使用 eBay OAuth

Question

我的代码如下所示。我正在尝试通过 eBay 对用户进行身份验证，以便能够获取访问令牌。在将用户重定向回我的重定向 URL 以使用访问令牌交换代码时，我收到错误：

HTTP/1.1 100 Continue HTTP/1.1 400 Bad Request Content-Length: 109 Cneonction: close Date: Thu, 02 Mar 2017 06:47:51 GMT RlogId: t6ldssk%28ciudbq%60anng%7Fu2h%3F%3Cwk%7Difvqn*2%3D%3F%3E505-15a8dc659e6-0xf3 Set-Cookie: ebay=%5Esbf%3D%23%5E;Domain=.ebay.com;Path=/ X-EBAY-C-REQUEST-ID: ri=v22kQg9yaBLq,rci=2FDiyansIYnkONQC X-EBAY-C-VERSION: 1.0.0 X-EBAY-REQUEST-ID: 15a8dc658f8.a0968eb.5f6ef.fff87b7e![] Content-Type: application/json Connection: keep-alive {"error":"invalid_request","error_description":"'Authorization' is missing the the header:","error_uri":null}

我的 POST 请求有什么问题？

$auth_code = $_GET['code'];
$client_id = "Client ID";
$client_secret = "Client Secret";
$redirect_uri = "RuName";
$headers = array (
    'Content-Type'  => 'application/x-www-form-urlencoded',
    'Authorization' => sprintf('Basic %s',base64_encode(sprintf('%s:%s', $client_id, $client_secret)))
);
$apiURL = "https://api.sandbox.ebay.com/identity/v1/oauth2/token";
$urlParams = array (
        "grant_type" => "authorization_code",
        "code" => urlencode($auth_code),
        "redirect_uri" => $redirect_uri
);

$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
//curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // Should be removed on production
curl_setopt ( $ch, CURLOPT_POST, 1 );
curl_setopt ( $ch, CURLOPT_HEADER, true );

curl_setopt($ch, CURLOPT_URL, $apiURL);
curl_setopt ( $ch, CURLOPT_HTTPHEADER, $headers = array ('Authorization' => sprintf('Basic %s',base64_encode(sprintf('%s:%s', $client_id, $client_secret))),'Content-Type'  => 'application/x-www-form-urlencoded') );
curl_setopt ( $ch, CURLOPT_POSTFIELDS, $urlParams );

$resp = curl_exec ( $ch );
curl_close ( $ch );

print_r ( $resp );

Answer 1

您的代码有两个小问题。首先是 CURLOPT_HTTPHEADER 需要一个字符串数组而不是关联数组。

$headers = array (
    'Content-Type: application/x-www-form-urlencoded',
    'Authorization: '.sprintf('Basic %s',base64_encode(sprintf('%s:%s', $client_id, $client_secret)))
);

第二个是关于 PHP 如何处理 CURLOPT_POSTFIELDS 选项。如 documentation 中所述。

Passing an array to CURLOPT_POSTFIELDS will encode the data as multipart/form-data, while passing a URL-encoded string will encode the data as application/x-www-form-urlencoded.

由于 eBay API 要求正文是 application/x-www-form-urlencoded，因此您需要传入一个字符串。您可以使用您的数组通过将其传递给 http_build_query.

来构建此字符串

$urlParams = http_build_query(array (
        "grant_type" => "authorization_code",
        "code" => $auth_code,
        "redirect_uri" => $redirect_uri
));

我还建议 Postman 测试向 eBay 发出 API 请求。它的功能之一是它还会为您创建 PHP curl 代码。下面的代码改编自 Postman 创建的代码。

<?php

$clientID = '<YOUR EBAY APP ID>';
$clientSecret = '<YOUR EBAY CERT ID>';
$ruName = '<YOUR EBAY RUNAME>';
$authCode = '<AUTH CODE>';

$url = 'https://api.sandbox.ebay.com/identity/v1/oauth2/token';

$headers = [
    'Content-Type: application/x-www-form-urlencoded',
    'Authorization: Basic '.base64_encode($clientID.':'.$clientSecret)
];

$body = http_build_query([
    'grant_type'   => 'authorization_code',
    'code'         => $authCode,
    'redirect_uri' => $ruName
]);

$curl = curl_init();

curl_setopt_array($curl, array(
    CURLOPT_URL            => $url,
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_CUSTOMREQUEST  => 'POST',
    CURLOPT_POSTFIELDS     => $body,
    CURLOPT_HTTPHEADER     => $headers
));

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
    echo "cURL Error #:" . $err;
} else {
    echo $response."\n";
}

使用 eBay OAuth

Using eBay OAuth

php

oauth

ebay-api