0

好吧,似乎如果我想用 Twitter 登录,我需要提供“签名”。所以我可以得到access_token和access_token_secret。

但是创建签名意味着我需要提供 access_token_secret (将其用作签名密钥),如果我之前请求它,我将无法获得它。

那么这是什么一回事?The remote server returned an error: (401) Unauthorized.即使使用应用程序接口生成的 access_token_secret,我也总是得到。

我应该以其他方式创建签名密钥吗?这是我在 C# .NET 上的实际代码:

var requestedURL = "https://api.twitter.com/oauth/request_token";

var authorizationParameters = new List<KeyValuePair<string, string>>() { 
        new KeyValuePair<string, string>("oauth_callback",SocialEngine.twitter_aggrega_redirect_uri),
        new KeyValuePair<string, string>("oauth_consumer_key",oauth_consumer_key),
        new KeyValuePair<string, string>("oauth_nonce",oauth_nonce),
        new KeyValuePair<string, string>("oauth_signature_method",oauth_signature_method),
        new KeyValuePair<string, string>("oauth_timestamp",oauth_timestamp),
        new KeyValuePair<string, string>("oauth_version",oauth_version)
};

var allParameters = authorizationParameters.OrderBy(tmp => tmp.Key);

var baseString = string.Join("&", allParameters.Select(p => string.Format("{0}={1}", p.Key, Uri.EscapeDataString(p.Value))));
baseString = string.Concat("POST&", Uri.EscapeDataString(requestedURL), "&", Uri.EscapeDataString(baseString));

var compositeKey = string.Concat(Uri.EscapeDataString(oauth_consumer_secret), "&", Uri.EscapeDataString(oauth_access_token_secret));
using (System.Security.Cryptography.HMACSHA1 hasher = new System.Security.Cryptography.HMACSHA1(System.Text.ASCIIEncoding.ASCII.GetBytes(compositeKey)))
{
    oauth_signature = Convert.ToBase64String(hasher.ComputeHash(System.Text.ASCIIEncoding.ASCII.GetBytes(baseString)));
}

oauth_header += "OAuth ";
oauth_header += "oauth_callback=" + "\"" + Uri.EscapeDataString(SocialEngine.twitter_aggrega_redirect_uri) + "\",";
oauth_header += "oauth_consumer_key=" + "\"" + Uri.EscapeDataString(oauth_consumer_key) + "\",";
oauth_header += "oauth_nonce=" + "\"" + Uri.EscapeDataString(oauth_nonce) + "\",";
oauth_header += "oauth_signature=" + "\"" + Uri.EscapeDataString(oauth_signature) + "\",";
oauth_header += "oauth_signature_method=" + "\"" + Uri.EscapeDataString(oauth_signature_method) + "\",";
oauth_header += "oauth_timestamp=" + "\"" + Uri.EscapeDataString(oauth_timestamp) + "\",";
oauth_header += "oauth_version=" + "\"" + Uri.EscapeDataString(oauth_version) + "\"";

HttpWebRequest request = WebRequest.Create(requestedURL) as HttpWebRequest;
request.Headers.Add("Authorization", oauth_header);
request.Method = "POST";
4

1 回答 1

1

在为请求令牌创建签名时,您只使用附加一个 & 符号的 oauth_consumer_secret 来创建签名密钥。

于 2013-10-08T20:40:09.900 回答