我正在尝试在 android 上创建一个 flickr 应用程序,但被困在请求请求令牌的身份验证中。
生成签名
API 密钥:-496a8ac6ca46325e6cef* * ****
API 秘密:-685682a92* **
基本字符串:-
GET&http%3A%2F%2Fwww.flickr.com%2Fservices%2Foauth%2Frequest_token&oauth_callback%3Dsoft%253A%252F%252Fcom.alice.testflickr%26oauth_consumer_key%3D496a8ac6ca46325e6cef%26oauth_nonce%3D394e61453f7b82cd633d229ac9b6454b%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1339654651%26oauth_version%3D1.0
生成签名的方法:-
public String computeSignature(String baseString,String key)throws IllegalStateException, UnsupportedEncodingException, NoSuchAlgorithmException, InvalidKeyException{
//here key is the appsecret+"&"
byte[] byteHMAC = null;
Mac mac = Mac.getInstance("HmacSHA1");
SecretKeySpec spec = new SecretKeySpec(key.getBytes(),"HmacSHA1");
mac.init(spec);
byteHMAC = mac.doFinal(baseString.getBytes("UTF-8"));
return new String(Base64.encode(byteHMAC,Base64.NO_WRAP));
}
时间戳是(System.currentTimeMillis)/1000
随机数是Long.toString(System.nanoTime());
我请求这样的请求令牌:-
http://www.flickr.com/services/oauth/request_token?oauth_nonce=12190496931948&oauth_timestamp=1339664498&oauth_consumer_key=496a8ac6ca46325e6cef&oauth_signature_method=HMAC-SHA1&oauth_version=1.0&oauth_signature=jg8CCdKb8gw%2BMJK0aJ6Brpba0G0%3D&oauth_callback=soft%3A%2F%2Fcom.alice.testflickr
但我总是最终得到
oauth_problem=signature_invalid&debug_sbs=GET&http%3A%2F%2Fwww.flickr.com%2Fservices%2Foauth%2Frequest_token&oauth_callback%3Dsoft%253A%252F%252Fcom.alice.testflickr%26oauth_consumer_key%3D496a8ac6ca46325e6cef%26oauth_nonce%3D12190496931948%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1339664498%26oauth_version%3D1.0
我生成签名的方式有问题还是这里有任何其他问题。编辑:basestring中timestamp的值和请求是一样的