DEVHIDE
Login Or Sign up

Shopee RefreshAccessToken always return Error param

1.6k Views Asked by At

i've tried to get a new token, by running shopee open api RefreshAccessToken with php curl, but the result always give me error param code.

from this documentation : https://open.shopee.com/documents/v2/OpenAPI%202.0%20Overview?module=87&type=2

<?php
      $partner_id   = ...partnerid;
      $partner_key  = ...partnerkey;
      $timest       = time();
      $shop_id      =  ...shopid;
      $refresh_token = ...refresh_token;
      $host         = 'https://partner.shopeemobile.com';
      $path         = '/api/v2/auth/access_token/get';
      $base_string  = sprintf("%s%s%s",$partner_id,$path,$timest);
      $sign         = hash_hmac('sha256', $base_string, $key, false);

      $url  = $host.$path.sprintf("?timestamp=%s&partner_id=%s&sign=%s",$timest,$partner_id,$sign);   
      
        $data = array( 
        'shop_id' => $shop_id,
        'refresh_token:' => $refresh_token,
        'partner_id:' => $partner_id,
        );

        $curl = curl_init();
        curl_setopt_array($curl, array(
          CURLOPT_URL => $url,
          CURLOPT_RETURNTRANSFER => true,
          CURLOPT_ENCODING => '',
          CURLOPT_MAXREDIRS => 10,
          CURLOPT_TIMEOUT => 0,
          CURLOPT_FOLLOWLOCATION => true,
          CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
          CURLOPT_SSL_VERIFYPEER => false,
          CURLOPT_SSL_VERIFYHOST => false,
          CURLOPT_POSTFIELDS => $data,    
          CURLOPT_CUSTOMREQUEST => 'POST',
          CURLOPT_HTTPHEADER => array(
            'Content-Type: application/json'
          ),
        ));

        $response = curl_exec($curl);
        curl_close($curl);
        // echo $response;
      
?>

and the result is

{"error":"error_param","message":"error params","request_id":"b61938142425d13e72292xf3b645d62b"}

where did my code goes wrong, please help.

php oauth-2.0 access-token shopee
Original Q&A
4

There are 4 best solutions below

0
On 
  $partner_id   = ...partnerid;
  $partner_key  = ...partnerkey;
  $timest       = time();
  $shop_id      =  ...shopid;
  $refresh_token = ...refresh_token;
  $host         = 'https://partner.shopeemobile.com';
  $path         = '/api/v2/auth/access_token/get';
  $base_string  = sprintf("%s%s%s",$partner_id,$path,$timest);
  $sign         = hash_hmac('sha256', $base_string, $key, false);

your $sign is wrong.. should be

$sign         = hash_hmac('sha256', $base_string,  $partner_key, false);
2
On

I don't work with php, but in python i solved converted type str to int in shop_id and partner_id

body = {
    'code': code,
    'shop_id': int(shop_id),
    'partner_id': int(partner_id),
}

follow my full code

def get_token_shop_level(code, partner_id, partner_key, shop_id):
    timest = int(time.time())

    body = {
        'code': code,
        'shop_id': int(shop_id),
        'partner_id': int(partner_id),
    }

    host = 'https://partner.test-stable.shopeemobile.com'
    path = '/api/v2/auth/token/get'
    base_string = f'{partner_id}{path}{timest}'

    partner_key = partner_key.encode()
    base_string = base_string.encode()

    sign = hmac.new(partner_key, base_string, hashlib.sha256).hexdigest()
    url = host + path + f'?partner_id={partner_id}&timestamp={timest}&sign={sign}'

    headers = {
        'Content-Type': 'application/json'
    }

    resp = requests.post(url, json=body, headers=headers)
    ret = json.loads(resp.content)
    access_token = ret.get('access_token')
    refresh_token = ret.get('refresh_token')

    return access_token, refresh_token
0
On

the answer is in both @SungALy and @Davin Kho, check your code again, As the error suggested you have an error on your POST data parameters,

$data = array( 
        'shop_id' => $shop_id,
        'refresh_token' => $refresh_token,
        'partner_id' => $partner_id,
        );
$data = json_encode($data);

remove the colon on the array name and convert to JSON before passing as pointed by @SungALy

and $key in

$sign         = hash_hmac('sha256', $base_string, $key, false);

must be $partner_key

$sign         = hash_hmac('sha256', $base_string, $partner_key, false);

pointed by Davin Kho.

1
On

this is work for me.in url i am just add &is_developer=1 and base string I am using utf8_encode.

$timestamp = time();

$path = '/api/v2/auth/access_token/get';
$base = $partnerId.$path.$timestamp;
$sign = hash_hmac('sha256',utf8_encode($base), $partnerKey);

$url = $host.$path.sprintf("?timestamp=%s&partner_id=%s&sign=%s&is_developer=1'",$timest,$partner_id,$sign);

and in change this CURLOPT_POSTFIELDS => $data, with CURLOPT_POSTFIELDS => json_encode($data),

Related Questions in PHP

Related Questions in OAUTH-2.0

Related Questions in ACCESS-TOKEN

Related Questions in SHOPEE

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.