如何正确创建oauth签名基本字符串？ [英] How properly create oauth signature base string?

问题描述

我要实施OAuth 1.0协议，以便使用 COPY 。但是，当我实现了用C OAuth协议++，以获得请求令牌和发送该请求复制它的返回签名无效，我想不出有什么不对我的签名。这里是我产生我的程序中的所有参数：

I want to implement OAuth 1.0 protocol in order to work with COPY. But when i implemented OAuth protocol in C++ in order to get Request Token and sent that request to copy it's return that signature is invalid and i can't figure out what's wrong in my signature. Here are all parameters that i generate by my program:

oauth_nonce=xoviybpokqnxdwlnkeoorawfijgezr 
oauth_timestamp=1381745375
oauth_callback=http%3A%2F%2Fcopy-oauth.local%2Fget_access_token.php
oauth_signature_method=HMAC-SHA1

$ b b

这是我用来生成令牌的基本字符串：

This is base string that i used in order to generate token:

GET& https％3A％2F％2Fapi.copy .COM％2Foauth％2Frequest&放大器; oauth_consumer_key％3D [我的
32个符号
键]％26oauth_nonce％3Dxoviybpokqnxdwlnkeoorawfijgezr％26oauth_signature_method％3DHMAC-SHA1％26oauth_timestamp％3D1381745375％26oauth_tokey％3D

GET&https%3A%2F%2Fapi.copy.com%2Foauth%2Frequest&oauth_consumer_key%3D[my 32 symbols key]%26oauth_nonce%3Dxoviybpokqnxdwlnkeoorawfijgezr%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1381745375%26oauth_tokey%3D

这是产生签名的关键：

]&

[My consumer secret, 48 symbols]&

这里是我收到的base64和百分比编码后的签名：

Here is signature that i received after base64 and percent encoded:

lNaaOaWyGtkJWj％2BVLjLlKTVGYL0％3D

lNaaOaWyGtkJWj%2BVLjLlKTVGYL0%3D

和的最后一件事是将所有参数的服务器。为此，我使用libcurl：

And the last thing is sending all parameters to server. For this purpose i use libcurl:

char * abc="https://api.copy.com/oauth/request/?oauth_callback=http%3A%2F%2Fcopy-oauth.local%2Fget_access_token.php&oauth_consumer_key=[my 32 symbols key]&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1381745375&oauth_nonce=xoviybpokqnxdwlnkeoorawfijgezr&oauth_signature=lNaaOaWyGtkJWj%2BVLjLlKTVGYL0%3D";

CURL *curl;
  CURLcode res;

  curl_global_init(CURL_GLOBAL_DEFAULT);

  curl = curl_easy_init();
  if(curl) 
  {
      curl_easy_setopt (curl, CURLOPT_SSL_VERIFYPEER, TRUE);
      curl_easy_setopt(curl, CURLOPT_CAINFO, "C:\\a\\a\\a\\cacert.pem");
    curl_easy_setopt(curl, CURLOPT_URL, abc);

    res = curl_easy_perform(curl);
    /* Check for errors */ 
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));

    /* always cleanup */ 
    curl_easy_cleanup(curl);
  }

  curl_global_cleanup();

然后我的控制台会输出：

Then my console will output:

oauth_error_message = oauth_problem％3Dsignature_invalid％26debug_sbs ...

oauth_error_message=oauth_problem%3Dsignature_invalid%26debug_sbs...

什么是错在我的实现？

推荐答案

主要的问题是，oauth_callback应两个时间百分比编码，以创建签名基础字符串。这是我在请求中发送的字符串：

The main problem was that oauth_callback should be two time percent encoded in order to create signature base string. This is string that I send in request:

oauth_callback =http：//copy-oauth.local/get_access_token.php

这是我添加到签名基本字符串的字符串：

And this is string that I add to signature base string:

http％253A％252F％252Fcopy-oauth.local％252Fget_access_token.php

这篇关于如何正确创建oauth签名基本字符串？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！