0

我正在尝试使用该页面上的示例 Java 代码验证OpenSocial 0.7 签名请求。我认为它应该以这种方式工作,但我仍然收到 signature_invalid 错误。

主要验证码:

 // NOTE: req = HttpServletRequest

 // check for hyves
 if (!"hyves.nl".equals(req.getParameter("oauth_consumer_key"))) {
  throw new RuntimeException("Only hyves supported");
 }

 // update hyves' certificate
 getHyvesCert(req.getParameter("xoauth_signature_publickey"));

 // construct message object
 OAuthMessage oaMessage = new OAuthMessage(req.getMethod(), getRequestUrl(req), getParameters(req));

 // validate message
 // (will throw exception if invalid)
 new SimpleOAuthValidator().validateMessage(oaMessage, new OAuthAccessor(OAUTH_CONSUMER_HYVES));

OAUTH_CONSUMER_HYVES

 private static final OAuthServiceProvider OAUTH_THIS = new OAuthServiceProvider(null, null, null);
 private static final OAuthConsumer OAUTH_CONSUMER_HYVES = new OAuthConsumer(null, "hyves.nl", null, OAUTH_THIS);

getHyvesCert

 public void getHyvesCert(String name) {

  synchronized(certLoadLock) {

  // in reality this is code that downloads the certificate
  // with the specified name, but this is the result
  hyvesCert = "---BEGIN CERTIFICATE---- etc...";

  OAUTH_CONSUMER_HYVES.setProperty(RSA_SHA1.X509_CERTIFICATE, hyvesCert);

  }   

 }

方法getRequestUrlgetParameters直接从这里复制

4

1 回答 1

1

我发现了问题。getRequestUrl()返回了错误的 URL,因为 Tomcat 在 nginx 代理后面。因此,虽然发送者会使用 URL“ http://example.com/bla ”来签署请求,但服务器使用“ http://example.com:8080/bla ”来验证它。

于 2010-10-19T12:52:50.313 回答