Coinbase 无效的 404 请求 OAuth2 Guzzle
Coinbase Invalid 404 request OAuth2 Guzzle
我尝试使用 OAuth2 在 coinbase 中进行授权:
$client = new Client(['cookies' => true]);
try {
$response = $client->request('POST', $this->urlAccessToken, [
'headers' => [
'cache-control' => 'no-cache',
'Content-Type' => 'application/x-www-form-urlencoded'
],
'form_params' => [
'grant_type' => 'authorization_code',
'code' => $request->code,
'client_id' => $this->clientId,
'client_secret' => $this->clientSecret,
'redirect_uri' => $this->redirectUri
]
]);
dd($response->getBody());
} catch (\Exception $e) {
return response($e->getMessage(), 400);
}
在 coinbase 中授权后,我重定向到重定向 URI,当发送请求交换代码时,我看到错误的响应:
Client error: POST http://www.coinbase.com/oauth/token resulted in a 404 Not Found response: Invalid request. Instead of a GET request, you should be making a POST with valid POST params. For more informat (truncated...)
所有将在 Coinbase 中授权的代码:
private $clientId;
private $clientSecret;
private $redirectUri;
private $urlAuthorize;
private $urlAccessToken;
public function __construct()
{
$this->clientId = env('COINBASE_CLIENT_ID');
$this->clientSecret = env('COINBASE_CLIENT_SECRET');
$this->redirectUri = route('oauth2-redirect');
$this->urlAuthorize = 'https://www.coinbase.com/oauth/authorize';
$this->urlAccessToken = 'http://www.coinbase.com/oauth/token';
}
public function oauth(Request $request)
{
$state = hash('sha256', $request->session()->getId());
if (!isset($request->code)) {
$parameters = [
'response_type' => 'code',
'client_id' => $this->clientId,
'redirect_uri' => $this->redirectUri,
'state' => $state
];
$authorizationUrl = $this->urlAuthorize . '?' . http_build_query($parameters);
// Redirect the user to the authorization URL.
header('Location: ' . $authorizationUrl);
exit;
} elseif (empty($request->state) || $request->state !== $state) {
return response('Invalid state', 400);
} else {
$client = new Client(['cookies' => true]);
try {
$response = $client->request('POST', $this->urlAccessToken, [
'headers' => [
'cache-control' => 'no-cache',
'Content-Type' => 'application/x-www-form-urlencoded'
],
'form_params' => [
'grant_type' => 'authorization_code',
'code' => $request->code,
'client_id' => $this->clientId,
'client_secret' => $this->clientSecret,
'redirect_uri' => $this->redirectUri
]
]);
dd($response->getBody());
} catch (\Exception $e) {
return response($e->getMessage(), 400);
}
}
}
我也在邮递员和他那里检查过 return 很好的反应:
enter image description here
问题出在 URL 访问令牌中,需要使用 https://api.coinbase.com/oauth/token 而不是 http://www.coinbase.com/oauth/token。
我尝试使用 OAuth2 在 coinbase 中进行授权:
$client = new Client(['cookies' => true]);
try {
$response = $client->request('POST', $this->urlAccessToken, [
'headers' => [
'cache-control' => 'no-cache',
'Content-Type' => 'application/x-www-form-urlencoded'
],
'form_params' => [
'grant_type' => 'authorization_code',
'code' => $request->code,
'client_id' => $this->clientId,
'client_secret' => $this->clientSecret,
'redirect_uri' => $this->redirectUri
]
]);
dd($response->getBody());
} catch (\Exception $e) {
return response($e->getMessage(), 400);
}
在 coinbase 中授权后,我重定向到重定向 URI,当发送请求交换代码时,我看到错误的响应:
Client error:
POST http://www.coinbase.com/oauth/tokenresulted in a404 Not Foundresponse: Invalid request. Instead of a GET request, you should be making a POST with valid POST params. For more informat (truncated...)
所有将在 Coinbase 中授权的代码:
private $clientId;
private $clientSecret;
private $redirectUri;
private $urlAuthorize;
private $urlAccessToken;
public function __construct()
{
$this->clientId = env('COINBASE_CLIENT_ID');
$this->clientSecret = env('COINBASE_CLIENT_SECRET');
$this->redirectUri = route('oauth2-redirect');
$this->urlAuthorize = 'https://www.coinbase.com/oauth/authorize';
$this->urlAccessToken = 'http://www.coinbase.com/oauth/token';
}
public function oauth(Request $request)
{
$state = hash('sha256', $request->session()->getId());
if (!isset($request->code)) {
$parameters = [
'response_type' => 'code',
'client_id' => $this->clientId,
'redirect_uri' => $this->redirectUri,
'state' => $state
];
$authorizationUrl = $this->urlAuthorize . '?' . http_build_query($parameters);
// Redirect the user to the authorization URL.
header('Location: ' . $authorizationUrl);
exit;
} elseif (empty($request->state) || $request->state !== $state) {
return response('Invalid state', 400);
} else {
$client = new Client(['cookies' => true]);
try {
$response = $client->request('POST', $this->urlAccessToken, [
'headers' => [
'cache-control' => 'no-cache',
'Content-Type' => 'application/x-www-form-urlencoded'
],
'form_params' => [
'grant_type' => 'authorization_code',
'code' => $request->code,
'client_id' => $this->clientId,
'client_secret' => $this->clientSecret,
'redirect_uri' => $this->redirectUri
]
]);
dd($response->getBody());
} catch (\Exception $e) {
return response($e->getMessage(), 400);
}
}
}
我也在邮递员和他那里检查过 return 很好的反应: enter image description here
问题出在 URL 访问令牌中,需要使用 https://api.coinbase.com/oauth/token 而不是 http://www.coinbase.com/oauth/token。