[英]QuickBooks API example shows usage of “curl” but it actually doesn't work or am I missing something
According to QuickBooks Ruby API documentation , it provides an example of using curl
to submit a POST request to the authorization url obtained from Step 1, but right underneath it, it shows that if the web application doesn't support browsers, to use Playground or a web component. According to QuickBooks Ruby API documentation , it provides an example of using
curl
to submit a POST request to the authorization url obtained from Step 1, but right underneath it, it shows that if the web application doesn't support browsers, to use Playground or web 组件。
My question is – is it actually possible to use the curl command as shown in the example?我的问题是——实际上是否可以使用示例中所示的 curl 命令? If I take the exact URL and try to establish a POST request, I get the following results:
如果我采用确切的 URL 并尝试建立 POST 请求,我会得到以下结果:
bash-3.2$ curl -X POST "https://appcenter.intuit.com/connect/oauth2?client_id=[redacted]&redirect_uri=http%3A%2F%2Flocalhost&response_type=code&scope=com.intuit.quickbooks.accounting&state=be17472c59724eb46bfe2690"
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>
bash-3.2$
Obviously it's trying to redirect to another URL, but the API documentation doesn't show the usage of the -L
parameter to follow redirects.显然它试图重定向到另一个 URL,但是 API 文档没有显示使用
-L
参数来跟踪重定向。 If I try to provide the -L
parameter for curl
to follow redirects, then I get the following response:如果我尝试为
curl
提供-L
参数以跟踪重定向,则会收到以下响应:
bash-3.2$ curl -X POST "https://appcenter.intuit.com/connect/oauth2?client_id=[redacted]&redirect_uri=http%3A%2F%2Flocalhost&response_type=code&scope=com.intuit.quickbooks.accounting&state=be17472c59724eb46bfe2690" -L
<HTML><HEAD>
<TITLE>Bad Request</TITLE>
</HEAD><BODY>
<H1>Bad Request</H1>
Your browser sent a request that this server could not understand.<P>
Reference #7.2500e8ac.1592267832.14229c52
</BODY>
</HTML>
Again, doesn't work even following redirects.同样,即使遵循重定向也不起作用。 If I append
-I
to the curl
command, then I get the following:如果我 append
-I
到curl
命令,那么我得到以下信息:
bash-3.2$ curl -X POST "https://appcenter.intuit.com/connect/oauth2?client_id=[redacted]&redirect_uri=http%3A%2F%2Flocalhost&response_type=code&scope=com.intuit.quickbooks.accounting&state=be17472c59724eb46bfe2690" -LI
HTTP/2 301
date: Tue, 16 Jun 2020 00:37:17 GMT
content-type: text/html
content-length: 162
location: https://appcenter.intuit.com/app/connect/oauth2?client_id=[redacted]&redirect_uri=http%3A%2F%2Flocalhost&response_type=code&scope=com.intuit.quickbooks.accounting&state=be17472c59724eb46bfe2690
server: nginx
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=3156000; includeSubDomains; preload
HTTP/2 302
date: Tue, 16 Jun 2020 00:37:17 GMT
content-type: text/plain;charset=utf-8
content-length: 406
location: https://accounts.intuit.com/index.html?partner_uid_button=google&offering_id=Intuit.sbg-fms.ippdevx&redirect_url=https%3A%2F%2Fappcenter.intuit.com%2Fapp%2Fconnect%2Foauth2%3Fclient_id%3D[redacted]%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%26response_type%3Dcode%26scope%3Dcom.intuit.quickbooks.accounting%26state%3Dbe17472c59724eb46bfe2690
server: nginx
strict-transport-security: max-age=15552000
intuit_tid: 1-5ee8143d-29a68cec2ec922da5c6be528
x-spanid: ad76586b-a5ac-41bd-b2df-022148a5a78b
x-amzn-trace-id: Self=1-5ee8143d-3aa839e8b2cf25d846078238;Root=1-5ee8143d-29a68cec2ec922da5c6be528
x-dns-prefetch-control: off
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: private,no-cache,no-store,pre-check=0,post-check=0,must-revalidate
expires: -1
pragma: no-cache
set-cookie: hosted-shell=%7B%22clientId%22%3A%22a4676677-5191-4eca-873e-34a04b5b1dd4%22%7D; Path=/; Expires=Fri, 14 Jun 2030 00:37:17 GMT; Secure
vary: Accept, Accept-Encoding
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=3156000; includeSubDomains; preload
HTTP/2 411
server: AkamaiGHost
mime-version: 1.0
content-type: text/html
content-length: 223
expires: Tue, 16 Jun 2020 00:37:17 GMT
date: Tue, 16 Jun 2020 00:37:17 GMT
If I take the same URL and request it via a web browser, then it just takes me to the redirect callback URL as it's supposed to.如果我采用相同的 URL 并通过 web 浏览器请求它,那么它只会将我带到重定向回调 URL ,因为它应该是。 I can't figure out why
curl
isn't doing the same thing.我不明白为什么
curl
没有做同样的事情。 I don't understand what it means by "web component" if I can't even replicate the same thing via curl.如果我什至不能通过 curl 复制相同的东西,我不明白“Web 组件”是什么意思。 I also have another web module that I'm using for GET and POST requests, and they're bringing me to an HTTP200 but not the callback URL.
我还有另一个 web 模块用于 GET 和 POST 请求,它们将我带到 HTTP200 但不是回调 URL。
Any idea how I could accomplish getting this authorization token from the redirect callback URL like it does in the web browser?知道如何像在 web 浏览器中那样从重定向回调 URL 中获取此授权令牌吗? Here's another example of me trying to do this via the web component in the Ruby script:
这是我尝试通过 Ruby 脚本中的 web 组件执行此操作的另一个示例:
[3] pry(#<QuickBooksAPI>)> grant_url
=> "https://appcenter.intuit.com/connect/oauth2?client_id=[redacted]&redirect_uri=http%3A%2F%2Flocalhost&response_type=code&scope=com.intuit.quickbooks.accounting&state=be17472c59724eb46bfe2690"
[4] pry(#<QuickBooksAPI>)> response = WebRequest.new.get_request(grant_url)
=> #<Net::HTTPMovedPermanently 301 Moved Permanently readbody=true>
[5] pry(#<QuickBooksAPI>)> response['Location']
=> "https://appcenter.intuit.com/app/connect/oauth2?client_id=[redacted]&redirect_uri=http%3A%2F%2Flocalhost&response_type=code&scope=com.intuit.quickbooks.accounting&state=be17472c59724eb46bfe2690"
[6] pry(#<QuickBooksAPI>)> response = WebRequest.new.get_request(response['Location'])
=> #<Net::HTTPFound 302 Found readbody=true>
[7] pry(#<QuickBooksAPI>)> response['Location']
=> "https://accounts.intuit.com/index.html?partner_uid_button=google&offering_id=Intuit.sbg-fms.ippdevx&redirect_url=https%3A%2F%2Fappcenter.intuit.com%2Fapp%2Fconnect%2Foauth2%3Fclient_id%3D[redacted]%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%26response_type%3Dcode%26scope%3Dcom.intuit.quickbooks.accounting%26state%3Dbe17472c59724eb46bfe2690"
[8] pry(#<QuickBooksAPI>)> response = WebRequest.new.get_request(response['Location'])
=> #<Net::HTTPOK 200 OK readbody=true>
[9] pry(#<QuickBooksAPI>)> response.uri
=> #<URI::HTTPS https://accounts.intuit.com/index.html?partner_uid_button=google&offering_id=Intuit.sbg-fms.ippdevx&redirect_url=https%3A%2F%2Fappcenter.intuit.com%2Fapp%2Fconnect%2Foauth2%3Fclient_id%3D[redacted]%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%26response_type%3Dcode%26scope%3Dcom.intuit.quickbooks.accounting%26state%3Dbe17472c59724eb46bfe2690>
This time it sends me to a 200 but it never actually sends me to the callback/redirect URL.这次它将我发送到 200,但它实际上从未将我发送到回调/重定向 URL。
I'm just simply trying to complete step 2 but cannot do so without a browser it seems, even using "web components" and curl.我只是简单地尝试完成第 2 步,但似乎没有浏览器就无法完成,即使使用“Web 组件”和 curl。
Am I just going to have to manually use OAuth Playground and continuously just refresh my token since my API is all backend and no front-end/user redirect, etc.?我是否只需要手动使用 OAuth Playground 并不断刷新我的令牌,因为我的 API 都是后端并且没有前端/用户重定向等?
The OAuth grant flow needs your end user to grant your authenticate your application before you call API using access tokens. OAuth 授权流程需要您的最终用户在您使用访问令牌调用 API 之前授予您的应用程序身份验证权限。 So here is what you process would look like
所以这就是你处理的样子
From Step3.从第 3 步开始。 onwards you can use curl to process all of it.
之后,您可以使用 curl 来处理所有这些。 Hope this helps:)
希望这可以帮助:)
EDIT编辑
No, In your case you would use OAuth differently.不,在您的情况下,您将以不同的方式使用 OAuth。 Using the Oauth Playground will take create an initial access_token for you.
使用 Oauth Playground 将为您创建一个初始 access_token。 Steps 1-4 are taken care of.
步骤 1-4 已处理完毕。
Now you can use this token to authenticate all your API calls.现在您可以使用此令牌来验证您的所有 API 调用。 However, the token will expire.
但是,令牌将过期。 So when you do get an expired response then you have to do a curl to fetch a new token using the info here...
因此,当您确实收到过期响应时,您必须执行 curl 以使用此处的信息获取新令牌...
https://developer.intuit.com/app/developer/qbo/docs/develop/authentication-and-authorization/oauth-2.0#refresh-the-token https://developer.intuit.com/app/developer/qbo/docs/develop/authentication-and-authorization/oauth-2.0#refresh-the-token
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.