android - Volley OAuth1.0认证

Question

我尝试使用OAuth1.0认证。我在 postman 身上试了一下。 Postman guide表示您可以设置以下值:

消费者 key :RKCGzna7bv9YD57c

消费者 secret :D+EdQ-gs$-%@2Nu7

在 postman 上，我设置了这些值并选中“将参数添加到 header ”。响应状态码为200。

当我点击向 header 添加参数时， postman 生成以下值:

OAuth oauth_consumer_key="RKCGzna7bv9YD57c",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1499874836",oauth_nonce="T5zV4W",oauth_version="1.0",oauth_signature="YDXruS98dvqQs7Ra3a3ZWczkEpM%3D"

public Map<String, String> getHeaders() throws AuthFailureError {
    final Map<String, String> headers = new HashMap<>();
    headers.put("Authorization", headerValue); // headerValue is taken from postman
    return headers;
}

它有效。但我希望根据 postman guide 分配消费者 key 和消费者 secret 就足够了.

以下用法无效。它表示 {"status":"fail","message":"Timestamp is missing or is not a number"}。 我应该使用 headers.put("Authorization", authString); 吗？

还必须给出时间戳、签名和签名方法吗？

headers.put("oauth_consumer_key","RKCGzna7bv9YD57c");
headers.put("oauth_signature_method","HMAC-SHA1");
headers.put("oauth_timestamp","1499874836");
headers.put("oauth_nonce", "0Jx39O");
headers.put("oauth_signature_method","HMAC-SHA1");
headers.put("oauth_signature", "GGKc%2FuFoAWIflEsfE1%2B6mZau3vM%3D");
headers.put("oauth_timestamp","1499872116");
headers.put("oauth_version","1.0");

Answer 1

new Thread() {
            @Override
            public void run() {
                String RESOURCE_URL = "url";
                String SCOPE = "*"; //all permissions
                Response response;
                OAuthRequest request;
                String responsebody = "";
                OAuthService service = new ServiceBuilder().provider(OneLeggedApi10.class)
                        .apiKey("key")
                        .apiSecret("secrect")
                        .signatureType(SignatureType.QueryString)
                        .debug()
                        /*.scope(SCOPE).*/
                        .build();

            request = new OAuthRequest(Verb.GET, RESOURCE_URL);
            service.signRequest(new Token("", ""), request);

            // Now let's go and ask for a protected resource!
            Log.d("scribe", "Now we're going to access a protected resource...");

            try {
                response = request.send();
                if (response.isSuccessful()) {
                    responsebody = response.getBody();
                    Log.e("response", responsebody);
                }

            } catch (Exception e) {
                e.printStackTrace();
            }
        }
    }.start();