1 
String baseString="POST&";
String subBaseString = "oauth_consumer_key="+oauth_consumer_key+"&oauth_nonce="+nonce+"&oauth_signature_method="+oauth_signature_method;
subBaseString += "&oauth_timestamp="+  oauth_timestamp+"&oauth_token="+oauth_token+"&oauth_version=1.0";
baseString += URLEncoder.encode(baseRequest, "UTF-8");
baseString += "&" +  URLEncoder.encode(subBaseString, "UTF-8");

String result;
try {

    SecretKeySpec signingKey = new SecretKeySpec(oauth_consumer_key.getBytes(), oauth_signature_method);

    Mac mac = Mac.getInstance(oauth_signature_method);
    mac.init(signingKey);

    byte[] rawHmac = mac.doFinal(baseString.getBytes());

    // base64-encode the hmac
    result = Base64.encode(rawHmac);

} catch (Exception e) {
    throw new SignatureException("Failed to generate HMAC : " + e.getMessage());
}

这是我的 oauth_signature 生成代码....

但得到错误..

{“错误”:“API v1+ 中的 OAuthError。请求错误签名:无效或缺少签名”}

4

1 回答 1

2

如果您使用纯 HTTP,OAuth 签名、随机数和时间戳都是必要的安全措施。但是由于 Dropbox API 可以通过 HTTPS 使用,因此您可以放弃所有这些复杂性,而只使用PLAINTEXT签名模式会简单得多。

下面是一些完成这项工作的示例 Java 代码。(它将 OAuth 信息放在“Authorization”HTTP 标头中,但如果需要,您可以使用 URL 参数。)

 /**
  * @param token
  *    For all "real" API endpoints, pass in the access token here.
  *    For "/oauth/access_token", pass in the request token here.
  *    (For "/oauth/request_token", use {@link #buildInitialOAuthHeader}.)
  */
 public static HttpHeader buildOAuthHeader(AppInfo appInfo, Token token)
 {
     StringBuilder buf = new StringBuilder();
     buf.append("OAuth ");
     buf.append("oauth_token=\"").append(token.key).append("\"");
     buf.append(", oauth_consumer_key=\"").append(appInfo.key).append("\"");
     buf.append(", oauth_signature_method=\"PLAINTEXT\"");
     buf.append(", oauth_signature=\"").append(appInfo.secret).append("&").append(token.secret).append("\"");
     return new HttpHeader("Authorization", buf.toString());
 }

 /**
  * For "/oauth/request_token".
  */
 public static HttpHeader buildInitialOAuthHeader(AppInfo appInfo)
 {
     StringBuilder buf = new StringBuilder();
     buf.append("OAuth ");
     buf.append(" oauth_consumer_key=\"").append(appInfo.key).append("\"");
     buf.append(", oauth_signature_method=\"PLAINTEXT\"");
     buf.append(", oauth_signature=\"").append(appInfo.secret).append("&\"");
     return new HttpHeader("Authorization", buf.toString());
 }
于 2012-06-08T03:14:03.570 回答