth to protect some custom services I've built. I've got everything working perfectly using no authentication and session authentication, but using OAuth makes the whole thing fall apart. I haven't been able to find any really good step by step tutorials.
Basically I've got the Services 6.x-3.1 and OAuth 6.x-3.0-beta4 modules installed on D6. I created an oauth context using this documentation. Then I setup a dummy user because I only want to create one set of consumer credentials for all of my clients. I assigned the context to the user and to the service. I'm using http://mydomain/oauth/authorized as the callback url.
To test I connect using http://term.ie/oauth/example/client.php. I use the endpoint http://mydomain/oauth/request_token. I add the response tokens to the appropriate fields. Then I change the endpoint to http://mydomain/oauth/authorize. It takes me to a page where I have to click to allow the connection. I'm taken to the http://mydomain/oauth/authorized page where I get a success message.
Now I change the endpoint to http://mydomain/oauth/access_token and I get a response with a new token. According to these instructions, I replace the new access tokens and change the endpoint to http://mydomain/myserviceendpoint. It connects using a GET request and returns
401 Unauthorized: The consumer is not authorized to access this
service.
It feels like I'm missing something. There is only one context in the system and it's assigned to both the consumer and the service. The consumer key and secret are part of the final url along with the access token. I've looked at permissions and I can't find anything out of place. I even changed my service to just return TRUE for the hook_services_access to bypass permissions.
Any ideas?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
首先你必须了解两者之间的区别。
首先,会话身份验证采用用户名和密码并进行身份验证。然后它会从 drupal 获取用户权限,因此您需要在每个步骤中进行身份验证才能通过与 drupal 通信的应用程序。匿名用户可以根据您在drupal 中的权限获取他们想要的内容。
在Aouth身份验证中,您创建一个用户并为其添加令牌,只有拥有令牌的用户才能根据您为其设置的权限规则与应用程序进行通信。对于匿名用户,他们无法检索或获取任何内容。 drupal 和创建的客户端之间的通信使用特定的令牌。
最后:转到用户页面并创建一个用户,并为他提供应用程序名称和令牌,并在应用程序代码中将令牌提供给应用程序并使用新创建的用户进行身份验证。
您必须检查新创建的用户的权限。
检查此链接
First you must understand the difference between the two.
first the session authentication takes a user name and password and authenticates. Then it takes the user permissions from drupal so you need to authenticate in each step to go through your application that communicate with your drupal. Anonymous users can get what they want according to your permission in drupal.
While in Aouth authentication you create a user and add token to him and only the user who had the token communicate with the application according to the permission rule you set to him . In case of anonymous users they can't retrieve or get anything. The communication between drupal and the client within the created used with a certain token.
Finally: goto user page and create a user and give him the application name also token and in your application code give the token to application and authenticate with the newly created user.
You must check your permissions to the newly created user.
Check this link
和你一样的问题......由于没有很好的教程,有时很难,所以希望这对某人有帮助。
解决方案:
您必须在 my_module_default_services_endpoint() 中的端点定义中向资源授予 oauth 权限。假设您想通过 oauth 启用资源用户。通常你会:
所以你必须像这样授权你的资源(“user_info”是访问此资源所需的权限):
通过“services_oauth”启用的资源只能通过oauth访问。我想知道是否可以混合使用 oauth 访问服务和普通 oauth 服务。
我是如何找到解决方案的:
如果启用服务调试,您会注意到以下 PHP 警告:
注意:未定义索引:services_oauth en _services_oauth_authenticate_call() (línea 26 de C:/.../services_oauth .inc)。
如果您转到 services_oauth.inc 中的 _services_oauth_authenticate_call() 并打印堆栈跟踪(感谢 http://php.net/manual/en/function.debug-print-backtrace.php):
然后你会看到*$method['endpoint']['services_oauth'];* 未设置。所以你必须在 my_module_default_services_endpoint() 中设置它
Same problem like you... As there are not really good tutorials, sometimes its hard, so hope that this helps someone.
Solution:
You have to give oauth permisions to your resources in your endpoint definition, in my_module_default_services_endpoint(). Let's say you want to enable resource user via oauth. Normally you would have:
So you have to authorize your resources like this ('user_info' is the permision required to access this resource):
The ones you enable via 'services_oauth' will be only accessible via oauth. I'm wondering if you can mix oauth access services and normal oauth services.
How did I find the solution:
If you enable services debugging, you will notice the following PHP warning:
Notice: Undefined index: services_oauth en _services_oauth_authenticate_call() (línea 26 de C:/.../services_oauth.inc).
If you go to _services_oauth_authenticate_call() in services_oauth.inc and print the stack trace (thanks to http://php.net/manual/en/function.debug-print-backtrace.php):
Then you will see that *$method['endpoint']['services_oauth'];* is not set. So you have to set it in my_module_default_services_endpoint()
您的服务端点不应与 OAuth 测试客户端一起使用。通过身份验证后,您可以将 OAuth 令牌与您的方法一起传递到服务端点。
Your service endpoint is not to be used with the OAuth test client. Once you are authenticated, you pass your OAuth tokens to the service endpoint along with your method.