Php 带有Curl Oauth1的Cardinity API
嗨,有谁能帮我看一下Cardinity API吗 我想用Curl-PHP进行身份验证,但它不起作用。我收到卡迪尼的错误 下面有一个错误代码 {“类型”:https://developers.cardinity.com/api/v1/#401“,”标题“:”未经授权“,”状态“:401,“详细信息“:”OAuth用户凭据不足。“} 这是我的密码Php 带有Curl Oauth1的Cardinity API,php,curl,oauth,Php,Curl,Oauth,嗨,有谁能帮我看一下Cardinity API吗 我想用Curl-PHP进行身份验证,但它不起作用。我收到卡迪尼的错误 下面有一个错误代码 {“类型”:https://developers.cardinity.com/api/v1/#401“,”标题“:”未经授权“,”状态“:401,“详细信息“:”OAuth用户凭据不足。“} 这是我的密码 <?php $consumer_key = "asd"; $consumer_sec = "adefg"
<?php
$consumer_key = "asd";
$consumer_sec = "adefg";
$url = 'https://api.cardinity.com/v1/payments';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$timestamp = time();
$nonce = md5($timestamp);
//Generate Signature
$base = 'POST&'.$url.'&oauth_consumer_key='.$consumer_key.'&oauth_signature_method=HMAC-SHA1&oauth_timestamp='.$timestamp.'&oauth_nonce='.$nonce.'&oauth_version=1.0&oauth_token=';
$base = rawurlencode($base);
$signature = base64_encode(hash_hmac('sha1', $base, rawurlencode($consumer_sec), true));
//
$headers = array();
$headers[] = 'Content-Type: application/json';
$headers[] = 'Authorization: OAuth oauth_consumer_key="'.$consumer_key.'",oauth_signature_method="HMAC-SHA1", oauth_timestamp="'.$timestamp.'", oauth_nonce="'.$nonce.'", oauth_version="1.0", oauth_token="", oauth_signature="'.$signature.'"';
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$result = curl_exec($ch);
if (curl_errno($ch)) {
echo 'Error:' . curl_error($ch);
}
curl_close($ch);
echo $result;
?>
您的OAuth签名未正确生成。您的OAuth复合密钥错误。这是HMACSha1的文档 要点:您要使用的复合密钥需要同时具有客户端共享密钥和令牌共享密钥。中间有一个“&”。< /P> 代替
rawurlencode($consumer_sec)
如果您的令牌为空,那么对于hash_hmac的第三个参数,您需要使用
rawurlencode($consumer_sec). "&"
下面是通过curl使用cardinity api的完整示例
<?php
$cardinityConsumerKey = 'test_jhcm1kuiowcs2s9dj03vryr4v8yf4e';
$cardinityConsumerSecret = 'uczqtwmhh2dj1m2vkulspssqisqc2qzjo8v23auqssux4opvag';
$timeStamp = time();
$nonce = $timeStamp. '123';
function buildBaseString($baseURI, $method, $params){
$paramStrings = array();
ksort($params);
foreach($params as $key=>$value){
$paramStrings[] = "$key=" . rawurlencode($value);
}
return $method."&" . rawurlencode($baseURI) . '&' . rawurlencode(implode('&', $paramStrings));
}
function buildAuthorizationHeader($oauth){
$headerString = 'Authorization: OAuth ';
$values = array();
foreach($oauth as $key=>$value)
$values[] = "$key=\"" . rawurlencode($value) . "\"";
$headerString .= implode(', ', $values);
return $headerString;
}
$postRequest = array(
"amount" => "100.00",
"currency" => "EUR",
"order_id" => $nonce,
"country" => "LT",
"payment_method" => "card",
"payment_instrument" => array(
"pan" => "4111111111111111",
"exp_year" => 2021,
"exp_month" => 11,
"cvc" => "521",
"holder" => "Not Mike Dough"
),
);
$oAuthParams = [
'oauth_consumer_key' => $cardinityConsumerKey,
'oauth_nonce' => $nonce,
'oauth_signature_method' => "HMAC-SHA1",
'oauth_timestamp' => $timeStamp,
//'oauth_token' => '',
'oauth_version' => '1.0',
];
$baseString = buildBaseString('https://api.cardinity.com/v1/payments', 'POST', $oAuthParams);
$compositeKey = rawurlencode($cardinityConsumerSecret) . '&';
$rawHash = hash_hmac('sha1', $baseString, $compositeKey , true);
$signature = base64_encode($rawHash);
$oAuthParams['oauth_signature'] = $signature;
$headers = array(
'Content-Type: application/json',
buildAuthorizationHeader($oAuthParams),
//'Expect:',
);
$cURLConnection = curl_init('https://api.cardinity.com/v1/payments');
curl_setopt($cURLConnection, CURLOPT_HTTPHEADER, $headers);
curl_setopt($cURLConnection, CURLOPT_POSTFIELDS, json_encode($postRequest));
curl_setopt($cURLConnection, CURLOPT_RETURNTRANSFER, true);
$apiResponse = curl_exec($cURLConnection);
curl_close($cURLConnection);
// $apiResponse - available data from the API request
$jsonArrayResponse = json_decode($apiResponse, TRUE);
if($jsonArrayResponse['status'] == 'approved'){
echo "<h1>Payment Successful</h1>";
}else{
echo "<h1>Payment Failed</h1>";
}
echo "<pre>";
echo "HEADERS #" . print_r($headers, true);
echo "<br/>";
echo "POSTDATA #" . print_r($postRequest, true);
echo "<br/>";
echo "RESPONSE #" . print_r($jsonArrayResponse, true);
echo "</pre>";
似乎您未经授权。您是否授予了相关权限?