如何使用OAuth 1.0调用API? [英] How to call the API using OAuth 1.0?
问题描述
在 之后成功调用用户的access_token和他的secret_token时,我遇到了麻烦,就像这样:
I'm having a bad time calling the API after successfully retrieving the user's access_token and his secret_token, like so:
{
oauth_token: '4xxxxxxxx-asdasdasd......',
oauth_token_secret: 'XXX........',
user_id: '4xxxxxxxx'
}
我代表我的应用程序检索了用户登录中的用户.例如,例如 Twitter登录实施.
I retrieved those in a user sign-in in behalf of my application. For example, like Twitter sign-in implementation.
现在用于从API检索数据
我不确定OAuth 1.0的规范,但是我知道在OAuth 2.0中,您可以简单地在标头中使用'Authorization: Bearer ' . $accessToken. OAuth 1.0是否需要为每个API调用生成另一个签名?
Now for retrieving data from an API
I am not sure about the specification for OAuth 1.0, but I know in OAuth 2.0 you can simply use 'Authorization: Bearer ' . $accessToken in the header. Is OAuth 1.0 requires generating another signature for each API call?
我已经搜索过此问题,但没有找到明确的解决方案. 之前谢谢
I Have searched in this matter and did not found a clear solution. Thanks before
推荐答案
通常对于OAuth1.0,发送的Authorization标头值为OAuth and a bunch of fields.有一个规范,还会生成一个签名并将其添加到该字符串中,但您不必自己做.
Generally for OAuth1.0 the Authorization header is sent with a value of OAuth and a bunch of fields. There is a spec about it, and also a signature is generated and added to that string, but you don't have to do that yourself.
您可以使用请求模块.例如,以下是如何获取Twitter的用户个人资料:
You can use the request module. For example here is how you can get the user's profile for Twitter:
request.get('https://api.twitter.com/1.1/users/show.json', {
oauth:{
consumer_key:'...',
consumer_secret:'...',
token:'...',
token_secret:'...'
},
qs:{user_id:'...'} // or screen_name
}, function (err, res, body) {})
您可以将以上代码与任何OAuth1.0提供程序一起使用.您需要传递的只是您的应用程序和用户凭据.在极少数情况下,您可能需要传递其他选项(请查看 oauth签名部分)
You can use the above code with any OAuth1.0 provider. All you need to pass is your application and user credentials. In very rare cases you might need to pass additional options (check out the oauth signing section).
这篇关于如何使用OAuth 1.0调用API?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
