我已经成功获得访问 token 和访问密码。现在,我正在尝试使用 OAuth 信息发出 API 请求。
我正在关注雅虎文档(不是很有帮助): https://developer.yahoo.com/oauth/guide/oauth-make-request.html https://developer.yahoo.com/oauth/guide/oauth-signing.html
此外,我正在尝试密切关注此示例: https://gist.github.com/cheenu/1469815
这是代码:(为了方便,我把长 url 分开了)
require 'cgi'
require 'base64'
require 'openssl'
url = "http://fantasysports.yahooapis.com/fantasy/v2/game/nfl"
parameters = "format=json
&realm=yahooapis.com
&oauth_consumer_key=#{Rails.application.secrets.yhoo_consumer_key}
&oauth_nonce=#{SecureRandom.hex}
&oauth_signature_method=HMAC-SHA1
&oauth_timestamp=#{Time.now.to_i}
&oauth_token=#{ApiVar.final_oauth_token} #the access token
&oauth_version=1.0"
base_string = 'GET&' + CGI.escape(url) + '&' + CGI.escape(parameters)
oauth_signature = CGI.escape(Base64.encode64("#{OpenSSL::HMAC.digest('sha1', ApiVar.final_oauth_secret + "&", base_string)}").chomp)
#ApiVar.final_oauth_secret is the access token secret - is that what I should be putting there?
testable_url = url + '?' + parameters + '&oauth_signature=' + oauth_signature
p testable_url
response = HTTParty.get(testable_url)
我的回复是“signature_invalid”。
我做错了什么?
谢谢!
最佳答案
url = "http://fantasysports.yahooapis.com/fantasy/v2/league/{league-key}/players"
parameters = "format=json&oauth_consumer_key=#{Rails.application.secrets.yhoo_consumer_key}&oauth_nonce=#{SecureRandom.hex}&oauth_signature_method=HMAC-SHA1&oauth_timestamp=#{Time.now.to_i}&oauth_token=#{ApiVar.final_oauth_token}&oauth_version=1.0&realm=yahooapis.com"
base_string = 'GET&' + CGI.escape(url) + '&' + CGI.escape(parameters)
secret = "#{Rails.application.secrets.yhoo_consumer_secret}&#{ApiVar.final_oauth_secret}"
oauth_signature = CGI.escape(Base64.encode64("#{OpenSSL::HMAC.digest('sha1', secret, base_string)}").chomp)
testable_url = url + '?' + parameters + '&oauth_signature=' + oauth_signature
p testable_url
response = HTTParty.get(testable_url)
#{Rails.application.secrets.yhoo_consumer_secret}&#{ApiVar.final_oauth_secret}" - correct secret key
参数必须按字母顺序排列!另外,秘钥是yahoo consumer secret加上最终的oauth secret!
关于ruby-on-rails - Ruby API 请求中的 Yahoo Oauth - 签名无效,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/25355311/