0

I am using passport-freshbooks to authenticate and retrieve a token and tokenSecret. However, when I try to use those with a separate OAuth object, I get a 401 authentication failed error.

The strategy used by passport-freshbooks uses the same oauth library, and the call to "post" is identical to the followup call (at least it looks the same to me, but maybe I'm missing something obvious).

Here's some of the pertinent code from the passport strategy:

OAuth = require('oauth').OAuth //This is called from within require('passport-oauth').OAuthStrategy
...
this._oauth = new OAuth('https://' + options.subdomain + '.freshbooks.com/oauth/oauth_request.php',
    'https://' + options.subdomain + '.freshbooks.com/oauth/oauth_access.php',
    freshbookDao.config.apiSubdomain,  
    freshbookDao.config.oauthSecret,
    "1.0", 
    null, 
    "PLAINTEXT",
    null, 
    options.customHeaders);
...
log.info("Calling userProfile with " + token + " and " + tokenSecret);
...
this._oauth.post(url, token, tokenSecret, post_body, post_content_type, function (err, body, res) {...}

I try to use that same token and tokenSecret later. I'm creating a new OAuth object, but setting it with the identical settings passed to the passport strategy. Here's some code from that:

 OAuth = require('oauth')
 ...
 oauth = new OAuth.OAuth(
    'https://' + options.subdomain + '.freshbooks.com/oauth/oauth_request.php',
    'https://' + options.subdomain + '.freshbooks.com/oauth/oauth_access.php',
    exports.config.apiToken,
    exports.config.oauthSecret,
    '1.0',
    null,
    'PLAINTEXT');
...
log.info("Calling listInvoices with " + token + " and " + tokenSecret);
...
oauth.post(url, token, tokenSecret, body, 'application/xml', function(err, data, res) {...}

These look the same to me. However, the first one passes, and the second fails with this response:

{"statusCode":401,"data":"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<response xmlns=\"http://www.freshbooks.com/api/\" status=\"fail\">\n  <error>Authentication failed.</error>\n  <code>20010</code>\n</response>\n"} <code>20010</code>\n</response>\n"}

What is it that I'm doing wrong? I've included to "log.info" lines to show that I've compared the token and tokenSecret, and they are indeed the same. What is it I'm missing?

4

1 回答 1

0

很高兴你能使用护照新书!

我没有在其中编写 OAuth 代码。我从 Jared Hanson 的 passport-linkedin 模块中复制了这个,然后对其进行了调整以与 Freshbooks 一起使用

如果您得到不同的输出,那么会发生以下两种情况之一:
1)您正在发送不同的输入,或者 2)存在不同的内部状态。

对于 1) 尝试将请求记录到文件中,看看会发生什么:Logging in express js to a output file?

您的应用是否发送不同的请求?

对于 2) 我不太了解 OAuth 协议来调试它。刚好够用。可能是您不能在不同的连接上重用令牌?我不能肯定地说。

希望对托德有所帮助!

于 2014-03-12T13:49:16.510 回答