HERE 地图:无效的客户端授权 header,需要签名的请求格式
[英]HERE Maps: Invalid Client Authorization header, expecting signed request format
问题描述
我正在使用 NestJS 后端来执行对 HERE Maps API 的调用。
我试图实现的是在这样的专用服务中发出令牌请求:
@Injectable()
export class HereMapsService {
constructor(private configService: ConfigService) {
this.getToken()
}
private getToken() {
const consumerKey: string = this.configService.get('HERE_CONSUMER_KEY')
const nonce: string = uuid()
const timestamp: number = new Date().getTime() / 1000
const signature: string = this.getSignature(nonce, timestamp, consumerKey)
const headers = {
'Authorization': `OAuth oauth_consumer_key="${consumerKey}",oauth_signature_method="HMAC-SHA256",oauth_timestamp="${timestamp}",oauth_nonce="${nonce}",oauth_version="1.0",oauth_signature="${signature}"`,
'Content-Type': 'application/x-www-form-urlencoded'
}
axios
.post('https://account.api.here.com/oauth2/token', 'grant_type=client_credentials', { headers })
.then((result) => console.log(result))
.catch((error) => console.log(error))
}
private getSignature(nonce: string, timestamp: number, consumerKey: string): string {
const consumerSecret: string = encodeURIComponent(this.configService.get('HERE_CONSUMER_SECRET')) + '&'
const urlBaseString: string = encodeURIComponent(this.configService.get('HERE_BASE_URL') + '/oauth2/token')
const signatureBaseString: string = encodeURIComponent(`grant_type=client_credentials&oauth_consumer_key=${consumerKey}&oauth_nonce=${nonce}&oauth_signature_method=HMAC-SHA256&oauth_timestamp=${timestamp}&oauth_version=1.0`)
const finalString = `POST&${urlBaseString}&${signatureBaseString}`
return crypto.createHmac('sha256', consumerSecret).update(finalString).digest('base64')
}
}
我得到的回应是:
数据:{errorId:'ERROR-ec0c9a2c-2836-4a6b-ac8a-2b2aca74650a',httpStatus:401,errorCode:401202,消息:'无效的客户端授权header,期望签名请求格式。',错误:'invalid_description' " errorCode: '401202'。无效的客户端授权 header,需要签名的请求格式。 " }
我想问题出在我的 getSignature() 方法中,但我不知道出了什么问题。
2 个解决方案
解决方案1
0 2021-02-26 07:29:16
您能尝试将示例代码应用到您的代码中吗?
var axios = require('axios');
var data = JSON.stringify({"grantType":"client_credentials","expiresIn":86400});
var config = {
method: 'post',
url: 'https://account.api.here.com/oauth2/token',
headers: {
'Content-Type': 'application/json',
'Authorization': 'OAuth oauth_consumer_key="consumerKey",oauth_signature_method="HMAC-SHA1",oauth_timestamp="timestamp",oauth_nonce="nonce",oauth_version="1.0",oauth_signature="signature"'
},
data : data
};
axios(config)
.then(function (response) {
console.log(JSON.stringify(response.data));
})
.catch(function (error) {
console.log(error);
});
解决方案2
0 2021-03-12 14:36:23
我在 php curl 中解决了,请求 header 需要采用以下格式:
CURLOPT_HTTPHEADER => array(
'oauth_consumer_key: '.urlencode($ACCESS_KEY_ID),
'oauth_nonce: '.urlencode($oauth_nonce),
'oauth_signature: '.urlencode($signature),
'oauth_signature_method: '.urlencode($oauth_signature_method),
'oauth_timestamp: '.urlencode($oauth_timestamp),
'oauth_version: '.urlencode($oauth_version),
'Content-Type: application/x-www-form-urlencoded',
'Authorization: OAuth oauth_consumer_key="'.urlencode($ACCESS_KEY_ID).'",oauth_signature_method="'.urlencode($oauth_signature_method).'",oauth_timestamp="'.urlencode($oauth_timestamp).'",oauth_nonce="'.urlencode($oauth_nonce).'",oauth_version="'.urlencode($oauth_version).'",oauth_signature="'.urlencode($signature).'"'
),
并且帖子字段需要是
CURLOPT_POSTFIELDS => 'grant_type=client_credentials',
请记住,这是 php curl 格式。
Google People API:请求具有无效的身份验证凭据 - 未设置授权承载 header
[英]Google People API: Request had invalid authentication credentials - Authorization Bearer header not setting up
CORS 使用“授权”Header 和数据阻止 axios 请求
[英]CORS blocking axios request with 'Authorization' Header and Data
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.