javascript - 为什么我仍然收到 api get 请求的 401(未经授权)错误？

Question

我有一个尝试使用 axios 从 React channel 获取一些视频并获取对 api 的请求的示例。一切看起来都不错，但是当它编译时，我收到一个控制台错误，指出: GET https://api.vimeo.com/channels/180097/videos/&key=************ 401 (需要授权

访问 token 是我注册时生成的正确 token 。这是设置的代码:

import React, { Component } from 'react';
import axios from 'axios';

const API_KEY = '***********************';

class Apicall extends Component {

   componentDidMount() {
       this.getChannel();
   }

   getChannel() {
        axios.get(`https://api.vimeo.com/channels/180097/videos/&key=${API_KEY}`) 
    .then(res => {
        const videos = res.data.data.children.map(obj => obj.data);
        this.setState({videos});
      });
   }

   constructor(props) {
       super(props);

      this.state = {
        channel_id: '180097',
        data: [],
        videos: [],
        per_page: '5',
        paging: {
            first: '/channels/180097/videos?page=1',
            last: '/channels/180097/videos?page=3' 
        }
    }
    this.getChannel = this.getChannel.bind(this);
}

render(){
    return (
         <div className="container">
           <h1></h1>
           <ul>
               {this.state.videos.map(video => 
                  <li key={video.uri}></li>
               )}
           </ul>
         </div>
       );
    }
 }
 export default Apicall; 

为什么仍然没有获取访问 token ？

Answer 1

您首先需要向https://api.vimeo.com/oauth/authorize/client发出post请求与您的Authorization header 设置为 Basic Auth ，您的用户名就是您的应用client identifier您的密码是your client secret 。所以Authentication: Basic base64(<client-identifier>:<client-secret>) 。您还需要设置grant_type至client_credentials

然后您会收到如下回复:

{
    "access_token": "dd339558163d867d92f4616ca06<redacted>",
    "token_type": "bearer",
    "scope": "public private",
    "app": {
        "name": "test",
        "uri": "/apps/<app_id>"
    }
}

access_token然后可以用于以下请求:

您向 https://api.vimeo.com/channels/180097 提出请求与 Authorization header 设置为 Authorization: Bearer <access_token>

Axios 会是这样的:

axios.post('https://api.vimeo.com/oauth/authorize/client',
        { grant_type: 'client_credentials' },
        { headers: { Authorization: 'Basic btoa(<client-identifier>:<client-secret>)' } })

axios.get('https://api.vimeo.com/channels/180097',
    { headers: { Authorization: Bearer <access_token>' } })

当然，这花了我一段时间才找到答案，因为 vimeo api 文档非常糟糕。

Postman 在 xhr 中导出:

var data = "grant_type=client_credentials";

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === 4) {
    console.log(this.responseText);
  }
});

xhr.open("POST", "https://api.vimeo.com/oauth/authorize/client");
xhr.setRequestHeader("Authorization", "Basic <insert_base64_of_client_id_and_client_secret>");
xhr.setRequestHeader("Cache-Control", "no-cache");
xhr.setRequestHeader("Postman-Token", "e13df60c-a625-411d-8020-a51086e60838");
xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");

xhr.send(data);

<小时/>

var data = null;

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === 4) {
    console.log(this.responseText);
  }
});

xhr.open("GET", "https://api.vimeo.com/channels/180097");
xhr.setRequestHeader("Authorization", "Bearer <insert_access_token>");
xhr.setRequestHeader("Cache-Control", "no-cache");
xhr.setRequestHeader("Postman-Token", "5f32ac6c-2c86-4fbc-a7cb-43c8b01f7ea7");

xhr.send(data);