2

一周以来,我一直在尝试在我的网站中管理“使用 twitter 登录”功能。我什至无法完成第一步:“获取请求令牌”。我收到:

“无法验证 oauth 签名和令牌”

我正在做这里所说的一切:https ://dev.twitter.com/docs/auth/implementing-sign-twitter

并在这里创建一个签名:https ://dev.twitter.com/docs/auth/creating-signature 我的代码:

date_default_timezone_set('UTC');

$oauth_callback = 'http://mydomain.net'; // calls are made from index.php
$url = 'https://api.twitter.com/oauth/request_token';

$oauth_consumer_key = '***';
$oauth_nonce = str_shuffle(trim(base64_encode(time()), '='));
$oauth_signature_method = 'HMAC-SHA1';
$oauth_timestamp = time();
$oauth_token = '***';
$oauth_version = '1.0';

$HTTPMethod = 'POST'; 
$BaseURL = 'https://api.twitter.com/oauth/request_token';   

$consumer_secret = '***';
$access_token_secret = '***';

$params = array(
    'oauth_consumer_key' => $oauth_consumer_key,
    'oauth_nonce' => $oauth_nonce,
    'oauth_signature_method' => $oauth_signature_method,
    'oauth_timestamp' => $oauth_timestamp,
    'oauth_token' => $oauth_token,
    'oauth_version' => $oauth_version,
    'oauth_callback' => $oauth_callback
);

function parameter_string (array $params)
{
    $temp_array = array();
    $parameter_string = '';

    while (current($params)) {
        $temp_array[rawurlencode(key($params))] = rawurlencode(current($params));
        next($params);
    }
    ksort($temp_array);
    foreach ($temp_array as $key => $value) {
        $parameter_string .= '&' . $key . '=' . $value;
    }

    return trim($parameter_string, '&');
}

$parameter_string = parameter_string($params);

function signature_base_string ( $HTTPMethod, $BaseURL, $parameter_string)
{
    $signature_base_string = $HTTPMethod . '&' . rawurlencode($BaseURL) . '&' . rawurlencode($parameter_string);
    return $signature_base_string;
}
$signature_base_string = signature_base_string ($HTTPMethod, $BaseURL, $parameter_string);

function signing_key($consumer_secret)
{
    return rawurlencode($consumer_secret) . '&'; 
}
$signing_key = signing_key($consumer_secret);   

$oauth_signature = base64_encode(hash_hmac('SHA1', $signature_base_string, $signing_key, true));

$header[] = 'Authorization: OAuth '.
        'oauth_callback="'.rawurlencode($oauth_callback).'", '.
        'oauth_consumer_key="'.rawurlencode($oauth_consumer_key).'", '.
        'oauth_nonce="'.rawurlencode($oauth_nonce).'", '.
        'oauth_signature="'.rawurlencode($oauth_signature).'", '.
        'oauth_signature_method="'.rawurlencode('HMAC-SHA1').'", '.
        'oauth_timestamp="'.rawurlencode($oauth_timestamp).'", '.
        'oauth_version="'.rawurlencode('1.0').'"';

$options = array(
    CURLOPT_URL => $url,
    CURLOPT_HEADER => true,
    CURLINFO_HEADER_OUT => true,
    CURLOPT_HTTPHEADER => $header,
    CURLOPT_POST => true,
    CURLOPT_RETURNTRANSFER => true
    );

$c = curl_init();

$d = curl_setopt_array($c, $options);

$response = curl_exec($c);

echo '<pre>';
print_r($response);
echo '</pre>';

echo '<pre>';
print_r (curl_getinfo($c));
echo '</pre>';

curl_close($c);

请求标头如下所示:

POST /oauth/request_token HTTP/1.1
Host: api.twitter.com
Accept: */*
Authorization: OAuth oauth_callback="http%3A%2F%2Fmydomain.net", oauth_consumer_key="***", oauth_nonce="2DHXEIM541CPONJS3UFRQ79G8W0KA6LYZBT", oauth_signature="***", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1379239417", oauth_version="1.0"
Content-Length: 0
Content-Type: application/x-www-form-urlencoded

请帮忙!

4

0 回答 0