php - OAuth1.0a签名生成

Question

//URL parameters sans-signature
$preSignedParameters = [
     'oauth_callback' => 'http://example.com/OAuthRequestToken.do',
     'oauth_consumer_key' => 'WEhGuJZWUasHg',
     'oauth_nonce' => 'zSs4RFI7lakpADpSsv',
     'oauth_signature_method' => 'HMAC-SHA1',
     'oauth_timestamp' => 1330442419,
     'oauth_version' => '1.0'
];

$signature = $this->generateSignature(
    CurlHelper::HTTP_GET,
    "http://nid.naver.com/naver.oauth",
    $preSignedParameters
);

我签了他们；（为了可读性而修改了代码）

private function generateSignature($method, $url, $parameters)
{
    return base64_encode(
                hash_hmac(
                    'sha1',
                    $this->generateSignatureString($method, $url, $parameters),
                    $this->generateSignatureKey(),
                    true
                )
            );
    }
}

private function generateSignatureString($method, $url, $parameters)
{
    //Returns ksort() array
    $parameters = $this->sortParams($parameters);

    $string = $method
        .'&'.rawurlencode($url)
        .'&'.rawurlencode(http_build_query($parameters, PHP_QUERY_RFC3986));

    return $string;
}

private function generateSignatureKey()
{
    if (!$applicationToken = $this->getApplicationToken()) {
        $applicationToken = '';
    }

    $key = rawurlencode('WEhGuJZWUasHg').'&'.rawurlencode($applicationToken);

    return $key;
}

所以当我传入上述参数时......

generateSignatureString()返回

GET&
http%3A%2F%2Fnid.naver.com%2Fnaver.oauth&
oauth_callback%3Dhttp%253A%252F%252Fexample.com%252FOAuthRequestToken.do%26
oauth_consumer_key%3DWEhGuJZWUasHg%26
oauth_nonce%3DzSs4RFI7lakpADpSsv%26
oauth_signature_method%3DHMAC-SHA1%26
oauth_timestamp%3D1330442419%26
oauth_version%3D1.0

generateSignatureKey()返回

WEhGuJZWUasHg&

generateSignature()返回

5EqAAGLxoAovkYs+4gS1E4S9l5I=

预期签名（根据链接指南）

wz9+ZO5OLUnTors7HlyaKat1Mo0=

当然，它会继续从 OAuth 提供者那里得到一个“invalid_signature”错误。

我究竟做错了什么？？？

php - OAuth1.0a签名生成

0 回答 0

Related

Reference