Codeigniter 使用OAuth2进行Basecamp API身份验证：内部校验和失败错误_Codeigniter_Curl_Oauth 2.0_Basecamp_37 Signals

Codeigniter 使用OAuth2进行Basecamp API身份验证：内部校验和失败错误

codeigniter curl oauth-2.0

Codeigniter 使用OAuth2进行Basecamp API身份验证：内部校验和失败错误,codeigniter,curl,oauth-2.0,basecamp,37-signals,Codeigniter,Curl,Oauth 2.0,Basecamp,37 Signals,我正试图编写一个CodeIgniter控制器来处理37signals'Basecamp API的OAuth2身份验证问题是，我在尝试（通过cURL）连接到HTTP头中提供身份验证令牌时，不断遇到“内部校验和失败”错误以下是我的控制器类中的index和_authcode函数： <?php // constants: // BC_REQUEST_URL = 'https://launchpad.37signals.com/authorization/new' // BC_TOKEN_U

我正试图编写一个CodeIgniter控制器来处理37signals'Basecamp API的OAuth2身份验证

问题是，我在尝试（通过cURL）连接到HTTP头中提供身份验证令牌时，不断遇到“内部校验和失败”错误

以下是我的控制器类中的index和_authcode函数：

<?php 

// constants:
// BC_REQUEST_URL = 'https://launchpad.37signals.com/authorization/new'
// BC_TOKEN_URL   = 'https://launchpad.37signals.com/authorization/token'

// ... 

public function index() {
    // if get data is set.
    if ($this->input->get()) {

        // if auth code is provided via GET, switch to _authcode method.
        if ( $code = $this->input->get('code') ) {
            return $this->_authcode($code);
        }

        // On error, kill yourself.
        if ( $error = $this->input->get('error') ) {
            die($error);
        }

    }

    // redirect to 37 signals to get an authcode
    header("Location: ".BC_REQUEST_URL."?type=web_server&client_id=".BC_CLIENT_ID."&redirect_uri=".BC_REDIRECT_URL."");
}

// handles the Authentication code that is returned by 37 Signals.
private function _authcode($code) {
    // set vars to POST
    $vars = array(
        'type' => 'web_server',
        'client_id' => BC_CLIENT_ID,
        'redirect_uri' => BC_REDIRECT_URL,
        'client_secret' => BC_CLIENT_SECRET,
        'code' => $code
    );

    // make a request for the access_token
    $url = BC_TOKEN_URL;
    $c = curl_init($url);
    curl_setopt($c, CURLOPT_POST, true);
    curl_setopt($c, CURLOPT_POSTFIELDS, http_build_query($vars));
    curl_setopt($c, CURLOPT_RETURNTRANSFER, true);
    $response = json_decode(curl_exec($c));
    curl_close($c);
    unset($c,$url);

    // get the access vars from this request
    $expiry_seconds = $response->expires_in;    // default: 1209600 (14 days)
    $refresh_token  = $response->refresh_token; 
    $access_token   = $response->access_token;  
    unset($response);

    // make a separate request to get user info for current user.
    $url = "https://launchpad.37signals.com/authorization.json";
    $c = curl_init($url);

    curl_setopt($c, CURLOPT_HTTPHEADER, array(
        "Authorization: Bearer <$access_token>",
        "Content-Type: application/json; charset=utf-8",
        "User-Agent: MyApp (http://myapp.example.com)"
    ));
    curl_setopt($c, CURLOPT_RETURNTRANSFER, true);
    $response = json_decode(curl_exec($c)); // reply from 37 signal auth
    curl_close($c);
    unset($c,$url);

    echo "response obj = " . print_r($response,1);
    /* prints: response obj = stdClass Object ( [error] => OAuth token could not be verified. The internal checksum failed, so the token data was somehow mangled or tampered with. ) */

    // get the user data from this request
    // $expires_at = $response->expires_at; // the timestamp for when this request expires
    // $identity   = $response->identity;   // the current user
    // $accounts   = $response->accounts;   // list of accounts we can access
    // unset($response);

    // store the response data to the database for easy recall.
    // $this->db->query("REPLACE INTO `sometable` SET `key1`='value', `key2`='value');

}
// ...
?>

使用varchar（255）在数据库中保存身份验证令牌时遇到此错误。Basecamp的auth令牌具有一些校验和数据，使令牌超过255个字符
在您的示例中，您似乎并没有从数据库中提取它，所以这可能不会影响您，但是，我首先要查看的是检查Basecamp的令牌是否被切断
或者，在设置承载头时，删除$access_令牌周围的字符