授权承载中是否允许变量代替令牌?

Is a variable allowed in authorization bearer in place of a token?

我有一个变量代替令牌密钥。当我使用变量时,响应为空白。当我使用令牌密钥时,它会 returns 一个响应。我已经确定我设置的其他变量不是问题。问题变量是我标记为 $token_json

的变量

我的网站是https://geolyft.com

<!DOCTYPE html>
<html>
<head>
</head>
<body>

<?php
$ltt = $_POST['lat'];
$lng = $_POST['lng'];
$token_url = "https://geolyft.com/authentication.php";
$token_json = file_get_contents($token_url);
$curl = curl_init();

curl_setopt_array($curl, array(
  CURLOPT_URL => "https://api.lyft.com/v1/drivers?lat=$ltt&lng=$lng",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "GET",
  CURLOPT_HTTPHEADER => array(
    "authorization: Bearer $token_json",
    "cache-control: no-cache",
    "postman-token: 205a9ff0-102f-7f7a-8f11-b473946cc3fd"
  ),
));

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}
?>
</body>
</html>

区别就在这里

CURLOPT_HTTPHEADER => array(
    "authorization: Bearer gAAAAABYXNVPV4B9AEY2bHRZDhB_jw6-hj4ptvUttm45jqroJN0lV5QSZGd-5AL0jrVKod4R5J0Sdxam1Y2nduEO_Lvud8fFGnqAN7shjzgcl9RmLQN5WljEJ9us-Y41_qGr7HT10EH8acseSt-mdO7Dp9MeYaFMkcjIP-IdrIL9uVNll-JypwQgftZ1Bum7gCtQEgpqjGeRuwE4YwE6rLPFALUgZVWNlg==",
    "cache-control: no-cache",
    "postman-token: 205a9ff0-102f-7f7a-8f11-b473946cc3fd"
  ),
));

我宁愿使用这个而不是长令牌密钥,但是通过此设置,我得到的响应是空白的,我已经被难住了一段时间,我似乎找不到答案,也许我是在我的联盟之外。感谢任何帮助

CURLOPT_HTTPHEADER => array(
    "authorization: Bearer $token_json",
    "cache-control: no-cache",
    "postman-token: 205a9ff0-102f-7f7a-8f11-b473946cc3fd"
  ),
));

使用:

CURLOPT_HTTPHEADER => array(
"authorization: Bearer ".$token_json,
"cache-control: no-cache",
"postman-token: 205a9ff0-102f-7f7a-8f11-b473946cc3fd"
  ),
));

我的问题的答案是将身份验证 curl 请求放在其他 curl 请求之前。

$curl = curl_init();

curl_setopt_array($curl, array(
  CURLOPT_URL => "https://api.lyft.com/oauth/token",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "POST",
  CURLOPT_POSTFIELDS => "------WebKitFormBoundary7MA4YWxkTrZu0gW\r\nContent-Disposition: form-data; name=\"grant_type\"\r\n\r\nclient_credentials\r\n------WebKitFormBoundary7MA4YWxkTrZu0gW\r\nContent-Disposition: form-data; name=\"scope\"\r\n\r\npublic\r\n------WebKitFormBoundary7MA4YWxkTrZu0gW--",
  CURLOPT_HTTPHEADER => array(
    "authorization: Basic a0JFTE1Oak9QQWY2Om1VZVdwc1lRS0ExUWdfS1dnYTN1OHlHajQxQ3E4LV9X",
    "cache-control: no-cache",
    "content-type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW",
    "postman-token: f5d6e662-1663-e577-2c0d-705f03275fa8"
  ),
));

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

$json = json_decode($response, true);
$token = $json['access_token'];