我正在开发一个系统来从用户那里获取雅虎联系人。我已经完成了http://developer.yahoo.com/oauth/guide/oauth-auth-flow.html的所有步骤,并且我已经获得了访问令牌和令牌密码。
我在使用 HMAC-SHA1 算法进行签名时遇到问题,我已按照http://developer.yahoo.com/oauth/guide/oauth-signing.html中的步骤生成签名密钥,但是当我向给定用户请求联系人时我得到错误:
<yahoo:error xmlns:yahoo='http://yahooapis.com/v1/base.rng'
xml:lang='en-US'>
<yahoo:description>Please provide valid credentials. OAuth oauth_problem="signature_invalid", realm="yahooapis.com"</yahoo:description>
</yahoo:error>
这是我负责生成签名密钥的代码:
$s = 'oauth_consumer_key='.rawurlencode($yahoo_consumer_key).'&';
$s .= 'oauth_nonce='.rawurlencode(uniqid()).'&';
$s .= 'oauth_signature_method='.rawurlencode('HMAC-SHA1').'&';
$s .= 'oauth_timestamp='.rawurlencode(time()).'&';
$s .= 'oauth_token='.rawurlencode($ouathToken).'&';
$s .= 'oauth_version='.rawurlencode('1.0').'&';
$s .= 'realm='.rawurlencode('yahooapis.com');
$baseString ='GET&'.rawurlencode('http://social.yahooapis.com/v1/user/'.$guid.'/contacts').'&'.rawurlencode($s);
$signingKey = rawurlencode($yahoo_consumer_secret).'&'.rawurlencode($ouathTokenSecret);
$signature = urlencode(base64_encode(hash_hmac('sha1', $baseString, $signingKey, true)));
curl_setopt_array($ch, array(
CURLOPT_RETURNTRANSFER => true,
CURLOPT_FOLLOWLOCATION => TRUE,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => 0,
CURLOPT_HTTPGET => true,
CURLOPT_POST => false,
CURLOPT_URL => 'http://social.yahooapis.com/v1/user/'.$guid.'/contacts'.
'?realm=yahooapis.com'.
'&oauth_consumer_key='.$yahoo_consumer_key.
'&oauth_nonce='.uniqid().
'&oauth_signature_method=HMAC-SHA1'.
'&oauth_timestamp='.time().
'&oauth_token='.$ouathToken.
'&oauth_version=1.0'.
'&oauth_signature='.$signature
));
$result = curl_exec($ch);
任何人都可以帮助告诉我错误在哪里?我没有正确生成签名密钥吗?
谢谢你。