【问题标题】:Google Contact API - 401 Target InvalidGoogle Contact API - 401 目标无效
【发布时间】:2014-07-06 21:50:04
【问题描述】:

我的项目正在使用带有 gmail oauth 的 php 并面临此错误,因为 401 Target Invalid 另一个项目使用相同的方式(不同的 ID 和 Secret 但相同的域)工作正常。例如:-

xxx.com/abc xxx.com/def

HTTP/1.1 401 Token invalid - Target is invalid.
Content-Type: text/html; charset=utf-8
Date: Mon, 19 May 2014 02:03:50 GMT
Expires: Mon, 19 May 2014 02:03:50 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alternate-Protocol: 443:quic
Transfer-Encoding: chunked

我该如何解决这个问题?感谢任何 cmets 和帮助。

GmailOath 代码

 $url = 'https://www.google.com/accounts/OAuthGetRequestToken';
 $params['oauth_version'] = '1.0';
 $params['oauth_nonce'] = mt_rand();
 $params['oauth_timestamp'] = time();
 $params['oauth_consumer_key'] = $oauth->oauth_consumer_key;
 $params['oauth_callback'] = $oauth->callback;
 $params['scope'] = 'https://www.google.com/m8/feeds';

更新: 我猜这可能是问题所在。下面不同的是内容类型,它应该是“应用程序/json”。但是不知道在哪里更改它们...

更新: 经过进一步调查,它只有在我更换了https://console.developers.google.com/的旧应用程序的客户端ID和秘密后才能工作。无论我尝试生成多少新应用程序,它都无法正常工作。发生了什么事?

工作电话:-

[url] => https://www.google.com/m8/feeds/contacts/default/full?alt=json&max-results=1000&oauth_consumer_key=59093836836-0c8mb4u395gklok3k52cr2b0oml3gmcg.apps.googleusercontent.com&oauth_nonce=1103659829&oauth_signature=ORgJZEli8Y0b1Bv1xUwFWysdJgA%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1400465100&oauth_token=1%2FL0o-ttvJP0haJ2RF9I-jd6hOIW2-kFYiQmlNx7UWVkw&oauth_version=1.0
            [content_type] => application/json; charset=UTF-8
            [http_code] => 200
            [header_size] => 525
            [request_size] => 743
            [filetime] => -1
            [ssl_verify_result] => 0
            [redirect_count] => 0
            [total_time] => 2.250314
            [namelookup_time] => 4.7E-5
            [connect_time] => 0.012625
            [pretransfer_time] => 0.040877
            [size_upload] => 0
            [size_download] => 997382
            [speed_download] => 443219
            [speed_upload] => 0
            [download_content_length] => -1
            [upload_content_length] => 0
            [starttransfer_time] => 0.423671
            [redirect_time] => 0

电话打不通:-

 [url] => https://www.google.com/m8/feeds/contacts/default/full?alt=json&max-results=1000&oauth_consumer_key=59093836836-57psirebb7ntghd1259g4iiml5eq0l70.apps.googleusercontent.com&oauth_nonce=995553446&oauth_signature=8yPK5su1np6sC0z8vmZ%2BHOW7CuE%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1400465030&oauth_token=1%2FrDfOd04W2oUs2MHfLoFIJoVngnM0n3MWZwWMRoeFDOg&oauth_version=1.0
                [content_type] => text/html; charset=utf-8
                [http_code] => 401
                [header_size] => 369
                [request_size] => 745
                [filetime] => -1
                [ssl_verify_result] => 0
                [redirect_count] => 0
                [total_time] => 0.337964
                [namelookup_time] => 4.7E-5
                [connect_time] => 0.017053
                [pretransfer_time] => 0.054309
                [size_upload] => 0
                [size_download] => 11875
                [speed_download] => 35136
                [speed_upload] => 0
                [download_content_length] => -1
                [upload_content_length] => 0
                [starttransfer_time] => 0.337551
                [redirect_time] => 0

如果上述问题不完整,请询问更多信息。谢谢。

【问题讨论】:

  • 您的请求标头大小不同。我的猜测是“错误”请求在请求标头中发送了额外的内容。
  • 会不会是老版本贬值了?

标签: php api google-contacts-api google-shared-contacts google-profiles-api


【解决方案1】:

401 错误是一个 HTTP 代码,它声明 Unauthorized,这意味着请求需要身份验证。在此处查看:10 Status Code Definitions 搜索 401

10.4.2 401 Unauthorized

The request requires user authentication. The response MUST include a 
WWW-Authenticate header field (section 14.47) containing a challenge applicable 
to the requested resource. The client MAY repeat the request with a 
suitable Authorization header field (section 14.8). If the request already 
included Authorization credentials, then the 401 response indicates 
that authorization has been refused for those credentials. If the 401 response 
contains the same challenge as the prior response, and the user agent has 
already attempted authentication at least once, then the user SHOULD be 
presented the entity that was given in the response, since that entity might 
include relevant diagnostic information. HTTP access authentication is explained 
in "HTTP Authentication: Basic and Digest Access Authentication"

更新

由于您的请求彼此不同,因此有效的请求被授予访问权限,而第二个则没有。我已经用 Winmerge 检查了您的请求,它们来自两个不同的应用程序。因此,您可以尝试通过 JSON 发送第一个以查看会发生什么。

是否有可能您没有将其他应用属性配置为可以访问整个 google api。

我还是坚持我之前的回答,因为这是401码的问题,未经授权的访问。

【讨论】:

  • 您好,已经有一段时间了,直到现在我才有时间回到这个模块。但是,到目前为止,我无法找到 JSON 在哪里。这两者的实现是一样的。不知道为什么会这样。
【解决方案2】:

找到解决办法,

看起来新生成的客户端 ID 和客户端密码已被旧版本的 API 淘汰。实现此功能的唯一方法是实现 Google Contact APIv3 并使用 OAuth2。

希望这能帮助其他有同样问题的人。

【讨论】:

    猜你喜欢
    • 1970-01-01
    • 1970-01-01
    • 2013-02-05
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    相关资源
    最近更新 更多