2

这几天我一直在努力解决这个问题。我已经设置了一个测试应用程序以通过 OAuth 连接到 LinkedIn。我希望能够更新用户的状态,但目前我根本无法与 LinkedIn 的 API 交互。

我能够成功获取 requestToken,然后是 accessToken,但是当我向 API 发出请求时,我看到一个类似于以下内容的“未经授权”错误:

object(OAuthException)#2 (8) { 
 ["message:protected"]=>  string(73) "Invalid auth/bad request (got a 401, expected HTTP/1.1 20X or a redirect)" 
 ["string:private"]=>  string(0) "" 
 ["code:protected"]=>  int(401) 
 ["file:protected"]=>  string(47) "/home/pmfeorg/public_html/dev/test/linkedin.php" 
 ["line:protected"]=>  int(48) 
 ["trace:private"]=>  array(1) { 
  [0]=>  array(6) { 
   ["file"]=>  string(47) "/home/pmfeorg/public_html/dev/test/linkedin.php" 
   ["line"]=>  int(48) 
   ["function"]=>  string(5) "fetch" 
   ["class"]=>  string(5) "OAuth" 
   ["type"]=>  string(2) "->" 
   ["args"]=>  array(2) { 
    [0]=>  string(35) "http://api.linkedin.com/v1/people/~" 
    [1]=>  string(3) "GET" 
   } 
  } 
 } 
 ["lastResponse"]=>  string(358) "  401  1276375790558  0000  [unauthorized]. OAU:Bhgk3fB4cs9t4oatSdv538tD2X68-1OTCBg-KKL3pFBnGgOEhJZhFOf1n9KtHMMy|48032b2d-bc8c-4744-bb84-4eab53578c11|*01|*01:1276375790:xmc3lWhXJvLSUZh4dxMtrf55VVQ= " 
 ["debugInfo"]=>  array(5) { 
 ["sbs"]=>  string(329) "GET&http%3A%2F%2Fapi.linkedin.com%2Fv1%2Fpeople%2F~&oauth_consumer_key%3DBhgk3fB4cs9t4oatSdv538tD2X68-1OTCBg-KKL3pFBnGgOEhJZhFOf1n9KtHMMy%26oauth_nonce%3D7068001084c13f2ee6a2117.22312548%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1276375790%26oauth_token%3D48032b2d-bc8c-4744-bb84-4eab53578c11%26oauth_version%3D1.0" 
 ["headers_sent"]=>  string(401) "GET /v1/people/~?GET&oauth_consumer_key=Bhgk3fB4cs9t4oatSdv538tD2X68-1OTCBg-KKL3pFBnGgOEhJZhFOf1n9KtHMMy&oauth_signature_method=HMAC-SHA1&oauth_nonce=7068001084c13f2ee6a2117.22312548&oauth_timestamp=1276375790&oauth_version=1.0&oauth_token=48032b2d-bc8c-4744-bb84-4eab53578c11&oauth_signature=xmc3lWhXJvLSUZh4dxMtrf55VVQ%3D HTTP/1.1 User-Agent: PECL-OAuth/1.0-dev Host: api.linkedin.com Accept: */*" 
 ["headers_recv"]=>  string(148) "HTTP/1.1 401 Unauthorized Server: Apache-Coyote/1.1 Date: Sat, 12 Jun 2010 20:49:50 GMT Content-Type: text/xml;charset=UTF-8 Content-Length: 358" 
 ["body_recv"]=>  string(358) "  401  1276375790558  0000  [unauthorized]. OAU:Bhgk3fB4cs9t4oatSdv538tD2X68-1OTCBg-KKL3pFBnGgOEhJZhFOf1n9KtHMMy|48032b2d-bc8c-4744-bb84-4eab53578c11|*01|*01:1276375790:xmc3lWhXJvLSUZh4dxMtrf55VVQ= " 
 ["info"]=>  string(216) "About to connect() to api.linkedin.com port 80 (#0) Trying 64.74.98.83... connected Connected to api.linkedin.com (64.74.98.83) port 80 (#0) Connection #0 to host api.linkedin.com left intact Closing connection #0 " 
 }
}

我的代码如下所示(基于 php.net 的 FireEagle 示例):

$req_url = 'https://api.linkedin.com/uas/oauth/requestToken';
$authurl = 'https://www.linkedin.com/uas/oauth/authenticate';
$acc_url = 'https://api.linkedin.com/uas/oauth/accessToken';
$api_url = 'http://api.linkedin.com/v1/people/~';
$callback = 'http://www.pmfe.org/dev/test/linkedin.php';
$conskey = 'Bhgk3fB4cs9t4oatSdv538tD2X68-1OTCBg-KKL3pFBnGgOEhJZhFOf1n9KtHMMy';
$conssec = '####################SECRET KEY#####################';

session_start();

try {
  $oauth = new OAuth($conskey,$conssec,OAUTH_SIG_METHOD_HMACSHA1,OAUTH_AUTH_TYPE_URI);
  $oauth->enableDebug();

  if(!isset($_GET['oauth_token'])) {
    $request_token_info = $oauth->getRequestToken($req_url);
    $_SESSION['secret'] = $request_token_info['oauth_token_secret'];
    header('Location: '.$authurl.'?oauth_token='.$request_token_info['oauth_token']);
    exit;
  } else {
    $oauth->setToken($_GET['oauth_token'],$_SESSION['secret']);
    $access_token_info = $oauth->getAccessToken($acc_url);
    $_SESSION['token'] = $access_token_info['oauth_token'];
    $_SESSION['secret'] = $access_token_info['oauth_token_secret'];
  } 
    $oauth->setToken($_SESSION['token'],$_SESSION['secret']);
 $oauth->fetch($api_url, OAUTH_HTTP_METHOD_GET);

 $response = $oauth->getLastResponse();
} catch(OAuthException $E) {
  var_dump($E);
}

我已经使用 OAuth 成功建立了与 Twitter 的连接和与 Facebook 的连接,但 LinkedIn 一直在躲避我。如果有人可以提供一些建议或指出正确的方向,我将非常感激!

4

2 回答 2

1

好吧,我找到了问题的根源,但是现在又出现了一个新问题:

我最初的问题是错误的——我根本没有得到 accessToken。问题是我在 getAccessToken 调用期间没有传递验证程序代码(在 requestToken 步骤中获得)。

所以与其说这个...

$access_token_info = $oauth->getAccessToken($acc_url);

...我需要这样做...

$_SESSION['verifier'] = $_GET['oauth_verifier'];
$access_token_info = $oauth->getAccessToken($acc_url, $_SESSION['verifier'], $_SESSION['verifier']);

我希望这些信息可以帮助其他人。这是我第一次使用 OAuth,但似乎 LinkedIn 的实施非常严格。

无论如何,现在我需要弄清楚为什么当我尝试更新我的状态时 LI 返回 401……我已经授权了该应用程序,并且可以拉下数据,但无法设置任何数据。也许在 LI 的设置中隐藏了其他权限?

于 2010-06-14T03:33:09.317 回答
0

除非 LinkedIn 对 HTTP 状态代码有完全不正确的看法,否则 401 意味着它期待一个WWW-Authenticate标头(即:base64 格式的用户名/密码)并且没有得到它,因此它拒绝访问。

也许您必须执行OAuth::setAuthType()

于 2010-06-13T05:29:16.240 回答