Request OAuth token from BitBucket

非 Y 不嫁゛ 提交于 2019-12-05 23:49:00

问题


I've been trying to integrate BitBucket to my application for the past 4 hours to no avail.

While reading through BitBucket's RESTful API documentation, I noticed that you need to use OAuth — it's OK, I'm using J.R Conlin's OAuthSimple library, which if fine by me (I tried oauth-php but it was kinda complicated — I didn't need all of those options for such a small integration).

For what I understand, the first step to authenticate with OAuth is to request a new token via POST. When providing the necessary parameters, you should get a response from BitBucket, like this:

oauth_token=Z6eEdO8lOmk394WozF9oJyuAv899l4llqo7hhlSLik&oauth_token_secret=Jd79W4OQfb2oJTV0vzGzeXftVAwglnEJ9lumzYcl&oauth_callback_confirmed=true

To do that, I'm using cURL and OAuthSimple:

$key    = 'key_provided_by_bitbucket';
$secret = 'key_provided_by_bitbucket';
$path   = 'https://api.bitbucket.org/1.0/oauth/request_token';

$params = array(
    'oauth_consumer_key'        => $key,
    'oauth_nonce'               => base_convert(mt_rand(10000, 90000), 10, 32) . 'a',
    'oauth_signature'           => 'HMAC-SHA1',
    'oauth_signature_method'    => 'HMAC-SHA1',
    'oauth_timestamp'           => time(),
    'oauth_callback'            => base_url('dashboard'),
    'oauth_version'             => '1.0a'
);

$oauth  = new OAuthSimple($key, $secret);
$result = $oauth->sign(array(
    'action'        => 'POST',
    'path'          => $path,
    'parameters'    => $params
));

// load resulting url into a string
$ch = curl_init($result['signed_url']);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$r = curl_exec($ch);
curl_close($ch);

The thing is that, when I send my request, one of two things happen:

  1. If I send it like posted here, I will get a 401 error (I can see that via curl_getinfo($ch))
  2. If I set curl_setopt($ch, CURLOPT_POST, 1), I get a 400 Bad request

The resulting string (stored in $r) is an empty string. The signed_url is a correctly formed URL AFAIK, which is something like this:

https://api.bitbucket.org/1.0/oauth/request_token?oauth_callback=http%3A%2F%2Flocalhost%2Fidv&oauth_consumer_key=key_provided_by_bitbucket&oauth_nonce=b47a&oauth_signature=3A1R%2FoKxTqh6Q23poaS%2BVNzhwpE%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1347167282&oauth_version=1.0a

If I enter manually that address into my address bar in a browser, I'll get an Authentication Dialog to the BitBucket API, port 443. I can't login with my credentials, though. Then it will just keep saying "Could not verify OAuth request."

I don't know what I'm doing wrong, since it's my first time using OAuth.

Any help's appreciated!


回答1:


The problem is that Curl will verify the SSL certificate.

To solve the problem you can tell Curl to ignore the verification of the SSL certificates:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);


来源:https://stackoverflow.com/questions/12336777/request-oauth-token-from-bitbucket

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!