PayPal REST 令牌请求:api.paypal.com OK,api-m 失败
PayPal REST token request: api.paypal.com OK, api-m fails
附录 2:Mozilla 行为特定于 URL 解析到的主机;我在问题的末尾添加了显示此内容的 curl 脚本。
附录:这在大约 8 小时后消失了,并工作了几天。但是一个星期后,我重新 运行 页面只是为了检查,它再次反复失败: api.paypal 有效, api-m.paypal 无效。
我从 api-m.paypal.com 和 api.paypal.com 收到不同的请求实时站点访问令牌的结果。如果我向 api.paypal.com 发出请求,它会工作并返回一个令牌。如果我从 api-m.paypal.com 请求它,我会收到 403 Forbidden 错误。这怎么可能?一般来说,对于令牌请求,文档似乎可以互换使用 api 和 api-m。两者之间有什么区别,哪些呼叫应该路由到 api vs api-m?当我 运行 将我的整个商店放在沙盒上时, 一切 都进入 api-m 并且工作正常。在重复请求令牌的测试程序中,通过 api、api-m、api.sandbox 和 api-m.sandbox 排序 --- 只有 api-m 失败,其他 3 种情况都很好。我看过一次 api vs api-m 的讨论,但再也找不到了;很确定它没有提到这个!
<?php
include("../_private/ppinfo.php");
header('Content-type: text/plain');
$sandbox = 0;
echo "sandbox $sandbox rv " . GetNewPPToken($sandbox) . "\n";
$sandbox = 1;
echo "sandbox $sandbox rv " . GetNewPPToken($sandbox) . "\n";
$sandbox = 2;
echo "sandbox $sandbox rv " . GetNewPPToken($sandbox) . "\n";
$sandbox = -1;
echo "sandbox $sandbox rv " . GetNewPPToken($sandbox) . "\n";
$sandbox = 0;
echo "sandbox $sandbox rv " . GetNewPPToken($sandbox) . "\n";
$sandbox = -1;
echo "sandbox $sandbox rv " . GetNewPPToken($sandbox) . "\n";
$sandbox = 1;
echo "sandbox $sandbox rv " . GetNewPPToken($sandbox) . "\n";
$sandbox = 0;
echo "sandbox $sandbox rv " . GetNewPPToken($sandbox) . "\n";
$sandbox = 2;
echo "sandbox $sandbox rv " . GetNewPPToken($sandbox) . "\n";
// Get a paypal REST token to use for the rest of our transactions.
// See https://developer.paypal.com/docs/business/get-started/
function GetNewPPToken($sandbox)
{
global $G, $ppinfo;
$headers = array(
"Accept: application/json",
"Accept-Language: en_US",
"Content-Type: application/x-www-form-urlencoded"
);
if ($sandbox > 1)
{
$clid = $ppinfo['sb_acct'];
$secret = $ppinfo['sb_secr'];
$url = "https://api.sandbox.paypal.com/v1/oauth2/token";
}
else if ($sandbox > 0)
{
$clid = $ppinfo['sb_acct'];
$secret = $ppinfo['sb_secr'];
$url = "https://api-m.sandbox.paypal.com/v1/oauth2/token";
}
else if ($sandbox < 0)
{
$clid = $ppinfo['acct'];
$secret = $ppinfo['secr'];
$url = "https://api.paypal.com/v1/oauth2/token";
}
else
{
$clid = $ppinfo['acct'];
$secret = $ppinfo['secr'];
$url = "https://api-m.paypal.com/v1/oauth2/token";
};
$cvt = "grant_type=client_credentials";
$curl = newPPcurl($url, $cvt, $headers);
curl_setopt($curl, CURLOPT_USERPWD, "$clid:$secret");
$resp = curl_exec($curl);
$err = curl_error($curl) ;
$json = json_decode($resp, true);
if (0)
{
echo "response:\n";
print_r($resp);
echo "err:\n";
print_r($err);
echo "token '" . $ppinfo['token'] . "'\n";
};
$ppinfo['token'] = $json['access_token'];
return ($ppinfo['token'] != '' ? 1 : 0);
}
function newPPcurl($url, $flds, $hdrs)
{
$user_agent = "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)";
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_POST, 1);
if ($flds != '')
curl_setopt($curl, CURLOPT_POSTFIELDS, $flds);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_FORBID_REUSE, 1);
curl_setopt($curl, CURLOPT_USERAGENT, $user_agent);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2); // or 2?
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, TRUE);
//curl_setopt($curl, CURLOPT_SSLCERT, $pem); // pem file name
curl_setopt($curl, CURLOPT_TIMEOUT, 30);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 30);
if ($hdrs != "")
curl_setopt($curl, CURLOPT_HTTPHEADER, $hdrs);
return $curl;
}
测试输出:
sandbox 0 rv 0
sandbox 1 rv 1
sandbox 2 rv 1
sandbox -1 rv 1
sandbox 0 rv 0
sandbox -1 rv 1
sandbox 1 rv 1
sandbox 0 rv 0
sandbox 2 rv 1
下面是一些显示此行为的 curl 命令。当 api-m.paypal.com 解析为 184.87.90.6 时,通过 Mozilla 代理(cmd #1)获取令牌。当 IP 解析为 151.101.1.35 时,Mozilla (cmd#2) 的请求失败,curl (cmd#3) 通过。请注意,您必须提供自己的 id:pwd 字符串进行测试。
curl -v https://api-m.paypal.com/v1/oauth2/token \
--user-agent "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)" \
--resolve api-m.paypal.com:443:184.87.90.6 \
-H "Accept: application/json" \
-H "Accept-Language: en_US" \
-u "<id:pwd>" \
-d "grant_type=client_credentials"
curl -v https://api-m.paypal.com/v1/oauth2/token \
--user-agent "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)" \
--resolve api-m.paypal.com:443:151.101.1.35 \
-H "Accept: application/json" \
-H "Accept-Language: en_US" \
-u "<id:pwd>" \
-d "grant_type=client_credentials"
curl -v https://api-m.paypal.com/v1/oauth2/token \
--user-agent "curl/7.55.1" \
--resolve api-m.paypal.com:443:151.101.1.35 \
-H "Accept: application/json" \
-H "Accept-Language: en_US" \
-u "<id:pwd>" \
-d "grant_type=client_credentials"
PayPal REST 令牌请求的用户代理必须是 curl 标识符,例如“curl/7.55.1”。 使用 Mozilla 用户代理会导致 403 FORBIDDEN api-m.paypal.com,尽管它似乎适用于 api.paypal.com、api.sandbox.paypal.com 和 api-m.sandbox.paypal.com
附录 2:Mozilla 行为特定于 URL 解析到的主机;我在问题的末尾添加了显示此内容的 curl 脚本。
附录:这在大约 8 小时后消失了,并工作了几天。但是一个星期后,我重新 运行 页面只是为了检查,它再次反复失败: api.paypal 有效, api-m.paypal 无效。
我从 api-m.paypal.com 和 api.paypal.com 收到不同的请求实时站点访问令牌的结果。如果我向 api.paypal.com 发出请求,它会工作并返回一个令牌。如果我从 api-m.paypal.com 请求它,我会收到 403 Forbidden 错误。这怎么可能?一般来说,对于令牌请求,文档似乎可以互换使用 api 和 api-m。两者之间有什么区别,哪些呼叫应该路由到 api vs api-m?当我 运行 将我的整个商店放在沙盒上时, 一切 都进入 api-m 并且工作正常。在重复请求令牌的测试程序中,通过 api、api-m、api.sandbox 和 api-m.sandbox 排序 --- 只有 api-m 失败,其他 3 种情况都很好。我看过一次 api vs api-m 的讨论,但再也找不到了;很确定它没有提到这个!
<?php
include("../_private/ppinfo.php");
header('Content-type: text/plain');
$sandbox = 0;
echo "sandbox $sandbox rv " . GetNewPPToken($sandbox) . "\n";
$sandbox = 1;
echo "sandbox $sandbox rv " . GetNewPPToken($sandbox) . "\n";
$sandbox = 2;
echo "sandbox $sandbox rv " . GetNewPPToken($sandbox) . "\n";
$sandbox = -1;
echo "sandbox $sandbox rv " . GetNewPPToken($sandbox) . "\n";
$sandbox = 0;
echo "sandbox $sandbox rv " . GetNewPPToken($sandbox) . "\n";
$sandbox = -1;
echo "sandbox $sandbox rv " . GetNewPPToken($sandbox) . "\n";
$sandbox = 1;
echo "sandbox $sandbox rv " . GetNewPPToken($sandbox) . "\n";
$sandbox = 0;
echo "sandbox $sandbox rv " . GetNewPPToken($sandbox) . "\n";
$sandbox = 2;
echo "sandbox $sandbox rv " . GetNewPPToken($sandbox) . "\n";
// Get a paypal REST token to use for the rest of our transactions.
// See https://developer.paypal.com/docs/business/get-started/
function GetNewPPToken($sandbox)
{
global $G, $ppinfo;
$headers = array(
"Accept: application/json",
"Accept-Language: en_US",
"Content-Type: application/x-www-form-urlencoded"
);
if ($sandbox > 1)
{
$clid = $ppinfo['sb_acct'];
$secret = $ppinfo['sb_secr'];
$url = "https://api.sandbox.paypal.com/v1/oauth2/token";
}
else if ($sandbox > 0)
{
$clid = $ppinfo['sb_acct'];
$secret = $ppinfo['sb_secr'];
$url = "https://api-m.sandbox.paypal.com/v1/oauth2/token";
}
else if ($sandbox < 0)
{
$clid = $ppinfo['acct'];
$secret = $ppinfo['secr'];
$url = "https://api.paypal.com/v1/oauth2/token";
}
else
{
$clid = $ppinfo['acct'];
$secret = $ppinfo['secr'];
$url = "https://api-m.paypal.com/v1/oauth2/token";
};
$cvt = "grant_type=client_credentials";
$curl = newPPcurl($url, $cvt, $headers);
curl_setopt($curl, CURLOPT_USERPWD, "$clid:$secret");
$resp = curl_exec($curl);
$err = curl_error($curl) ;
$json = json_decode($resp, true);
if (0)
{
echo "response:\n";
print_r($resp);
echo "err:\n";
print_r($err);
echo "token '" . $ppinfo['token'] . "'\n";
};
$ppinfo['token'] = $json['access_token'];
return ($ppinfo['token'] != '' ? 1 : 0);
}
function newPPcurl($url, $flds, $hdrs)
{
$user_agent = "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)";
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_POST, 1);
if ($flds != '')
curl_setopt($curl, CURLOPT_POSTFIELDS, $flds);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_FORBID_REUSE, 1);
curl_setopt($curl, CURLOPT_USERAGENT, $user_agent);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2); // or 2?
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, TRUE);
//curl_setopt($curl, CURLOPT_SSLCERT, $pem); // pem file name
curl_setopt($curl, CURLOPT_TIMEOUT, 30);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 30);
if ($hdrs != "")
curl_setopt($curl, CURLOPT_HTTPHEADER, $hdrs);
return $curl;
}
测试输出:
sandbox 0 rv 0
sandbox 1 rv 1
sandbox 2 rv 1
sandbox -1 rv 1
sandbox 0 rv 0
sandbox -1 rv 1
sandbox 1 rv 1
sandbox 0 rv 0
sandbox 2 rv 1
下面是一些显示此行为的 curl 命令。当 api-m.paypal.com 解析为 184.87.90.6 时,通过 Mozilla 代理(cmd #1)获取令牌。当 IP 解析为 151.101.1.35 时,Mozilla (cmd#2) 的请求失败,curl (cmd#3) 通过。请注意,您必须提供自己的 id:pwd 字符串进行测试。
curl -v https://api-m.paypal.com/v1/oauth2/token \
--user-agent "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)" \
--resolve api-m.paypal.com:443:184.87.90.6 \
-H "Accept: application/json" \
-H "Accept-Language: en_US" \
-u "<id:pwd>" \
-d "grant_type=client_credentials"
curl -v https://api-m.paypal.com/v1/oauth2/token \
--user-agent "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)" \
--resolve api-m.paypal.com:443:151.101.1.35 \
-H "Accept: application/json" \
-H "Accept-Language: en_US" \
-u "<id:pwd>" \
-d "grant_type=client_credentials"
curl -v https://api-m.paypal.com/v1/oauth2/token \
--user-agent "curl/7.55.1" \
--resolve api-m.paypal.com:443:151.101.1.35 \
-H "Accept: application/json" \
-H "Accept-Language: en_US" \
-u "<id:pwd>" \
-d "grant_type=client_credentials"
PayPal REST 令牌请求的用户代理必须是 curl 标识符,例如“curl/7.55.1”。 使用 Mozilla 用户代理会导致 403 FORBIDDEN api-m.paypal.com,尽管它似乎适用于 api.paypal.com、api.sandbox.paypal.com 和 api-m.sandbox.paypal.com