Magento oauth and REST api trouble

2019-05-06 05:05发布

问题:

I’m trying to integrate my ruby on rails app to magento, and I got so far as to make the initial request, get authorized, and I believe I’m getting the final token, but I can’t be sure. Here is what I have in my response:

(There’s a lot of stuff here, so skip ahead where I pluck out the import bits)

 .....
 "credentials"=>
  {"token"=>"r8apb2rcgci9ry5hugcuiqlnwdi0evc1",
   "secret"=>"8pnyogb4048toujt5rjoq26tqh50vkv5"},
 "extra"=>
  {"access_token"=>
    #<OAuth::AccessToken:0x007fdd59893468
     @consumer=
      #<OAuth::Consumer:0x007fdd5995f928
       @http=#<Net::HTTP mymagentocart.dev:443 open=false>,
       @http_method=:post,
       @key="ttuj6ok0ioziv7bcfwi8wprzqe6o4x1e",
       @options=
        {:signature_method=>"HMAC-SHA1",
         :request_token_path=>"/oauth/initiate",
         :authorize_path=>"/admin/oauth_authorize",
         :access_token_path=>"/oauth/token",
         :proxy=>nil,
         :scheme=>:header,
         :http_method=>:post,
         :oauth_version=>"1.0",
         :site=>"https://mymagentocart.dev"},
       @secret="b0maut2ftkg2wb3nm24t263720n7kxqa">,
     @params=
      {:oauth_token=>"r8apb2rcgci9ry5hugcuiqlnwdi0evc1",
       "oauth_token"=>"r8apb2rcgci9ry5hugcuiqlnwdi0evc1",
       :oauth_token_secret=>"8pnyogb4048toujt5rjoq26tqh50vkv5",
       "oauth_token_secret"=>"8pnyogb4048toujt5rjoq26tqh50vkv5"},
     @secret="8pnyogb4048toujt5rjoq26tqh50vkv5",
     @token="r8apb2rcgci9ry5hugcuiqlnwdi0evc1">},
 "oauth_token"=>"jj2dbrea7dimxwc0twibyoikxjazvs6y",
 "oauth_verifier"=>"83idqmtmb76fe5axad1rf7lhfa3wqxki"
.....

I see in the access token, my key and secret:

@key="ttuj6ok0ioziv7bcfwi8wprzqe6o4x1e" 
@secret="b0maut2ftkg2wb3nm24t263720n7kxqa”

This is what magento gave me when I created a REST consumer in the admin.

Then there’s a bunch of repeated token and secrets, but they’re all the same and fall under the “credentials” label:

“token"=>"r8apb2rcgci9ry5hugcuiqlnwdi0evc1" 
“secret"=>"8pnyogb4048toujt5rjoq26tqh50vkv5”

And finally, there’s the oauth_token and oauth_verifier:

“oauth_token"=>"jj2dbrea7dimxwc0twibyoikxjazvs6y" 
“oauth_verifier"=>"83idqmtmb76fe5axad1rf7lhfa3wqxki”

So here’s my problem…

Which of these do I need to pass with future requests to authenticate straight away without needing to regenerate a token?

In my app currently, each time I make a request, it keeps sending me back to the user confirmation screen in magento to authorize.

Also, how can I make a request to get my magento user id, name, etc… so I can generate a user in rails app using this info?

Thank you!

回答1:

You have the access token object so you should be able to do something like this:

auth_hash["extra"]["access_token"].get("/api/rest/products")

If you want to create a new access token object you can do the following with the keys and tokens I pulled from your example:

@consumer=OAuth::Consumer.new("ttuj6ok0ioziv7bcfwi8wprzqe6o4x1e", "b0maut2ftkg2wb3nm24t263720n7kxqa", {:site => "https://mymagentocart.dev"})
@access_token = OAuth::AccessToken.new(@consumer, "r8apb2rcgci9ry5hugcuiqlnwdi0evc1", "8pnyogb4048toujt5rjoq26tqh50vkv5")
@access_token.get("/api/rest/products")

See "Using a long living Access Token" on this page: http://code.google.com/p/oauth-plugin/wiki/AccessToken