iPhone 入门套件中的 Linkedin API 错误无效签名 [英] Linkedin API Error Invalid Signature in iPhone Starter Kit

问题描述

我尝试开箱即用地运行 OAuthStarterKit xcode 项目，输入了正确的 api 密钥/秘密和 oauth 用户令牌/秘密.当我使用此代码进行授权时:

I've tried to run the OAuthStarterKit xcode project out of the box, entered the correct api key/secret and oauth user token/secret. When I get to authorizing with this code:

    OAMutableURLRequest *request = 
        [[[OAMutableURLRequest alloc] initWithURL:requestTokenURL
                                         consumer: self.consumer
                                            token: self.requestToken   
                                         callback:linkedInCallbackURL
                                signatureProvider:sha] autorelease];

它返回错误signature_invalid"，这似乎表明签名不正确.明文和秘密混合了大写和小写字符，我不确定这是否会有所作为.

It returns the error "signature_invalid", which seems to indicate an incorrect signature. the clear text and secret have a mix of upper and lower case chars, I'm not sure that that should make a difference.

如果我使用

requestTokenURLString = @"https://api.linkedin.com/uas/oauth/requestToken?scope=r_basicprofile+r_emailaddress";

它返回无效的信号...但如果我使用基本权限调用

It returns invalid sig... but if I use a basic permissions call

requestTokenURLString = @"https://api.linkedin.com/uas/oauth/requestToken;

它工作正常，但这意味着我只有基本的个人资料权限，我需要像电子邮件地址这样的东西.

It works fine, but it means I only have basic profile permissions, where I need things like the email address.

在测试控制台中输入所有相同的数据似乎在这里工作正常:

Entering all of the same data in the test console seems to work fine here:

https://developer.linkedin.com/oauth-test-console

有谁知道我应该做什么、想什么，或者我应该去哪里找?更多日志信息:

Anyone know what I should be doing, thinking, or where I should be looking? Further log info:

oauth_problem=signature_invalid
oauth_problem_advice=com.linkedin.security.auth.pub.LoginDeniedInvalidAuthTokenException while obtaining request token for: POST https://api.linkedin.com/uas/oauth/requestToken/oauth_callback:hdlinked://linkedin/oauth 
oauth_consumer_key: XXX
oauth_nonce
oauth_signature_method: 3DHMACSHA1

2012-09-04 23:36:07.054 OAuthStarterKit[31952:c07] secret: TIDi9XXXXXXX
2012-09-04 23:36:07.054 OAuthStarterKit[31952:c07] base64EncodedResult: JXW6ZWUpXv7ba98o2hcUXodDhmg=

我正在使用这里的代码示例 https://github.com/synedra/LinkedIn-OAuth-Sample-Client

I'm using the code sample from here https://github.com/synedra/LinkedIn-OAuth-Sample-Client

如果没有人能打败我，我明天将尝试深入了解并回答我自己的问题.

Will be trying to get to the bottom of this tomorrow and answer my own question if no one beats me to it.

推荐答案

在与 Linkedin API Beast 多次争论之后，我发现问题出在 OAuthLoginView.m 方法中的编码方式上，这是一个很长的故事requestTokenFromProvider' 我需要在 OARequestParameter 对象中包含具有相关权限的参数范围".

After much wrangling with the Linkedin API Beast, I found the issue to be in the way things are encoded, a long story, in OAuthLoginView.m in method 'requestTokenFromProvider' I needed to include the param 'scope' with the relevant permissions in a OARequestParameter object.

(基于 github 存储库 -> https://github.com/synedra/LinkedIn-OAuth-Sample-Client)

(based off the github repo -> https://github.com/synedra/LinkedIn-OAuth-Sample-Client)

之后，无论您在何处进行 api 调用(例如在 OAuthStarterKit 中)，例如在 ProfileTabView::profileApiCall 中，您都可以像这样触发 URL 帖子:http://api.linkedin.com/v1/people/~:(id,first-name,last-名称，行业)"];或者如果你需要他们的电子邮件地址，它就会出现(只要你有访问电子邮件的权限，你也可以像这样简单地获取它:

After that, wherever you're making your api call, (in OAuthStarterKit for example) like in ProfileTabView::profileApiCall you can fire off URL posts like this: http://api.linkedin.com/v1/people/~:(id,first-name,last-name,industry)"]; or if you need their email address, it appears (as long as you've got permission to access email, you can grab that too as simply as this:

NSURL *url = [NSURL URLWithString:@"http://api.linkedin.com/v1/people/~:(id,first-name,last-name,industry,email-address)"];

请参阅以下 URL 请求中使用 OARequestParameter 的代码...

See the code for using a OARequestParameter in the URL request below...

- (void)requestTokenFromProvider
{
    OAMutableURLRequest *request = 
            [[[OAMutableURLRequest alloc] initWithURL:requestTokenURL
                                             consumer:self.consumer
                                                token:nil   
                                             callback:linkedInCallbackURL
                                    signatureProvider:nil] autorelease];

    [request setHTTPMethod:@"POST"];

    OARequestParameter * scopeParameter=[OARequestParameter requestParameter:@"scope" value:@"r_fullprofile r_contactinfo r_emailaddress"];

    [request setParameters:[NSArray arrayWithObject:scopeParameter]];

    OADataFetcher *fetcher = [[[OADataFetcher alloc] init] autorelease];
    [fetcher fetchDataWithRequest:request
                         delegate:self
                didFinishSelector:@selector(requestTokenResult:didFinish:)
                  didFailSelector:@selector(requestTokenResult:didFail:)];    
}

为了更深入地使用linkedin的API，我会在我的博客上保留一些快速提示->http://techrantnz.blogspot.com.au/2012/09/the-linkedin-api-with-oauthstarterkit.html

And for a more in depth short cut to using linkedin's API I'll keep some quicktips on my blog here ->http://techrantnz.blogspot.com.au/2012/09/the-linkedin-api-with-oauthstarterkit.html

如果你想检查事情是否正常，请检查调用是否成功的方法

If you wish to check things are working, check the method which is called if it succeeds

- (void)profileApiCallResult:(OAServiceTicket *)ticket didFinish:(NSData *)data

如果您输出响应正文，您可能会看到如下内容:

If you output the response body you might see something like:

2012-09-05 21:40:55.109 OAuthStarterKit[12244:c07] profile: {
    emailAddress = "[my email]@gmail.com";
    firstName = Dave;
    id = XXXXXX;
    industry = "Information Technology and Services";
    lastName = "XXXXXXXX";
}

这篇关于iPhone 入门套件中的 Linkedin API 错误无效签名的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！