我正在尝试仅使用 App auth 进行身份验证,并且成功获得了不记名 token ,但是当我尝试调用 REST API 时,我总是收到 401 错误,这是我的代码:
private var accessToken: String?
private let consumerKey = "*********"
private let consumerSecret = "*********"
private let baseUrlString = "https://api.twitter.com/1.1/"
private let pageSize = 20
private func authenticate(completionBlock: Void -> ()) {
if accessToken != nil {
completionBlock()
}
let credentials = "\(consumerKey):\(consumerSecret)"
let headers = ["Authorization": "Basic \(credentials.getBase64())"]
let params: [String : AnyObject] = ["grant_type": "client_credentials"]
Alamofire.request(.POST, "https://api.twitter.com/oauth2/token", headers: headers, parameters: params)
.responseJSON { response in
if let JSON = response.result.value {
self.accessToken = JSON.objectForKey("access_token") as? String
completionBlock()
}
}
}
func getTimelineForScreenName(screenName: String) {
authenticate {
guard let token = self.accessToken else {
// TODO: Show authentication error
return
}
let headers = ["Authorization": "Bearer \(token.getBase64())"]
let params: [String : AnyObject] = [
"screen_name" : screenName,
"count": self.pageSize
]
Alamofire.request(.GET, self.baseUrlString + "statuses/user_timeline.json", headers: headers, parameters: params)
.responseJSON { response in
print(response.response)
if let JSON = response.result.value {
print(JSON)
}
}
}
}
...
private extension String {
func getBase64() -> String {
let credentialData = self.dataUsingEncoding(NSUTF8StringEncoding)!
return credentialData.base64EncodedStringWithOptions([])
}
}
我已经尝试生成新 key ,但什么也没有,还尝试了在 iOS 9 中发现的这个错误中的建议,不让 Authorization
header 在重定向上传递,但这个请求没有使用任何重定向。
任何想法将不胜感激。
最佳答案
经过几个小时的调查,我偶然发现带有 Bearer Token 的 header 不应编码为 base64,因此 header 应如下所示:
let headers = ["Authorization": "Bearer \(token)"]
.
我希望这能帮助任何尝试类似事情的人,因为 documentation说你必须使用 base64 编码的 token 。
Step 3: Authenticate API requests with the bearer token
The bearer token may be used to issue requests to API endpoints which support application-only auth. To use the bearer token, construct a normal HTTPS request and include an Authorization header with the value of Bearer<base64 bearer token value from step 2>
. Signing is not required.
关于ios - Twitter 仅应用程序身份验证始终返回 401,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/33772180/