不是如何产生的Oauth签名 [英] Oauth Signature not getting generated
问题描述
我想生成的Oauth签名,以便从我的Android应用程序验证在flickr.com的用户。
I am trying to generate an Oauth signature in order to authenticate an user in flickr.com from my android app.
根据文章中flickr.com,我不得不为了得到签名发送签名请求。超链接到flickr.com指南是:
According to the article in flickr.com, I have to send a signing request in order to get the signature. The hyperlink to the flickr.com guide page is:
http://www.flickr.com/services/api/ auth.oauth.html#request_token
据后,我一定要以获得签名密钥发送一个请求,这样对Flickr的服务器:
According to the post, I have to send a request like this to the flickr server in order to receive the signature key:
http://www.flickr.com/services/oauth/request_token
?oauth_nonce=89601180
&oauth_timestamp=1305583298
&oauth_consumer_key=653e7a6ecc1d528c516cc8f92cf98611
&oauth_signature_method=HMAC-SHA1
&oauth_version=1.0
&oauth_callback=http%3A%2F%2Fwww.example.com
我有我的应用程序发送一个请求,在上面提到的格式,但我收到一个错误说 oauth_problem = parameter_absent和放大器; oauth_parameter_absent = oauth_signature
我的请求,code是:
My request code is:
HttpGet get = new HttpGet("http://www.flickr.com/services/oauth/request_token?oauth_nonce="+nonce+"&oauth_timestamp="+ts+"&oauth_consumer_key=****&oauth_signature_method=HMAC-SHA1&oauth_version=1.0");
其实这个问题是这样的,通过它我要求的签名网址正在响应以错误的方式。它应该返回签名,其要求的签名。
Actually the problem is that, the url through which I am requesting for the signature is responding in a wrong way. Where it should return the signature, its asking for the signature.
推荐答案
签约步骤是没有要求。你拿URI你有这么远,将其转换为基本字符串,如文档中看到(URL编码它的零件等)。在您使用HMAC-SHA1算法女巫取2参数键和数据。使用基本字符串作为数据和键
The signing step is no request. You take the URI you have so far and transform it into the base string as seen in the documentation (URL encoding its parts and the like). The you use the HMAC-SHA1 algorithm witch takes the 2 parameters key and data. Use the base string as data and key
是消费者秘密和令牌秘密,通过分离的连接值'和;
is the concatenated values of the Consumer Secret and Token Secret, separated by an '&'.
你从算法(签名)后面的值,然后添加到您的URI与
The value you get back from the algorithm (the signature) is then appended to your URI with
&oauth_signature={ALGORITHM_OUTPUT}
使用这个新的URI,那么你可以要求令牌。
Using this new URI you can then request tokens.
如果你认为这是太辛苦了,检查出一些Java OAuth的库,例如: 划线的Java 。
If you think this is too much work, check out some Java OAuth library, e.g. scribe-java.
这篇关于不是如何产生的Oauth签名的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
