Twitter-无法通过OAuth（401）错误进行身份验证 [英] Twitter - Could not authenticate with OAuth (401) Error

问题描述

因此，我正在Delphi中做一个简单的Twitter应用程序，因为找不到已经可以使用的库，所以我决定创建自己的库。通过身份验证过程，我将遵循所有步骤并获得访问令牌和秘密令牌。

So, I'm doing a simple twitter app in Delphi and because I can't find a library already that works I decided to create my own. With the authenticate process I follow everything and get the Access token and secret token just fine.

当我尝试使用它们（在以下代码中）时，出现错误{ error：无法通过OAuth进行身份验证。}

When I try to use them (in the following code) I get the error {"error":"Could not authenticate with OAuth."}

对于读取和写入请求（验证和发布）都是如此。非常感谢您的帮助，因为我一直对此深信不疑。

This is true for both read and write requests (verify and posting). Any help would be greatly appreciated as I have been bashing my head against the wall over this.

下面代码中的命令是注释正上方变量的内容。

Commands in the code below are the contents of the variables directly above the comments.

编辑：甚至只是知道是什么可能导致无法通过OAuth进行身份验证，而不是更具体的错误（无效签名 ，缺少参数）将有很大帮助！

Even just knowing what might cause "Could not authenticate with OAuth" instead of the more specific errors ("Invalid signature", "Missing parameters") would be of a giant help!

编辑2：Wireshark数据包结果。

HTTP/1.1 401 Unauthorized
Date: Tue, 06 Sep 2011 20:11:13 GMT
Server: hi
Status: 401 Unauthorized
WWW-Authenticate: OAuth realm="http://api.twitter.com"
X-Runtime: 0.01306
Content-Type: application/json; charset=utf-8
Content-Length: 114
Cache-Control: no-cache, max-age=300
Set-Cookie: _twitter_sess=xxxxxxxxxxx; domain=.twitter.com; path=/; HttpOnly
Expires: Tue, 06 Sep 2011 20:16:13 GMT
Vary: Accept-Encoding
Connection: close
{"error":"Could not authenticate with OAuth.","request":"\/1\/statuses\/update.json?status=This%20is%20a%20test."}

代码：

function TTwitter.SendRequest(Method: String; URI: String; Params: Array of String): ISuperObject;
const
  AuthHeaderFormat = 'OAuth oauth_nonce="%s", oauth_signature_method="%s", oauth_timestamp="%s", oauth_consumer_key="%s", oauth_token="%s", oauth_signature="%s", oauth_version="%s"';
var
  oauth_nonce,
  oauth_timestamp,
  SignKey,
  BaseString,
  Signature,
  AuthHeader,
  ResponseStr : String;
  BaseStringParams : Array of String;
  JSON : ISuperObject;
  I, J : Integer;
  EmptyParams : TStringList;
begin
  oauth_nonce := GenerateNonce;
  oauth_timestamp := GenerateTimeStamp;
  SignKey := fConsumerSecret + '&' + fAccessToken;
  J := 0;
  SetLength(BaseStringParams, Length(Params) + 6);
  For I := Low(Params) To High(Params) Do
    begin
    BaseStringParams[J] := Params[I];
    Inc(J);
  end;
  BaseStringParams[J] := 'oauth_consumer_key=' + fConsumerKey;
  BaseStringParams[J + 1] := 'oauth_nonce=' + oauth_nonce;
  BaseStringParams[J + 2] := 'oauth_signature_method=' + oauth_signature_method;
  BaseStringParams[J + 3] := 'oauth_token=' + fOAuthToken;
  BaseStringParams[J + 4] := 'oauth_timestamp=' + oauth_timestamp;
  BaseStringParams[J + 5] :=  'oauth_version=' + oauth_version;
  BaseString := CreateBaseString('POST', URI, BaseStringParams);
  //POST&http%3A%2F%2Fapi.twitter.com%2F1%2Fstatuses%2Fupdate.json&oauth_consumer_key%3DXXXXXXXXXXXXXXXX%26oauth_nonce%3D0F95A680F2231F689C702FCECAD1D449%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1314988258%26oauth_token%3DXXXXXX-XXXXXXXXXXXXXXXX%26oauth_version%3D1.0%26status%3DThis%2520is%2520a%2520test.
  AuthHeader := Format(AuthHeaderFormat, [oauth_nonce,
                                          oauth_signature_method,
                                          oauth_timestamp,
                                          fConsumerkey,
                                          fOAuthToken,
                                          Signature,
                                          oauth_version]);
  //OAuth oauth_nonce="0F95A680F2231F689C702FCECAD1D449", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1314988258", oauth_consumer_key="XXXXXXXXXXXXXXXXXX", oauth_token="XXXXXX-XXXXXXXXXXXXXXXX", oauth_signature="XXXXXXXXXXXXXXXXXXXXX", oauth_version="1.0"
  fHTTP.Request.CustomHeaders.AddValue('Authorization', AuthHeader);
  EmptyParams := TStringList.Create;
  Try
    If Length(Params) > 0 Then
      begin
      URI := URI + '?';
      For I := Low(Params) To High(Params) Do
        begin
        URI := URI + Params[I] + '&';
      end;
      URI := Copy(URI, 1, Length(URI) - 1);
      //http://api.twitter.com/1/statuses/update.json?status=This%20is%20a%20test.
    end;
    If Method = 'POST' Then
      begin
      ResponseStr := fHTTP.Post(URI, EmptyParams);
    end
    Else If Method = 'GET' Then
      begin
      ResponseStr := fHTTP.Get(URI);
    end;
    JSON := SO(ResponseStr);
    Result := JSON;
  Except
    On E:EIdHTTPProtocolException Do
      begin
      MessageBox(0, PChar(E.ErrorMessage), '', 0);
      //{"error":"Could not authenticate with OAuth.","request":"\/1\/statuses\/update.json?status=This%20is%20a%20test."}
    end;
  end;
  EmptyParams.Free;
end;

推荐答案

所以我在这一行发现了这一点：

So I found out that on this line:

fHTTP.Request.CustomHeaders.AddValue（'Authorization'，AuthHeader）;

组件处理自定义标头的方式是，文本的定界符是逗号。这意味着程序在我为OAuth包含的每个参数之后都添加了\r\n（换行）。难怪它失败了！ Twitter甚至没有收到参数！

The way the component handles custom headers is that the delimiter for text is a comma. This means the program was adding a \r\n (new line) after every parameter I included for OAuth. No wonder it failed! Twitter wasn't even receiving the parameters!

由于我在将标头添加到标头之前一直在检查标头，所以我什至都不认为这是问题所在。

Since I was checking the header before I added it to the headers I didn't even think that was the problem.

谢谢您的帮助！否则，我可能不会深入研究代码。

Thank you for your help! I probably wouldn't have delved into the code this deeply otherwise.

这篇关于Twitter-无法通过OAuth（401）错误进行身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！