我尝试使用 google data api,但在 OAuthGetRequestToken 遇到了困难。 我按照说明进行操作:requestToken
我使用 GET 并在 url 后添加查询参数。
我以这种方式创建用于签名的基本字符串: GET&request url &query parameters(without oauth_signature) 按字母顺序排序
当我使用 HMAC-SHA1 时,我使用“消费者 secret ”值来创建签名。
最后我使用url+query参数,浏览器总是返回: 签名无效 base_string:GET&https%3A%2******
我发现 base_string 与我的代码中的相同。
不知道问题出在哪里,求助。 下面是我的代码: (hmac_sha1是对的,我用Oauth的样例数据来测试)
#import "ContactTestViewController.h"
#import "ASIHTTPRequest.h"
#import <CommonCrypto/CommonHMAC.h>
#import <CommonCrypto/CommonCryptor.h>
#import "Base64.h"
#import "NSStringAdditions.h"
#import "NSData+Base64.h"
#define kAllContacts @"https://www.google.com/m8/feeds/contacts/default/full"
#define kOauthGetRequestToken @"https://www.google.com/accounts/OAuthGetRequestToken"
#define kOauthConsumerKey @"oauth_consumer_key=***.net"
#define kOauthConsumerSecret @"****/*****"
#define kOauthNonce @"oauth_nonce=457261624861626265724761686176"
#define kOauthSigMethod @"oauth_signature_method=HMAC-SHA1"
#define kOauthSignature @"oauth_signature="
#define kOauthTimeStamp @"oauth_timestamp="
#define kOauthScope @"scope=https://www.google.com/m8/feeds/contacts/default/full"
#define kOauthCallback @"oauth_callback=http://****.net/index.html"
#define kOauthVersion @"oauth_version=1.0"
#define kXOauthDisplayname @""
@implementation ContactTestViewController
- (NSString *)parameterStrNoSignature
{
NSDate *currentDate = [NSDate date];
NSTimeInterval timeInter = [currentDate timeIntervalSince1970];
NSString *str = [NSString stringWithFormat:@"%@&%@&%@&%@&%@%d&%@",
kOauthCallback,
kOauthConsumerKey,
kOauthNonce,
kOauthSigMethod,
kOauthTimeStamp,
(int)timeInter,
kOauthScope
];
return str;
}
- (NSString *)hostEncode:(NSString *)str
{
NSString *str1 = [str stringByReplacingOccurrencesOfString:@":" withString:@"%3A"];
NSString *str2 = [str1 stringByReplacingOccurrencesOfString:@"/" withString:@"%2F"];
return str2;
}
- (NSString *)parameterEncode:(NSString *)str
{
NSString *str1 = [str stringByReplacingOccurrencesOfString:@"/" withString:@"%252F"];
NSString *str2 = [str1 stringByReplacingOccurrencesOfString:@":" withString:@"%253A"];
NSString *str3 = [str2 stringByReplacingOccurrencesOfString:@"&" withString:@"%26"];
NSString *str4 = [str3 stringByReplacingOccurrencesOfString:@"=" withString:@"%3D"];
return str4;
}
- (NSString *)hmac_sha1:(NSString *)key text:(NSString*)plainText
{
const char *cKey = [key cStringUsingEncoding:NSASCIIStringEncoding];
const char *cData = [plainText cStringUsingEncoding:NSASCIIStringEncoding];
char cHMAC[CC_SHA1_DIGEST_LENGTH];
CCHmac(kCCHmacAlgSHA1, cKey, strlen(cKey), cData, strlen(cData), cHMAC);
NSData *HMAC = [[NSData alloc] initWithBytes:cHMAC length:CC_SHA1_DIGEST_LENGTH];
NSString *hash = [Base64 encode:HMAC];//base64
hash = [HMAC base64EncodedString];
[HMAC release];
return hash;
}
- (void)authTest
{
NSString *parameterNoSignature = [self parameterStrNoSignature];
NSLog(@"no signature parameters:\n%@",parameterNoSignature);
NSString *baseStringEncode = [NSString stringWithFormat: @"GET&%@&%@",
[self hostEncode:kOauthGetRequestToken],
[self parameterEncode:parameterNoSignature]
];
NSLog(@"base string encode:\n%@",baseStringEncode);
NSString *signatureStr = [self hmac_sha1:kOauthConsumerSecret
text:baseStringEncode];
NSLog(@"signature:\n%@",signatureStr);
NSString *urlStr = [NSString stringWithFormat:@"%@?%@&%@%@",
kOauthGetRequestToken,
parameterNoSignature,
kOauthSignature,
signatureStr
];
NSLog(@"url string:\n%@",urlStr);
}
// Implement viewDidLoad to do additional setup after loading the view, typically from a nib.
- (void)viewDidLoad {
[super viewDidLoad];
[self authTest];
}
- (void)dealloc {
[super dealloc];
}
最佳答案
对于 key ,您需要[伪代码]:urlencode(utf8(oauth_consumer_secret)) + "&"+ urlencode(utf8(oauth_token_secret))
仅使用 oauth_consumer_secret 是不够的。如果 oauth_token_secret 为空,因为它将在 OAuth 流程开始时,该部分将为空但您仍然需要在编码的消费者 secret 之后的 &。
关于ios - OAuth 获取请求 token :signature_invalid error,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/5674405/