我正在尝试通过 Omniauth、HTTParty 和 Ruby on Rails 访问 Jawbone API。我正在按照 API 文档的要求传递 header Authorization => Bearer: [token_here],但它仍然给我一个 401 错误,我终究无法弄清楚原因。我能够通过 omniauth 成功获取 token 并将其存储到 session[:token],但 API 返回 401 unauthorized。
API 文档:https://jawbone.com/up/developer/authentication
我已经搜索过堆栈溢出,但找不到解决方案。有什么问题?
我的代码是:
session Controller .rb
def create
auth_hash = request.env['omniauth.auth']
if session[:user_id]
#if there's a session, then create the authorization
User.find(session[:user_id]).add_provider(auth_hash)
else
auth = Authorization.find_or_create(auth_hash)
session[:user_id] = auth.user.id
session[:token] = auth.user.authorizations.first.token
end
redirect_to '/today'
end
数据处理器.rb
class DataProcessorController < ApplicationController
def today
@current_user_dp = session[:user_id]
@token_dp = session[:token]
@authorization_dp = "Bearer " + @token_dp
#@auth = "Bearer " + session[:current_user].authorizations.first.token unless session[:user_id].nil?
@result = HTTParty.get('http://jawbone.com/nudge/api/v.1.1/users/@me/goals',
:headers => { "Authorization" => @authorization_dp, "Accept" => "application/json"}) unless session[:token].nil?
end
end
结果.html.erb
<p>Result: <%= @result %></p>
<p>Auth header: <%= @result.request.inspect%></p>
HTML 文件的输出:
Result: {"meta"=>{"code"=>401, "error_detail"=>"You must be logged in to perform that action", "error_type"=>"authentication_error", "message"=>"Unauthorized"}, "data"=>{}}
Auth header: #<HTTParty::Request:0x007fe446bb3320 @http_method=Net::HTTP::Get, @path=#<URI::HTTPS:0x007fe446bbb408 URL:https://jawbone.com/nudge/api/v.1.1/users/@me/goals>, @options={:limit=>4, :default_params=>{}, :follow_redirects=>true, :parser=>HTTParty::Parser, :connection_adapter=>HTTParty::ConnectionAdapter, :headers=>{"Authorization"=>"Bearer XXXXXXXXXTOKEN_HEREXXXXXXXXXXXXX", "Accept"=>"application/json"}}, @last_uri=#<URI::HTTPS:0x007fe446bba918 URL:https://jawbone.com/nudge/api/v.1.1/users/@me/goals>, @raw_request=#<Net::HTTP::Get GET>, @last_response=#<Net::HTTPUnauthorized 401 Unauthorized readbody=true>, @redirect=true>
最佳答案
你解决了吗?
如果您查看其他错误字段,它可能会为您提供更多信息。就我而言,我得到的是“未经授权的范围”。我在原始 oauth 请求中未包含的范围内请求项目,因此我提供的 token 范围有限。
关于ruby-on-rails - Jawbone Up API 和 Ruby on Rails 的 401 未经授权错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/25377851/