OAuth1.0 身份验证显示“无效签名 - 提供的签名不匹配."错误 401 [英] OAuth1.0 authentication says "Invalid signature - provided signature does not match.\" Error 401

查看:77
本文介绍了OAuth1.0 身份验证显示“无效签名 - 提供的签名不匹配."错误 401的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

OAuth1.0 身份验证说:

OAuth1.0 authentication says:

无效签名 - 提供的签名不匹配."错误 401

Invalid signature - provided signature does not match." Error 401

我想从 GravityForm 提供的 API 获取数据,它完全适用于 Postman,但我无法通过我自己的 C# 应用程序获取它.我在 Stackoverflow 上尝试了朋友提供的不同解决方案,但不幸的是,它们都不起作用.这是我的最终代码:

I wanted to get data from an API provided by GravityForm, it completely works in Postman, but I can't get it through my own C# app. I have tried different solutions provided by friends on Stackoverflow, but unfortunately, none of them work. Here's my ultimate code:

private void button2_Click(object sender, EventArgs e)
{
   string sig = GetAuthorizationToken();
   ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;
   var client = new RestClient("https://kashfsho.com/wp-json/gf/v2/entries/");
   var request = new RestRequest(Method.GET);
   request.AddHeader("cache-control", "no-cache");
   request.AddHeader("Content-Type", "application/json");
   request.AddHeader("authorization", sig);
   IRestResponse response = client.Execute(request);
}

public string GetAuthorizationToken()
{
    timeStamp = ((int)(DateTime.UtcNow - new DateTime(1970, 1, 1)).TotalSeconds).ToString();
    nonce = System.Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(timeStamp + timeStamp + timeStamp));
    ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;
    HttpWebRequest httpWebRequest = (HttpWebRequest)WebRequest.Create("https://kashfsho.com/wp-json/gf/v2/entries/");
    httpWebRequest.Method = "Get";
    string consumer_secret = Uri.EscapeDataString(conSumerSecret);
    string signature_base_string = GetSignatureBaseString(timeStamp, nonce);
    SHA1HASH = GetSha1Hash(signature_base_string, consumer_secret); //also tried with nonEscaped consumer!
    string Header =
       "OAuth oauth_consumer_key=" + '"' + consumerKey + '"' + "," +
       "oauth_nonce=" + '"' + nonce + '"' + "," +
       "oauth_signature=" + '"' + SHA1HASH + '"' + "," +
       "oauth_signature_method=" + '"' + @"HMAC-SHA1" + '"' + "," +
       "oauth_timestamp=" + '"' + timeStamp + '"' + "," +
       "oauth_version=" + '"' + "1.0" + '"';
    return Header;
}

private string GetSha1Hash(string key, string t)
{
    var encoding = new System.Text.ASCIIEncoding();
    byte[] keyBytes = encoding.GetBytes(key);
    byte[] messageBytes = encoding.GetBytes(t);
    string strSignature = string.Empty;
    using (HMACSHA1 SHA1 = new HMACSHA1(keyBytes))
    {
        var Hashed = SHA1.ComputeHash(messageBytes);
        SHA1HASH = Convert.ToBase64String(Hashed);
    }
    return SHA1HASH;
}
    public string GetSignatureBaseString(string TimeStamp, string Nonce)
    {
        //1.Convert the HTTP Method to uppercase and set the output string equal to this value.
        string Signature_Base_String = "Get";
        Signature_Base_String = Signature_Base_String.ToUpper();

        //2.Append the ‘&’ character to the output string.
        Signature_Base_String = Signature_Base_String + "&";

        //3.Percent encode the URL and append it to the output string.
        ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;
        string PercentEncodedURL = Uri.EscapeDataString("https://kashfsho.com/wp-json/gf/v2/entries/");
        Signature_Base_String = Signature_Base_String + PercentEncodedURL;

        //4.Append the ‘&’ character to the output string.
        Signature_Base_String = Signature_Base_String + "&";

        //5.append parameter string to the output string.
        Signature_Base_String = Signature_Base_String + Uri.EscapeDataString("oauth_consumer_key=" + consumerKey);
        Signature_Base_String = Signature_Base_String + Uri.EscapeDataString("&oauth_nonce=" + Nonce);
        Signature_Base_String = Signature_Base_String + Uri.EscapeDataString("&oauth_signature_method=" + "HMAC-SHA1");
        Signature_Base_String = Signature_Base_String + Uri.EscapeDataString("&oauth_timestamp=" + TimeStamp);
        Signature_Base_String = Signature_Base_String + Uri.EscapeDataString("&oauth_version=" + "1.0");



        return Signature_Base_String;
    }

尝试过的解决方案:在 C# 中生成 OAuth1 签名使用 HMAC-SHA1 加密创建 OAuth 签名返回 HTTP 401使用 C# 创建用于搜索的 Twitter 授权标头

推荐答案

哦,大约一个月后,我终于找到了解决方案.对于 GravityForm API 的身份验证,OAUTH 1.0 并不像您预期​​的那样稳定.相反,您最好使用BASIC AUTHENTICATION".像这样:

Oh, after about a month, I finally reached a solution. For authentication of GravityForm APIs, OAUTH 1.0 is not as stable as you may expect. Instead, you'd better use "BASIC AUTHENTICATION" like this:

USERNAME = consumerKey
Password = consumerSecret

然后您可以使用以下解决方案:RestSharp HttpBasicAuthentication - 示例

Then you can use following solution: RestSharp HttpBasicAuthentication - example

这篇关于OAuth1.0 身份验证显示“无效签名 - 提供的签名不匹配."错误 401的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
C#/.NET最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆