我正在尝试为 Disquss 实现单点登录功能。Disquss 有一个测试控制台,它使我们能够快速测试这些值。首先,我们确保我们获得了与控制台一起使用的硬编码值,因此我们确定我们了解 Disquss 的要求。接下来,我们想在 Rails 中实现同样的东西,但我们遇到了问题。
问题在于 ruby 没有生成预期值,实际上它会生成垃圾,这与预期值完全不同:
这是来自 Disquss 手册:
消息正文(Base64 编码)
除非另有说明,否则消息正文必须包含以下区分大小写的属性:
id - any unique user ID associated with that account within your user database. This will be used to generate a unique username to reference in the Disqus system. IDs must be completely unique; if you're using multiple datastores locally, for example, make sure not to re-use IDs when passing them to Disqus as that will result in account conflicts.
username - The displayed name for that account
email - The registered email address for that account
avatar (optional) - A link to that user's avatar
url (optional) - A link to the user's website
HMAC-SHA1 签名
使用 HMAC->SHA1(secret_key, message + ' ' + timestamp) 生成
根据该示例,我们设计了以下 Rails 代码(它仍处于测试阶段,因此是 puts):
secret_key = "12312312312312312312312312312312312312312312312312"
digest = OpenSSL::Digest::Digest.new('sha1')
puts @disqus_timestamp = Date.today.to_time.to_i
puts @disqus_serializer_message = {"id"=> session[:frontend_user].to_s,"username"=>@fuser.username,"email"=>@fuser.email }.to_json
puts @disqus_message = Base64.encode64(@disqus_serializer_message)
puts @disqus_signature = OpenSSL::HMAC.digest(digest,secret_key,@disqus_message + ' '+ @disqus_timestamp.to_s )
puts @sso_payload = ""
puts "END"
我们应该得到三个值: 1. JSON 以如下格式序列化:
eyJ1c2VybmFtZSI6InZlZHJhbiBtYXJpY2V2aWMiLCJpZCI6IjgiLCJlbWFp bCI6IndleC5hbHBoYUBnbWFpbC5jb20ifQ==
杰森作品
- Computed HMAC:我们得到这种格式:
5œ[ƒmò Ø™`Õ„Öù©≠Δ8
但我们应该得到这种格式的东西:
4683eff451100191c60d2a0f0e72f3a6d15db950
我尝试了不同的东西,但无济于事。可能是什么问题?