无法获取的OAuth＆QUOT;请求令牌＆QUOT;而使用Python中的tumblr API工作 [英] Unable to get OAuth "Request Token" while working with the Tumblr API using Python

问题描述

我一直在使用库来处理OAuth的，到目前为止，但最近我一直在更深的挖掘试图了解底层OAuth的过程。目前，我试图以的tumblr API V2 使用OAuth 1.0a的连接带这个简单的code：

I've been using libraries to handle OAuth so far, but lately I've been digging deeper trying to understand the underlying OAuth process. Currently, I'm trying to connect to Tumblr API v2 using OAuth 1.0a with this simple code:

import urllib, urllib2, time, random, hmac, base64, hashlib

def makenonce():
    random_number = ''.join( str( random.randint( 0, 9 ) ) for _ in range( 40 ) )
    m = hashlib.md5( str( time.time() ) + str( random_number ) )
    return m.hexdigest()

def encodeparams(s):
    return urllib.quote( str( s ), safe='~' )

// Actual key and secret from a test app created using a dummy Tumblr account
consumer_key = '97oAujQhSaQNv4XDXzCjdZlOxwNyhobmDwmueJBCHWsFFsW7Ly'
consumer_secret = '5q1dpF659SOgSUb0Eo52aAyoud8N8QOuJu6enCG92aDR6WoMlf'

#oauth URLs
request_tokenURL = 'http://www.tumblr.com/oauth/request_token'

#oauth params
oauth_parameters = {
            'oauth_consumer_key'     : consumer_key,
            'oauth_nonce'            : makenonce(),
            'oauth_timestamp'        : str(int(time.time())),
            'oauth_signature_method' : "HMAC-SHA1",
            'oauth_version'          : "1.0"
            }

normalized_parameters = encodeparams( '&'.join( ['%s=%s' % ( encodeparams( str( k ) ), encodeparams( str( oauth_parameters[k] ) ) ) for k in sorted( oauth_parameters )] ) )
normalized_http_method = 'POST' // Since I'm focusing only on getting the request token for now, I set this to POST.
normalized_http_url = encodeparams( request_tokenURL )
signature_base_string = '&'.join( [normalized_http_method, normalized_http_url, normalized_parameters] )
oauth_key = consumer_secret + '&'
hashed = hmac.new( oauth_key, signature_base_string, hashlib.sha1 )
oauth_parameters['oauth_signature'] = base64.b64encode( hashed.digest() )
oauth_header = 'Authorization: OAuth realm="http://www.tumblr.com",' + 'oauth_nonce="' + oauth_parameters['oauth_nonce'] + '",' + 'oauth_timestamp="' + oauth_parameters['oauth_timestamp'] + '",' + 'oauth_consumer_key="' + oauth_parameters['oauth_consumer_key'] + '",' + 'oauth_signature_method="HMAC-SHA1",oauth_version="1.0",oauth_signature="' + oauth_parameters['oauth_signature'] +'"'

// sample oauth_header generated by the code above:
// Authorization: OAuth realm="http://www.tumblr.com",oauth_nonce="c200a0e06f30b84b851ac3e99a71054b",oauth_timestamp="1315231855",oauth_consumer_key="97oAujQhSaQNv4XDXzCjdZlOxwNyhobmDwmueJBCHWsFFsW7Ly",oauth_signature_method="HMAC-SHA1",oauth_version="1.0",oauth_signature="kVAlmwolCX0WJIvTF9MB2UV5rnU="


req = urllib2.Request( request_tokenURL )
req.add_header( 'Authorization', oauth_header )
print urllib2.urlopen( req ).read()   // If all goes well, Tumblr should send me the oauth request token.

代替的OAuth请求令牌，回报的tumblr HTTP错误401：未经授权。

事情我已经尝试没有成功：

Things I've tried without any success:

1. 改变 oauth_version 从1.0到1.0A，并再次改变了它。


2. 在的OAuth的指南规定添加'和;'在 CONSUMER_SECRET 年底获得 oauth_key 。我试图消除'和;'后来，看看是否能做出任何区别。


3. 选中如果OAuth的参数进行排序，并且他们。


4. 未添加字符串授权给 oauth_header ，然后加回来后。无论做任何区别。

1. Changed oauth_version from "1.0" to "1.0a", and changed it back again.
2. A guide on OAuth mandated adding the '&' at the end of consumer_secret to get the oauth_key. I tried removing the '&' later to see if that made any difference.
3. Checked if the OAuth parameters were sorted, and they were.
4. Did not add the string "Authorization: " to oauth_header, then added it back later. Neither made any difference.

我在哪里出了错？

推荐答案

在上面的code使得仅有2简单的修改后解决了：

Solved it after making just 2 simple changes in the above code:

1. normalized_http_method ='GET' #not POST


2. oauth_header ='OAuth的境界=HTTP：// WWW ...... ＃这个词。授权是不必要的我采取这一出前面所列出的事情我已经没有任何成功尝试，但列出的错误（1）把我摔下轨道。随着（1）解决了，我能怎么看授权确实是不必要的。

基于OAuth的认证请求令牌的tumblr送我时，我终于得到了它的权利：
<$c$c>oauth_token=mbRUgyDkPePfkEztiLELMqUl1kyNXEcaTCCwpb7SoXDF9mhiTF&oauth_token_secret=5pXllXGKA8orAaUat1G7ckIfMfYup8juMBAgEELUkeMZoC3pv6&oauth_callback_confirmed=true

The OAuth Request token Tumblr sent me when I finally got it right: oauth_token=mbRUgyDkPePfkEztiLELMqUl1kyNXEcaTCCwpb7SoXDF9mhiTF&oauth_token_secret=5pXllXGKA8orAaUat1G7ckIfMfYup8juMBAgEELUkeMZoC3pv6&oauth_callback_confirmed=true

↑

这是一个一次性只是象征，我已经在这里列出它只是为了完整起见。

This is a one-time only token and I've listed it here just for the sake of completeness.

这篇关于无法获取的OAuth＆QUOT;请求令牌＆QUOT;而使用Python中的tumblr API工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！