Curl通过hereapi在php中返回错误签名mistmatch
我正在使用php curl处理这里的API 这里我试图通过下面的文档来获取API令牌 我遵循了示例请求示例,当我在下面运行代码时,它会抛出错误Curl通过hereapi在php中返回错误签名mistmatch,php,here-api,Php,Here Api,我正在使用php curl处理这里的API 这里我试图通过下面的文档来获取API令牌 我遵循了示例请求示例,当我在下面运行代码时,它会抛出错误 {"errorId":"ERROR-5e9aeefb-1182-4b80-954c-eed971ee2c90","httpStatus":401,"errorCode":401300,"message":"Signature mismatch.
{"errorId":"ERROR-5e9aeefb-1182-4b80-954c-eed971ee2c90","httpStatus":401,"errorCode":401300,"message":"Signature mismatch. Authorization signature or client credential is wrong.","error":"invalid_client","error_description":"errorCode: '401300'. Signature mismatch. Authorization signature or client credential is wrong."}
$url2="https://account.api.here.com/oauth2/token";
$ch2 = curl_init();
curl_setopt($ch2,CURLOPT_URL, $url2);
//$post_add = "grant_type=client_credentials";
$post_add=array('grant_type'=> 'client_credentials');
$access_key_id ="my access id ke y goes here";
$timer = time();
// perform signature hashing
$signature = hash_hmac('sha256', $timer, $access_key_id);
curl_setopt($ch2, CURLOPT_HTTPHEADER, array(
"Host: account.api.here.com",
"Cache-Control: no-cache",
"Authorization: OAuth oauth_consumer_key='$access_key_id',oauth_signature_method='HMAC-SHA256',oauth_timestamp='$timer',oauth_nonce='ZGAaMP',oauth_version='1.0',oauth_signature='$signature'",
'Content-Type: application/x-www-form-urlencoded'
));
//curl_setopt($ch2,CURLOPT_CUSTOMREQUEST,'GET');
curl_setopt($ch2,CURLOPT_CUSTOMREQUEST,'POST');
//curl_setopt($ch2,CURLOPT_CUSTOMREQUEST,'DELETE');
curl_setopt($ch2,CURLOPT_POSTFIELDS, $post_add);
curl_setopt($ch2,CURLOPT_SSL_VERIFYPEER,0);
curl_setopt($ch2,CURLOPT_SSL_VERIFYHOST,0);
curl_setopt($ch2,CURLOPT_RETURNTRANSFER, true);
$response2 = curl_exec($ch2);
curl_close($ch2);
print_r($response2);
您是否用自己的签名替换了请求中的样本访问密钥和签名?感谢您回复我Anatoly。主要问题是动态创建签名。API没有指定散列签名所需的参数,而是从post中的nodejs sample链接中指定。看起来他们正在散列访问密钥和访问密钥,然后将其转换为base64。看,我只是困惑,虽然我会尝试不同的way@Anatoly我对密钥id和密码进行了哈希运算,然后将其转换为base64。它现在抛出错误“无效的客户端授权头”,需要签名的请求格式。我认为现在的问题就在下面这行代码中~“授权:OAuth OAuth_consumer_key='$access_key_id',OAuth_signature_method='HMAC-SHA256',OAuth_timestamp='$timer',OAuth_nonce='ZGAaMP',OAuth_version='1.0',OAuth_signature='$signature',你能帮我吗?”。谢谢看一看谢谢。这个链接很有效。您可以将其更新为答案。
$url2="https://account.api.here.com/oauth2/token";
$ch2 = curl_init();
curl_setopt($ch2,CURLOPT_URL, $url2);
//$post_add = "grant_type=client_credentials";
$post_add=array('grant_type'=> 'client_credentials');
$access_key_id ="my access id ke y goes here";
$timer = time();
// perform signature hashing
$signature = hash_hmac('sha256', $timer, $access_key_id);
curl_setopt($ch2, CURLOPT_HTTPHEADER, array(
"Host: account.api.here.com",
"Cache-Control: no-cache",
"Authorization: OAuth oauth_consumer_key='$access_key_id',oauth_signature_method='HMAC-SHA256',oauth_timestamp='$timer',oauth_nonce='ZGAaMP',oauth_version='1.0',oauth_signature='$signature'",
'Content-Type: application/x-www-form-urlencoded'
));
//curl_setopt($ch2,CURLOPT_CUSTOMREQUEST,'GET');
curl_setopt($ch2,CURLOPT_CUSTOMREQUEST,'POST');
//curl_setopt($ch2,CURLOPT_CUSTOMREQUEST,'DELETE');
curl_setopt($ch2,CURLOPT_POSTFIELDS, $post_add);
curl_setopt($ch2,CURLOPT_SSL_VERIFYPEER,0);
curl_setopt($ch2,CURLOPT_SSL_VERIFYHOST,0);
curl_setopt($ch2,CURLOPT_RETURNTRANSFER, true);
$response2 = curl_exec($ch2);
curl_close($ch2);
print_r($response2);