通过node.js访问MusicKit接口出现401错误
通过node.js访问MusicKit接口出现401错误
提问于 2019-05-19 21:47:13
我正在尝试访问MusicKit应用程序接口,但它一直返回401未授权错误。我搞不懂这件事。我有以下代码来生成开发人员令牌:
const privateKey = fs.readFileSync("resources/AuthKey.p8").toString();
const teamId = "MYTEAMID";
const keyId = "MYKEYID";
const options = {
algorithm: "ES256",
expiresIn: "180d",
issuer: "MYTEAMID", // your 10-character Team ID, obtained from your developer account
header: {
alg: "ES256",
kid: "MYKEYID", // your MusicKit Key ID
},
};
return new Promise((resolve: any, reject: any) => {
jwt.sign({}, privateKey, options, (error, token) => {
if (error) {
return reject(error);
} else { // token created
return resolve(token);
}
});
}); 这将生成一个成功的令牌。解码后,此令牌具有类似以下值的标头:
{
"alg": "ES256",
"typ": "JWT",
"kid": "MYKEYID"
} 而有效负载值如下:
{
"iat": 1558197586,
"exp": 1573749586,
"iss": "MYTEAMID"
} 我知道苹果没有在标题中指定typ,所以这会是一个问题吗?
然后,我尝试在curl -v -H 'Authorization: Bearer <MYTOKEN>' "https://api.music.apple.com/v1/catalog/us/artists/36954"这样的样本艺术家的curl请求中使用它,但返回了一个401错误:
Trying 23.13.216.88...
* TCP_NODELAY set
* Connected to api.music.apple.com (23.13.216.88) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: businessCategory=Private Organization; jurisdictionCountryName=US; jurisdictionStateOrProvinceName=California; serialNumber=C0806592; C=US; ST=California; L=Cupertino; O=Apple Inc.; OU=Internet Services for Akamai; CN=itunes.apple.com
* start date: May 1 00:00:00 2019 GMT
* expire date: May 1 12:00:00 2020 GMT
* subjectAltName: host "api.music.apple.com" matched cert's "api.music.apple.com"
* issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 Extended Validation Server CA
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7ff42a004600)
> GET /v1/catalog/us/artists/36954 HTTP/2
> Host: api.music.apple.com
> User-Agent: curl/7.54.0
> Accept: */*
> Authorization: Bearer eyJh...
>
* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
< HTTP/2 401
< content-type: application/json; charset=utf-8
< access-control-allow-origin: *
< strict-transport-security: max-age=31536000; includeSubDomains
< date: Sat, 18 May 2019 16:33:58 GMT
< x-cache: TCP_MISS from a104-117-183-52.deploy.akamaitechnologies.com (AkamaiGHost/9.6.4.1-25700704)
<
* Connection #0 to host api.music.apple.com left intact 为什么?
回答 1
Stack Overflow用户
回答已采纳
发布于 2019-05-20 00:18:12
不确定您使用的是哪个jwt库,以及您是否正确使用。
这对我来说很有效:
const jwt = require('jsonwebtoken');
const fs = require('fs')
const APNS_KEY_ID = 'XXXXXXXXXXX'
const TEAM_ID = 'XXXXXXXXXXX'
const TWENTY_FOUR_HOURS = 1000 * 60 * 60 * 24;
const privateKey = fs.readFileSync("keys/AuthKey.p8").toString();
const generateToken = () => {
var now = new Date();
var tomorrow = new Date(now.getTime() + TWENTY_FOUR_HOURS);
token = jwt.sign({
'iss': TEAM_ID,
'iat': Math.floor(now / 1000),
'exp': Math.floor(tomorrow / 1000)
}, privateKey, { algorithm: 'ES256', 'keyid': APNS_KEY_ID})
console.log('Apple token generated', token)
return token
}
generateToken()要测试:
curl -X GET \
'https://api.music.apple.com/v1/catalog/us/search?term=drake&types=songs&limit=1' \
-H 'Authorization: Bearer eyJh...'页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/56208428
复制相关文章
相似问题