401 未授权使用 Yahoo OAuth [英] 401 Unauthorized using Yahoo OAuth
问题描述
此时我的以下代码每次都返回 401 Unauthorized 错误:
My below code returns a 401 Unauthorized error each time at the this point:
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create("http://query.yahooapis.com/v1/yql?q=select%20fields.value%20from%20social.contacts%20where%20guid%3Dme&diagnostics=false");
request.Headers.Add(
"Authorization: OAuth " +
"realm="" + "yahooapis.com" + ""," +
"oauth_consumer_key="" + ConfigurationManager.AppSettings["yahoo_oauth_consumer_key"] + ""," +
"oauth_nonce="" + Guid.NewGuid().ToString() + ""," +
"oauth_signature_method="" + "PLAINTEXT" + ""," +
"oauth_timestamp="" + ((DateTime.UtcNow.Ticks - new DateTime(1970, 1, 1).Ticks) / (1000 * 10000)).ToString() + ""," +
"oauth_token="" + accessToken.TokenValue + ""," +
"oauth_version="1.0" + ""," +
"oauth_signature="" + ConfigurationManager.AppSettings["yahoo_oauth_signature"] + "%26" + """
);
StreamReader streamReader = new StreamReader(request.GetResponse().GetResponseStream(), true);
每当我进入代码时,我都会看到 Yahoo 要求在标题中包含的所有信息,但每次我收到此 401 时.
And when I step into the code everytime I see all the info is there that Yahoo requests to have in the header, yet everytime I get this 401.
推荐答案
我相信您知道,401 表示未经授权.这可能意味着您的签名无效.
As I'm sure you know, 401 means not authorised. It probably means that your signature is not valid.
您没有发布所有代码,但我看不出它是如何正确生成正确签名的,因为您的签名方法似乎没有采用任何参数——最明显的是时间戳和随机数——作为输入.如果您已经正确计算了签名,那么您需要在 Authorized 标头中使用完全相同的时间戳和随机数;使用不同的签名将意味着签名无效.
You don't post all of your code but I can't see how it could possibly correctly generate the correct signature, since your signature method seems not to take any of the parameters -- most tellingly the timestamp and nonce -- as input. If you've already calculated the signature correctly, then you need to use the exact same timestamp and nonce in the Authorized header; using a different one will mean that the signature is not valid.
这篇关于401 未授权使用 Yahoo OAuth的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
