HTTP 401访问Magento 2 Rest API时发生基本身份验证错误
我正在尝试在Magento 2中使用Rest API。我有一段PHP,它使用cURL首先为我的Magento用户获取一个管理令牌,然后使用该令牌返回一段Magento数据(在本例中是一个产品类型列表)。第一部分返回一个没有问题的令牌,但第二部分返回一个HTTP401基本身份验证错误 我的代码是:HTTP 401访问Magento 2 Rest API时发生基本身份验证错误,rest,magento,http-status-code-401,Rest,Magento,Http Status Code 401,我正在尝试在Magento 2中使用Rest API。我有一段PHP,它使用cURL首先为我的Magento用户获取一个管理令牌,然后使用该令牌返回一段Magento数据(在本例中是一个产品类型列表)。第一部分返回一个没有问题的令牌,但第二部分返回一个HTTP401基本身份验证错误 我的代码是: <?php // Get handle for token retrieval $userData = array("username" => "user", "password" =&g
<?php
// Get handle for token retrieval
$userData = array("username" => "user", "password" => "password!");
$ch = curl_init("https://my.magento/rest/V1/integration/admin/token/");
// Set options
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($userData));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/json", "Content-Length: " . strlen(json_encode($userData))));
curl_setopt($ch, CURLOPT_VERBOSE, true);
$verbose = fopen('/tmp/curl.log', 'w+');
curl_setopt($ch, CURLOPT_STDERR, $verbose);
// Get token
$token = curl_exec($ch);
echo "Token returned: " . $token . "<BR><BR>";
// Display log
rewind($verbose);
$verboseLog = stream_get_contents($verbose);
echo "Verbose information 1:\n<pre>", htmlspecialchars($verboseLog), "</pre>\n";
echo "About to get product<BR>";
// Get handle for product types
$ch = curl_init("https://my.magento/rest/V1/products/types/");
// Set options
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/json", "Authorization: Bearer " . json_decode($token)));
curl_setopt($ch, CURLOPT_VERBOSE, true);
$verbose = fopen('/tmp/curl.log', 'w+');
curl_setopt($ch, CURLOPT_STDERR, $verbose);
// Get types
$result = curl_exec($ch);
echo "Result: " . $result . "<BR>";
// Display log
rewind($verbose);
$verboseLog = stream_get_contents($verbose);
echo "<BR>Verbose information 2:\n<pre>", htmlspecialchars($verboseLog), "</pre>\n";
?>
浏览器输出为:
返回的令牌:“t8iskt68xlo5frf9hhtc1lk8wmqzbzx8”
详细信息1:
*即将连接()到my.magento端口443(#2)
*正在尝试104.25.128.20。。。
*连接到mymagento(nn.nn.nn)端口443(#2)
*CAfile:/etc/pki/tls/certs/ca-bundle.crt
卡帕斯:没有
*使用TLS_ECDHE_ECDSA_和_AES_128_GCM_SHA256的SSL连接
*服务器证书:
*主题:CN=ssl379212.cloudflaressl.com,OU=PositiveSSL Multi-Domain,OU=Domain-Control-Validated
*开始日期:2018年10月26日00:00:00 GMT
*到期日期:5月4日23:59:59格林尼治标准时间2019
*通用名称:ssl379212.cloudflaressl.com
*发卡机构:CN=COMODO ECC域验证安全服务器CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
>POST/rest/V1/integration/admin/token/HTTP/1.1
主持人:sand2.firetoys.co.uk
接受:*/*
内容类型:application/json
内容长度:48
*上传已完全发送:48个字节中的48个
GET/rest/V1/products/types/HTTP/1.1
主持人:sand2.firetoys.co.uk
接受:*/*
内容类型:application/json
授权:持票人t8iskt68xlo5frf9hhtc1lk8wmqzbzx8
当我尝试直接浏览时,我得到了一个Magento错误,说我没有获得产品资源的授权,这是我所期望的,因为我没有发送令牌或登录凭据,但至少它正在通过Magento
有什么想法吗
我应该补充一点,服务器被设置为基本身份验证,如果我在GET的头中用必要的基本身份验证替换承载身份验证,它将返回关于无法访问资源的Magento消息,这是很公平的。所以我想有两个问题:
Tokenreturned: "t8iskt68xlo5frf9hhtc1lk8wmqzbzx8"
Verbose information 1:
* About to connect() to my.magento port 443 (#2)
* Trying 104.25.128.20...
* Connected to mymagento (nn.nn.nn.nn) port 443 (#2)
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: CN=ssl379212.cloudflaressl.com,OU=PositiveSSL Multi-Domain,OU=Domain Control Validated
* start date: Oct 26 00:00:00 2018 GMT
* expire date: May 04 23:59:59 2019 GMT
* common name: ssl379212.cloudflaressl.com
* issuer: CN=COMODO ECC Domain Validation Secure Server CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
> POST /rest/V1/integration/admin/token/ HTTP/1.1
Host: sand2.firetoys.co.uk
Accept: */*
Content-Type: application/json
Content-Length: 48
* upload completely sent off: 48 out of 48 bytes
< HTTP/1.1 200 OK
< Date: Wed, 31 Oct 2018 12:50:01 GMT
< Content-Type: application/json; charset=utf-8
< Content-Length: 34
< Connection: keep-alive
< Set-Cookie: __cfduid=d69af7d1f0a1205231a8867c1f45875621540990201; expires=Thu, 31-Oct-19 12:50:01 GMT; path=/; domain=.my.magento; HttpOnly
< X-Frame-Options: SAMEORIGIN
< X-UA-Compatible: IE=edge
< Pragma: no-cache
< Expires: -1
< Cache-Control: no-store, no-cache, must-revalidate, max-age=0
< Accept-Ranges: bytes
< Set-Cookie: PHPSESSID=9p378rsfito8gfocnrufucssh6; expires=Wed, 31-Oct-2018 13:50:01 GMT; Max-Age=3600; path=/; domain=sand2.firetoys.co.uk; secure; HttpOnly
< Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
< Server: cloudflare
< CF-RAY: 47263eb629ea0ce9-LHR
<
* Connection #2 to host my.magento left intact
About to get product
Result:
Verbose information 2:
* About to connect() to my.magento port 443 (#3)
* Trying nn.nn.nn.nn...
* Connected to my.magento (nn.nn.nn.nn) port 443 (#3)
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: CN=ssl379212.cloudflaressl.com,OU=PositiveSSL Multi-Domain,OU=Domain Control Validated
* start date: Oct 26 00:00:00 2018 GMT
* expire date: May 04 23:59:59 2019 GMT
* common name: ssl379212.cloudflaressl.com
* issuer: CN=COMODO ECC Domain Validation Secure Server CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB
> GET /rest/V1/products/types/ HTTP/1.1
Host: sand2.firetoys.co.uk
Accept: */*
Content-Type: application/json
Authorization: Bearer t8iskt68xlo5frf9hhtc1lk8wmqzbzx8
< HTTP/1.1 401 Unauthorized
< Date: Wed, 31 Oct 2018 12:50:01 GMT
< Content-Length: 0
< Connection: keep-alive
< Set-Cookie: __cfduid=d38c9e4bc3019d9ac55c7f68f5c5ca1161540990201; expires=Thu, 31-Oct-19 12:50:01 GMT; path=/; domain=.my.magento; HttpOnly
< X-Varnish: 7995397
< WWW-Authenticate: Basic
< Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
< Server: cloudflare
< CF-RAY: 47263eb70f5b3512-LHR
<
* Connection #3 to host my.magento left intact