Multiple Authorization error

ashwinks / PHP-LinkedIn-SDK

A PHP wrapper for the LinkedIn API

94 stars 74 forks source link

Multiple Authorization error #25

Open brokencube opened 8 years ago

brokencube commented 8 years ago

A recent pull request has added the following line to the ->fetch() method

$headers[] = 'Authorization: Bearer ' . $this->getAccessToken();

This is now causing the LinkedIn API to error with the message "Mutiple authentication schemes detected" [sic] as the token is included both in a header and on the query string.

rmuilwijk commented 8 years ago

This issue is blocking alot of calls which made us use an older revision for now.

ashwinks commented 8 years ago

So is that Authorization bearer header not required? It was a pull request from https://github.com/ashwinks/PHP-LinkedIn-SDK/pull/24

The project that this class was used on is dead, so I don't have a codebase to test this on. Would anyone like to take it over?

dannydohmen commented 8 years ago

With the Authorization bearer header there are more Authorization headers.

RuntimeException: Request Error: Mutiple authentication schemes detected. Raw Response: Array ( [errorCode] => 0 [message] => Mutiple authentication schemes detected [requestId] => 0DIXRCG17P [status] => 401 [timestamp] => 1458637918306 ).

In the documentation i can find this. ( https://developer.linkedin.com/docs/rest-api )

If it is more convienent for your application to work with data in JSON format, you can request that APIs return you JSON data using one of the following methods: Add a format=json URL argument to the end of your API call. Add this HTTP header to your API call: x-li-format: json

For example: GET
https://api.linkedin.com/v1/people/~?format=json

So maybe there is a difference for xml and json requests to linkedin regarding to the headers.

digitalhydra commented 8 years ago

If you remove the header Authorization: Bearer from the fetch method then the request return the data. at least it works for me.

desnudopenguino commented 8 years ago

I second @digitalhydra Commenting out that line lets it work.

cbaldwin74 commented 8 years ago

According to the LinkedIn documentation https://developer.linkedin.com/docs/oauth2 Step 4 says the Authorization header is the proper way to authenticate your requests. The Multi authentication scheme error can be avoided by removing the oauth2_access_token query parameter. Once that is removed the the requests will work.

I have created a Pull Request for this fix. #29