[英]OAuth with Twitter script in Python is not working
I'm writing a script of OAuth in Python. 我正在用Python编写OAuth脚本。
For testing this, I use Twitter API. 为了测试这个,我使用Twitter API。 But it is not working well.
但它运作不佳。
def test():
params = {
"oauth_consumer_key": TWITTER_OAUTH_CONSUMER_KEY,
"oauth_nonce": "".join(random.choice(string.digits + string.letters) for i in xrange(7)),
"oauth_signature_method": "HMAC-SHA1",
"oauth_timestamp": str(int(time.time())),
"oauth_token": res_dict["oauth_token"],
"oauth_version": "1.0",
}
status = {"status": u"Always_look_on_the_bright_side_of_life".encode("UTF-8")}
print status
params.update(status)
url = "http://twitter.com/statuses/update.xml"
key = "&".join([TWITTER_OAUTH_CONSUMER_SECRET, res_dict["oauth_token_secret"]])
msg = "&".join(["POST", urllib.quote(url,""),
urllib.quote("&".join([k+"="+params[k] for k in sorted(params)]), "-._~")])
print msg
signature = hmac.new(key, msg, hashlib.sha1).digest().encode("base64").strip()
params["oauth_signature"] = signature
req = urllib2.Request(url,
headers={"Authorization":"OAuth", "Content-type":"application/x-www-form-urlencoded"})
req.add_data("&".join([k+"="+urllib.quote(params[k], "-._~") for k in params]))
print req.get_data()
res = urllib2.urlopen(req).read()
print res
This script (status="Always_look_on_the_bright_side_of_life") is working. 此脚本(status =“Always_look_on_the_bright_side_of_life”)正在运行。
But, in case status is "Always look on the bright side of life"(replaced underscore with space), it isn't working(is returning HTTP Error 401: Unauthorized). 但是,如果状态是“总是看着生活的光明面”(用空格替换下划线),它就不起作用(正在返回HTTP错误401:未经授权)。
I referenced this question , but failed. 我引用了这个问题 ,但失败了。
Please give me some advice. 请给我一些建议。 Thank you.
谢谢。
I got the same problem in OAuth with FaceBook a while ago. 我刚刚在使用FaceBook的OAuth中遇到了同样的问题。 The problem is that the signature validation on server side fails.
问题是服务器端的签名验证失败。 See your signature generation code here:
在此处查看您的签名生成代码:
msg = "&".join(["POST", urllib.quote(url,""),
urllib.quote("&".join([k+"="+params[k] for k in sorted(params)]), "-._~")])
print msg
signature = hmac.new(key, msg, hashlib.sha1).digest().encode("base64").strip()
It uses the raw (non-encoded) form of the string to generate the signature. 它使用字符串的原始(非编码)形式来生成签名。 However, the server side generates validates the signature against the URL quoted string:
但是,服务器端生成针对URL引用字符串验证签名:
req.add_data("&".join([k+"="+urllib.quote(params[k], "-._~") for k in params]))
To fix the code, you need to do fix this line by creating the signature from the url encoded parameter: 要修复代码,您需要通过从url encoded参数创建签名来修复此行:
msg = "&".join(["POST", urllib.quote(url,""),
urllib.quote("&".join([k+"="+urllib.quote(params[k], "-._~") for k in sorted(params)]), "-._~")])
The easiest way to fix this is to add status = urllib.quote(status)
after status = {"status": u"Always_look_on_the_bright_side_of_life".encode("UTF-8")}
. 解决此问题的最简单方法是在
status = {"status": u"Always_look_on_the_bright_side_of_life".encode("UTF-8")}
之后添加status = urllib.quote(status)
status = {"status": u"Always_look_on_the_bright_side_of_life".encode("UTF-8")}
。 This will escape the spaces and other special characters as required. 这将根据需要转义空格和其他特殊字符。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.