“无效签名”:具有Django活塞的oAuth提供者 [英] "Invalid signature": oAuth provider with Django-piston
问题描述
我开始使用本教程:
http:// blog.carduner.net/2010/01/26/django-piston-and-oauth/
我向活塞的管理员界面添加了一个消费者的钥匙和秘密都设置为abcd用于测试目的。
网址已成功连接,并且oAuth提供程序被调用。
但是,使用tripit运行我的get请求令牌测试(python get_request_token.py http://127.0 .0.1:8000 / api abcd abcd),我收到以下错误:
签名无效。预期签名
基本字符串:
GET& http%3A%2F%2F127.0.0.1%3A8000%2Fapi%2Foauth%2Frequest_token%2F& oauth_consumer_key%3Dabcd%26oauth_nonce%3D0c0bdded5b1afb8eddf94f7ccc672658%26oauth_signature_method%3DHMAC-SHA1 %26oauth_timestamp%3D1275135410%26oauth_version%3D1.0
问题似乎在Piston的oauth.py的_check_signature方法中,其中
valid_sig = signature_method.check_signature(oauth_request,consumer,token,signature)
pre>
正在返回false。但是,我不知道如何让签名验证。
任何想法?
- ----更新-----
如果我从活塞的后端删除测试用户,则返回的响应正确设置为无效的用户,因此此查找似乎正在工作。
解决方案我发现最后的答案是将oauth_consumer的工作副本安装到应用程序目录中。一旦我将消费者添加到此应用程序中,一切都按预期运行。
I'm working with django-piston to attempt to create an API that supports oAuth.
I started out using the tutorial at:
http://blog.carduner.net/2010/01/26/django-piston-and-oauth/
I added a consumer to piston's admin interface with key and secret both set to "abcd" for test purposes.
The urls are successfully wired-up and the oAuth provider is called.
However, running my get request token tests with tripit (python get_request_token.py "http://127.0.0.1:8000/api" abcd abcd), I receive the following error:
Invalid signature. Expected signature base string: GET&http%3A%2F%2F127.0.0.1%3A8000%2Fapi%2Foauth%2Frequest_token%2F&oauth_consumer_key%3Dabcd%26oauth_nonce%3D0c0bdded5b1afb8eddf94f7ccc672658%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1275135410%26oauth_version%3D1.0
The problem seems to lie inside the _check_signature method of Piston's oauth.py, where
valid_sig = signature_method.check_signature(oauth_request, consumer, token, signature)
is returning false. I can't, however, work out how to get the signature validated.
Any ideas?
-----Update-----
If I remove the test consumer from piston's backend, the response returned is correctly set to "Invalid consumer", so this lookup appears to be working.
解决方案The eventual answer I found was to install a working copy of oauth_consumer into the application directory. Once I had added my consumer inside this application, everything worked as expected.
这篇关于“无效签名”:具有Django活塞的oAuth提供者的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!