最受欢迎

401使用Codeigniter请求OAuth访问凭据时出错

401 error when requesting OAuth access credentials using Codeigniter

本文关键字:出错 访问 OAuth 使用 Codeigniter 请求 | 更新日期: 2023-09-27

所以我正在制作一个快速而肮脏的应用程序,根据RSS提要中的新项目自动向汤博乐添加新帖子。该应用程序在Codeigniter中,到目前为止,我已经设法获得了请求凭据,并将用户发送到汤博乐进行授权。问题是,一旦他们被重定向回应用程序,并且我请求访问凭据,我就会收到以下错误:

Message: file_get_contents(http://www.tumblr.com/oauth/access_token?oauth_consumer_key=THECONSUMERKEY&oauth_nonce=9362afdd34f9ce1601fb9cf505ffa3cf&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1327440390&oauth_token=09mFsxCvsODDmSxPCyQNu4QKFMMXaAEEyPtBibPUyUTE1n2BsJ&oauth_verifier=hDfGgesf9EKIO5yFhiHxtnsbP42XEP1FISY2qyyWerzXf6fPTG&oauth_version=1.0&oauth_signature=yeFw8ACvVvKtD%2BQ%2FdzbLivDSm1Y%3D) [function.file-get-contents]: failed to open stream: HTTP request failed! HTTP/1.1 401 Unauthorized

这是我正在使用的代码:

$oauthVerifier = $_GET["oauth_verifier"];
        $sigBase = "GET&" . rawurlencode($this->accessTokenUrl) . "&"
                . rawurlencode("oauth_consumer_key=" . rawurlencode($this->consumerKey)
                        . "&oauth_nonce=" . rawurlencode($this->nonce)
                        . "&oauth_signature_method=" . rawurlencode($this->oauthSignatureMethod)
                        . "&oauth_timestamp=" . $this->oauthTimestamp
                        . "&oauth_token=" . rawurlencode($this->CI->session->userdata('requestToken'))
                        . "&oauth_verifier=" . rawurlencode($oauthVerifier)
                        . "&oauth_version=" . $this->oauthVersion);
        $sigKey = $this->consumerSecret . "&";
        $oauthSig = base64_encode(hash_hmac("sha1", $sigBase, $sigKey, true));
        $requestUrl = $this->accessTokenUrl . "?"
                . "oauth_consumer_key=" . rawurlencode($this->consumerKey)
                . "&oauth_nonce=" . rawurlencode($this->nonce)
                . "&oauth_signature_method=" . rawurlencode($this->oauthSignatureMethod)
                . "&oauth_timestamp=" . rawurlencode($this->oauthTimestamp)
                . "&oauth_token=" . rawurlencode($this->CI->session->userdata('requestToken'))
                . "&oauth_verifier=" . rawurlencode($oauthVerifier)
                . "&oauth_version=" . rawurlencode($this->oauthVersion)
                . "&oauth_signature=" . rawurlencode($oauthSig);
        $response = file_get_contents($requestUrl);

有什么好主意吗?

这是不完整的,需要您进行一些bug追踪。

一定要理解对话的相关部分:

TumApp to user: please go to Tumblr with one of my request tokens: GHF3F4F
user to Tumblr: I authorize TumApp, and here is it's request token: GHF3F4F
Tumblr to itself: let me authorize GHF3F4F, which TumApp can exchange for an access token
       to user: redirect to Tumapp's callback
Tumapp to itself: Great, user authorized me (by requesting my callback). Let me exchange my request token for an access token
       to Tumblr: Hey, give me an access token for GHF3F4F
Tumblr to Tumapp: Epic 401 fail!

以下是汤博乐给出401 的原因

发件人http://oauth.net/core/1.0a/#http_codes

HTTP 401 Unauthorized
    Invalid Consumer Key
    Invalid / expired Token
    Invalid signature
    Invalid / used nonce

我会从记号开始推断;使用者密钥成功地为您获得了一个请求令牌,签名和nonce由库生成。

UPDATE:杂散符号实际上不在原始代码中(我的错误),而是我后来试图修复它时做的事情。事实上,原始问题的原因是签名密钥中没有请求令牌密钥。

感谢你的指点,aitchnyu-最后,问题是一个杂散电流。在签名库中,我在rawurlencode中的"oauth_consumer_key="之前包装了与号,而它本应在它之前。

这是旧的sig基础:

"GET&" . rawurlencode($this->accessTokenUrl)
                . rawurlencode("&oauth_consumer_key=" . rawurlencode($this->consumerKey)
                        . "&oauth_nonce=" . rawurlencode($this->nonce)
                        . "&oauth_signature_method=" . rawurlencode($this->oauthSignatureMethod)
                        . "&oauth_timestamp=" . rawurlencode($this->time)
                        . "&oauth_token=" . rawurlencode($token)
                        . "&oauth_verifier=" . rawurlencode($oauthVerifier)
                        . "&oauth_version=" . $this->oauthVersion);

新的:

"GET&" . rawurlencode($this->accessTokenUrl) . "&"
                . rawurlencode("oauth_consumer_key=" . rawurlencode($this->consumerKey)
                        . "&oauth_nonce=" . rawurlencode($this->nonce)
                        . "&oauth_signature_method=" . rawurlencode($this->oauthSignatureMethod)
                        . "&oauth_timestamp=" . rawurlencode($this->time)
                        . "&oauth_token=" . rawurlencode($token)
                        . "&oauth_verifier=" . rawurlencode($oauthVerifier)
                        . "&oauth_version=" . $this->oauthVersion);

至关重要的差异!

相关文章:
最新更新
www.56WenDa.com 2012-2023 | php问答网 | php学习