Sabre Dev Studio API 调用者 Javascript
Sabre Dev Studio API call by Javascript
我正在尝试使用 Rest API 制作 Sabre Dev Studio 的 Web 应用程序。我正在使用 javascript。我收集了应用程序所需的访问令牌和客户端机密。
我写了这段代码来发送 api 请求:
var clientId = "V1:abcD123:OPQRST:UVW";
var clientSecret = "aBcdEfG";
// Using jQuery Plugin for Encoding
var authorizationBasic = $.base64.btoa(clientId + ':' + clientSecret);
authorizationBasic = $.base64.btoa(authorizationBasic);
var request = new XMLHttpRequest();
request.open('POST', 'https://api.sabre.com/v2/auth/token HTTP/1.1', true);
request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
request.setRequestHeader('User-Agent', 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.71 Safari/537.36');
request.setRequestHeader('Origin', 'chrome-extension://hgmloofddffdnphfgcellkdfbfbjeloo');
request.setRequestHeader('Authorization', 'Basic ' + authorizationBasic);
request.setRequestHeader('Accept', '*/*');
request.send("grant_type=client_credentials");
request.onreadystatechange = function () {
if (this.readyState === 4) {
alert(this.responseText);
}
};
如果请求有效,API 将发送一个包含访问令牌的响应,否则它应该给我一个错误消息对象。但就我而言,我没有收到任何东西。警报功能显示空白警报 window。我不知道问题出在哪里。谁能帮我解决这个问题?
我不是 javascript 专家,但我看到至少 2 个错误:
var authorizationBasic = $.base64.btoa(clientId + ':' + clientSecret);
您需要分别对 clientId 和 clientSecrect 进行 base64,然后在两者之间加上一个冒号
request.open('POST', 'https://api.sabre.com/v2/auth/token HTTP/1.1', true);
我不确定您是否可以在 URL 字符串中定义您将使用的 HTTP,它似乎也不是必需的。
下面是我测试成功的函数:
function doFunction() {
var clientId = "V1:abcD123:OPQRST:UVW";
var clientSecret = "aBcdEfG";
var authorizationBasic = window.btoa(window.btoa(clientId) + ':' + window.btoa(clientSecret));
request = new XMLHttpRequest();
var url = "https://api-crt.cert.havail.sabre.com/v2/auth/token";
request.open("POST", url, true);
request.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
request.setRequestHeader("Authorization", "Basic " + authorizationBasic);
var payload = "grant_type=client_credentials";
request.send(payload);
request.onreadystatechange = function () {
if (request.readyState == 4 && request.status == 200) {
alert(request.responseText);
document.getElementById("txt").value = request.responseText;
}
}
}
FWIW 在用头撞墙一段时间后,如果有人需要,我使用 fetch() 编写了一个 general-purpose 身份验证方法。它 returns 承诺 JSON object 授权 api returns.
static authenticate(clientId, clientSecret, baseURL = 'https://api.test.sabre.com/', apiPath = 'v2/auth/token') {
let authToken = {};
return fetch(`${baseURL}${apiPath}?grant_type=client_credentials`, {
method: 'POST',
headers: {
'Accept': '*/*',
'Content-Type': 'application/x-www-form-urlencoded',
'Authorization': 'Basic ' + window.btoa(window.btoa(clientId) + ':' + window.btoa(clientSecret))
}
}).then((response) => response.json()).then(response => {
if (response){
return Promise.resolve(response);
} else {
console.error('SabreAPI authenticate Error - no response');
return Promise.reject(response);
}
}).catch(error => {
console.error('SabreAPI authenticate Error: '+error);
return Promise.reject(error);
});
}
用法:
authenticate('myId', 'mySecret').then(response => {
let authToken = {};
authToken.access_token = response.access_token;
authToken.expires_in = response.expires_in;
authToken.token_type = response.token_type;
authToken.expiration_datestamp = new Date(new Date().getTime() + 1000 * (response.expires_in));
}).catch(error => {
... do whatever you want to catch the error
});
之后,您可以通过在 header 中传递 'Bearer': authToken.access_token 来执行常规获取 GET/PUT/POST/DELETE 调用;你可能需要先逃避它,而不是积极的。
我正在尝试使用 Rest API 制作 Sabre Dev Studio 的 Web 应用程序。我正在使用 javascript。我收集了应用程序所需的访问令牌和客户端机密。
我写了这段代码来发送 api 请求:
var clientId = "V1:abcD123:OPQRST:UVW";
var clientSecret = "aBcdEfG";
// Using jQuery Plugin for Encoding
var authorizationBasic = $.base64.btoa(clientId + ':' + clientSecret);
authorizationBasic = $.base64.btoa(authorizationBasic);
var request = new XMLHttpRequest();
request.open('POST', 'https://api.sabre.com/v2/auth/token HTTP/1.1', true);
request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
request.setRequestHeader('User-Agent', 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.71 Safari/537.36');
request.setRequestHeader('Origin', 'chrome-extension://hgmloofddffdnphfgcellkdfbfbjeloo');
request.setRequestHeader('Authorization', 'Basic ' + authorizationBasic);
request.setRequestHeader('Accept', '*/*');
request.send("grant_type=client_credentials");
request.onreadystatechange = function () {
if (this.readyState === 4) {
alert(this.responseText);
}
};
如果请求有效,API 将发送一个包含访问令牌的响应,否则它应该给我一个错误消息对象。但就我而言,我没有收到任何东西。警报功能显示空白警报 window。我不知道问题出在哪里。谁能帮我解决这个问题?
我不是 javascript 专家,但我看到至少 2 个错误:
var authorizationBasic = $.base64.btoa(clientId + ':' + clientSecret);
您需要分别对 clientId 和 clientSecrect 进行 base64,然后在两者之间加上一个冒号request.open('POST', 'https://api.sabre.com/v2/auth/token HTTP/1.1', true);
我不确定您是否可以在 URL 字符串中定义您将使用的 HTTP,它似乎也不是必需的。
下面是我测试成功的函数:
function doFunction() {
var clientId = "V1:abcD123:OPQRST:UVW";
var clientSecret = "aBcdEfG";
var authorizationBasic = window.btoa(window.btoa(clientId) + ':' + window.btoa(clientSecret));
request = new XMLHttpRequest();
var url = "https://api-crt.cert.havail.sabre.com/v2/auth/token";
request.open("POST", url, true);
request.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
request.setRequestHeader("Authorization", "Basic " + authorizationBasic);
var payload = "grant_type=client_credentials";
request.send(payload);
request.onreadystatechange = function () {
if (request.readyState == 4 && request.status == 200) {
alert(request.responseText);
document.getElementById("txt").value = request.responseText;
}
}
}
FWIW 在用头撞墙一段时间后,如果有人需要,我使用 fetch() 编写了一个 general-purpose 身份验证方法。它 returns 承诺 JSON object 授权 api returns.
static authenticate(clientId, clientSecret, baseURL = 'https://api.test.sabre.com/', apiPath = 'v2/auth/token') {
let authToken = {};
return fetch(`${baseURL}${apiPath}?grant_type=client_credentials`, {
method: 'POST',
headers: {
'Accept': '*/*',
'Content-Type': 'application/x-www-form-urlencoded',
'Authorization': 'Basic ' + window.btoa(window.btoa(clientId) + ':' + window.btoa(clientSecret))
}
}).then((response) => response.json()).then(response => {
if (response){
return Promise.resolve(response);
} else {
console.error('SabreAPI authenticate Error - no response');
return Promise.reject(response);
}
}).catch(error => {
console.error('SabreAPI authenticate Error: '+error);
return Promise.reject(error);
});
}
用法:
authenticate('myId', 'mySecret').then(response => {
let authToken = {};
authToken.access_token = response.access_token;
authToken.expires_in = response.expires_in;
authToken.token_type = response.token_type;
authToken.expiration_datestamp = new Date(new Date().getTime() + 1000 * (response.expires_in));
}).catch(error => {
... do whatever you want to catch the error
});
之后,您可以通过在 header 中传递 'Bearer': authToken.access_token 来执行常规获取 GET/PUT/POST/DELETE 调用;你可能需要先逃避它,而不是积极的。