1

我正在使用下面的代码片段来签署请求并获取 JIRA OAuth 流程的请求令牌。

import base64
import urlparse
from tlslite.utils import keyfactory
import oauth2 as oauth

consumer_key = 'oauth-sample-consumer'
consumer_secret = 'dont_care'

request_token_url = 'https://localhost:8090/jira/plugins/servlet/oauth/request-token'
access_token_url = 'https://localhost:8090/jira/plugins/servlet/oauth/access-token'
authorize_url = 'https://localhost:8090/jira/plugins/servlet/oauth/authorize'

class SignatureMethod_RSA_SHA1(oauth.SignatureMethod):
    name = 'RSA-SHA1'

    def signing_base(self, request, consumer, token):
        if not hasattr(request, 'normalized_url') or request.normalized_url is None:
            raise ValueError("Base URL for request is not set.")

        sig = (
            oauth.escape(request.method),
            oauth.escape(request.normalized_url),
            oauth.escape(request.get_normalized_parameters()),
        )

        key = '%s&' % oauth.escape(consumer.secret)
        if token:
            key += oauth.escape(token.secret)
        raw = '&'.join(sig)
        return key, raw

    def sign(self, request, consumer, token):
        """Builds the base signature string."""
        key, raw = self.signing_base(request, consumer, token)

        with open('../rsa.pem', 'r') as f:
            data = f.read()
        privateKeyString = data.strip()

        privatekey = keyfactory.parsePrivateKey(privateKeyString)
        signature = privatekey.hashAndSign(raw)

        return base64.b64encode(signature)


if __name__=='__main__':
    consumer = oauth.Consumer(consumer_key, consumer_secret)
    client = oauth.Client(consumer)
    client.set_signature_method(SignatureMethod_RSA_SHA1())

    resp, content = client.request(request_token_url, "POST")
    if resp['status'] != '200':
       raise Exception("Invalid response %s: %s" % (resp['status'],  content))

我已将公钥添加到 JIRA 消费者应用程序。现在执行上面的代码片段总是给我这个错误:

Traceback (most recent call last):
  File "views.py", line 80, in <module>
    resp, content = client.request(request_token_url, "GET")
  File "/usr/local/lib/python2.7/dist-packages/oauth2/__init__.py", line 682, in request
    connection_type=connection_type)
  File "/usr/local/lib/python2.7/dist-packages/httplib2/__init__.py", line 1570, in request
    (response, content) = self._request(conn, authority, uri, request_uri, method, body, headers, redirections, cachekey)
  File "/usr/local/lib/python2.7/dist-packages/httplib2/__init__.py", line 1317, in _request
    (response, content) = self._conn_request(conn, request_uri, method, body, headers)
  File "/usr/local/lib/python2.7/dist-packages/httplib2/__init__.py", line 1252, in _conn_request
    conn.connect()
  File "/usr/local/lib/python2.7/dist-packages/httplib2/__init__.py", line 1044, in connect
    raise SSLHandshakeError(e)
httplib2.SSLHandshakeError: [Errno 1] _ssl.c:503: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

我实际上删除了我的公钥并再次将其输入到我的消费者应用程序中以确保没有空格。

JIRA 没有提供任何上传公钥文件的选项,因此无论如何都必须复制它。

4

1 回答 1

1

我用这个certifi包解决了

sudo pip install certifi

在代码中:

client.ca_certs = certifi.where()
于 2013-12-14T10:46:19.117 回答