[英]Calculate HMAC-SHA1 Signature
I got the code below in PHP but getting a error from my server that am not authorised so am prob doing something wrong in calculation of the $signature for the oauth_signature field. 我在PHP中获得了下面的代码,但是从未经授权的服务器中收到了一个错误,因此在计算oauth_signature字段的$ signature时可能会出错。
Am not setting any HTTP headers. 未设置任何HTTP标头。
include_once "oauth-php/library/OAuthStore.php";
include_once "oauth-php/library/OAuthRequester.php";
$key = 'xx'; // this is your consumer key
$secret = 'xx'; // this is your secret key
$req_url = "http://www.sample.com";
$options = array( 'consumer_key' => $key, 'consumer_secret' => $secret);
OAuthStore::instance("2Leg", $options );
$method = "POST";
$params = array( 'oauth_consumer_key' => $key, 'oauth_signature_method' => 'HMAC-SHA1', 'oauth_timestamp' => time(), 'oauth_nonce' => time(), 'user_id' => '1234' ); $ params = array('oauth_consumer_key'=> $ key,'oauth_signature_method'=>'HMAC-SHA1','oauth_timestamp'=> time(),'oauth_nonce'=> time(),'user_id'=>'1234' );
$post_string = '';
foreach($params as $key => $value) {
$post_string .= $key.'='.($value).'&';
}
$post_string = rtrim($post_string, '&');
$base_string = urlencodeRFC3986($post_string);
$signature = base64_encode(hash_hmac('sha1', $base_string, $secret, true));
$params['oauth_signature'] = $signature;
try {
$request = new OAuthRequester($req_url, $method, $params);
$result = $request->doRequest();
var_dump($result);
}
catch(OAuthException2 $e)
{
var_dump($e);
}
function urlencodeRFC3986($string)
{
return str_replace('%7E', '~', rawurlencode($string));
}
A few things: 一些东西:
1) Don't set 'oauth_signature_method'
as array('HMAC-SHA1')
. 1)不要将'oauth_signature_method'
设置为array('HMAC-SHA1')
。 Just use 'HMAC-SHA1'
or else you'll end up with oauth_signature_method=Array
in your post string. 只需使用'HMAC-SHA1'
,否则您将在帖子字符串中使用oauth_signature_method=Array
结束。
2) Don't include oauth_signature
in the param list until after you've calculated the signature. 2)在计算完签名后,请勿在参数列表中包含oauth_signature
。 See this question for more details: https://stackoverflow.com/questions/9986533/what-does-oauth-signature-sign 有关更多详细信息,请参阅此问题: https : //stackoverflow.com/questions/9986533/what-does-oauth-signature-sign
You should end up with something like: 您应该以如下形式结束:
$params = array(
'oauth_consumer_key' => $key,
'oauth_signature_method' => 'HMAC-SHA1',
'oauth_timestamp' => time(),
'oauth_nonce' => time(),
'user_id' => '1234'
);
$post_string = '';
foreach($content as $key => $value)
{
$post_string .= $key.'='.($value).'&';
}
$post_string = rtrim($post_string, '&');
$base_string = urlencodeRFC3986($post_string);
$signature = base64_encode(hash_hmac('sha1', $base_string, $secret, true));
$params['oauth_signature'] = $signature;
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.