堆栈内存溢出
  简体   繁体   English

计算HMAC-SHA1签名

[英]Calculate HMAC-SHA1 Signature

 原文  2014-02-11 21:41:47       php

问题描述

I got the code below in PHP but getting a error from my server that am not authorised so am prob doing something wrong in calculation of the $signature for the oauth_signature field. 我在PHP中获得了下面的代码,但是从未经授权的服务器中收到了一个错误,因此在计算oauth_signature字段的$ signature时可能会出错。

Am not setting any HTTP headers. 未设置任何HTTP标头。 

        include_once "oauth-php/library/OAuthStore.php";
        include_once "oauth-php/library/OAuthRequester.php";

        $key = 'xx'; // this is your consumer key
        $secret = 'xx'; // this is your secret key
        $req_url = "http://www.sample.com"; 

        $options = array( 'consumer_key' => $key, 'consumer_secret' => $secret);

    OAuthStore::instance("2Leg", $options );

    $method = "POST";

$params = array( 'oauth_consumer_key' => $key, 'oauth_signature_method' => 'HMAC-SHA1', 'oauth_timestamp' => time(), 'oauth_nonce' => time(), 'user_id' => '1234' ); $ params = array('oauth_consumer_key'=> $ key,'oauth_signature_method'=>'HMAC-SHA1','oauth_timestamp'=> time(),'oauth_nonce'=> time(),'user_id'=>'1234' ); 

    $post_string = ''; 
foreach($params as $key => $value) {
        $post_string .= $key.'='.($value).'&'; 
} 
$post_string = rtrim($post_string, '&'); 
$base_string = urlencodeRFC3986($post_string); 
$signature = base64_encode(hash_hmac('sha1', $base_string, $secret, true));

$params['oauth_signature'] = $signature;
try {
            $request = new OAuthRequester($req_url, $method, $params);

            $result = $request->doRequest();
            var_dump($result); 
} 
catch(OAuthException2 $e)
{   
var_dump($e); 
}

function urlencodeRFC3986($string) 
{    
return str_replace('%7E', '~', rawurlencode($string)); 
}

1 个解决方案

解决方案1
 1  2014-02-11 21:51:03

A few things: 一些东西:

1) Don't set 'oauth_signature_method' as array('HMAC-SHA1') . 1)不要将'oauth_signature_method'设置为array('HMAC-SHA1') Just use 'HMAC-SHA1' or else you'll end up with oauth_signature_method=Array in your post string. 只需使用'HMAC-SHA1' ,否则您将在帖子字符串中使用oauth_signature_method=Array结束。

2) Don't include oauth_signature in the param list until after you've calculated the signature. 2)在计算完签名后,请勿在参数列表中包含oauth_signature See this question for more details: https://stackoverflow.com/questions/9986533/what-does-oauth-signature-sign 有关更多详细信息,请参阅此问题: https : //stackoverflow.com/questions/9986533/what-does-oauth-signature-sign

You should end up with something like: 您应该以如下形式结束: 

$params = array(
                'oauth_consumer_key' => $key, 
                'oauth_signature_method' =>  'HMAC-SHA1',
                'oauth_timestamp' => time(),
                'oauth_nonce' => time(),
                'user_id' => '1234'
                );

$post_string = '';
foreach($content as $key => $value)
{
    $post_string .= $key.'='.($value).'&';
}
$post_string = rtrim($post_string, '&');

$base_string = urlencodeRFC3986($post_string);

$signature = base64_encode(hash_hmac('sha1', $base_string, $secret, true));

$params['oauth_signature'] = $signature;

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 PHP生成HMAC-SHA1签名 - PHP Generate HMAC-SHA1 signature PHP卷曲HMAC-SHA1 - PHP Curl HMAC-SHA1 如何使用 TwitterOAuth (abraham/twitteroauth) 在 PHP 中获取/生成 Twitter 的 HMAC-SHA1 签名 - How to get/generate HMAC-SHA1 signature for Twitter in PHP using TwitterOAuth (abraham/twitteroauth) RFC 2104 HMAC-SHA1的最佳实现 - the best implementation of RFC 2104 HMAC-SHA1 在XML中使用HMAC-SHA1生成SignatureValue - Generating SignatureValue using HMAC-SHA1 in XML 如何在C#中生成HMAC-SHA1? - How to generate HMAC-SHA1 in C#? java相当于php的hmac-SHA1 - java equivalent to php's hmac-SHA1 PHP HMAC-SHA1函数不返回“ =”作为填充字符吗? - PHP HMAC-SHA1 function not returning “=” as padding character? 如何使用Base64编码执行HMAC-SHA1? - How to perform HMAC-SHA1 with Base64 Encode? 尝试使用PHP通过HMAC-SHA1进行数字签名 - Trying to digitally sign via HMAC-SHA1 with PHP
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM