【问题标题】:Here Map API request token with NodeJS这里使用 NodeJS 映射 API 请求令牌
【发布时间】:2020-08-15 10:37:49
【问题描述】:

我正在尝试使用 NodeJS 向 Here Map API 请求令牌,以获取 OAuth 2.0 令牌凭据。 我被请求级别阻止并且不断出现相同的错误,但根据文档,我没有做错任何事情。

这是 NodeJS 中发出请求的必要代码:

const keyID = "MyKeyID";
const keySecret = "MySecretKey";

const httpMethod = "POST";
const httpUrl = "https://account.api.here.com/oauth2/token";

let oauthNonce = Math.random().toString(36).substring(6);
let oauthTimestamp = Date.now();
let oauthSignatureMethod = "HMAC-SHA256";
let oauthVersion = "1.0";

let baseString = httpMethod + "&" + httpUrl;

let oauth1Param = [];
oauth1Param.oauth_consumer_key = keyID;
oauth1Param.oauth_signature_method = oauthSignatureMethod;
oauth1Param.oauth_signature = "";
oauth1Param.oauth_timestamp = oauthTimestamp;
oauth1Param.oauth_nonce = oauthNonce;
oauth1Param.oauth_version = oauthVersion;

let paramString = "grant_type=client_credentials"
                    + "&oauth_consumer_key=" + oauth1Param.oauth_consumer_key
                    + "&oauth_nonce=" + oauth1Param.oauth_nonce
                    + '&oauth_signature_method=' + oauth1Param.oauth_signature_method
                    + "&oauth_timestamp=" + oauth1Param.oauth_timestamp
                    + "&oauth_version=" + oauth1Param.oauth_version;

baseString += "&" + paramString;

let signingKey = keySecret + "&";

let signature = crypto.createHmac('SHA256', signingKey).update(baseString).digest('base64');

oauth1Param.oauth_signature = signature;

console.log(JSON.stringify(paramString));
console.log(oauth1Param);

let headerOauth = "OAuth ";
for (let key in oauth1Param) {
    headerOauth += key + "="  + oauth1Param[key] + ",";
}

headerOauth = headerOauth.slice(0, -1);
console.log(headerOauth);

var request = require('request');
request.post({
    url : httpUrl,
    headers: {
        'content-type' : 'application/x-www-form-urlencoded',
        'Authorization' : headerOauth
    },
    body : JSON.stringify({
        "grant_type" : "client_credentials"
    })
}, function(error, response, body){
    if(error){
        console.log("------ ERROR -------");
        throw error;
    }
    //console.log(response);
    console.log(body);
});

这是我不断收到的错误:

{"errorId":"ERROR-51fa3a57-1dfa-4da7-b2e9-5f94574a4f75", 
"httpStatus":401, 
"errorCode":401205,
"message":"Unsupported signature method in the header. Require HMAC-SHA256",
"error":"invalid_request",
"error_description":"errorCode: '401205'. Unsupported signature method in the header. Require HMAC-SHA256"}

根据文档https://developer.here.com/documentation/authentication/dev_guide/topics/error-messages.html,我的签名方法有一个错误,它必须是HMAC-SHA256,但实际上这是我在代码开头的内容:let oauthSignatureMethod = "HMAC-SHA256";

有人知道如何解决这个问题吗?

【问题讨论】:

    标签: node.js oauth oauth-2.0 http-post here-api


    【解决方案1】:

    您正在使用的库 request 支持 OAuth 签名。因此代码可以大大缩短:

    const request = require('request');
    
    const OAUTH_URL = 'https://account.api.here.com/oauth2/token';
    const KEY_ID = '<KEY_ID>';
    const KEY_SECRET = '<KEY_SECRET>';
    
    request.post({
      url: OAUTH_URL,
      oauth: {
        consumer_key: KEY_ID,
        consumer_secret: KEY_SECRET,
        signature_method: 'HMAC-SHA256'
      },
      headers: {
        'Content-Type' : 'application/x-www-form-urlencoded',
      },
      form: {
        'grant_type': 'client_credentials'
      }
    }, function (e, r, body) {
      console.log(body);
    });
    

    至于您的代码 sn-p,JSON.stringify(obj) 不合适,因为它也会对对象的大括号进行编码。 此外,OAuth 标头中的值需要用双引号括起来。 OAuth 很容易出错 :)

    【讨论】:

    • 老兄!太感谢了!你真的救了我的命!!我是 Here-API 的新手,我自己学习。如果您了解更多,请不要犹豫,分享您的知识或一些好的文档。谢谢!
    • 你知道如何使用 Axios 来做到这一点吗?
    猜你喜欢
    • 1970-01-01
    • 2015-09-28
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 2021-11-27
    • 2019-03-23
    相关资源
    最近更新 更多