我正在尝试从Twitter获取Oauth请求令牌-我正在遵循他们的指南(下面的链接),我已经完成了大约10步,但是我无法弄清楚为什么会出现此错误:
{\“错误\”:[{\“代码\”:215,\“消息\”:\“错误的验证数据。\”}]}]
他们使用Oauth 1.0。我应该在请求中组合所有百分比编码的参数,对它们进行百分比编码,添加请求方法(POST)和请求url,使用该参数加上我的api密钥秘密创建签名,并将签名添加到我的最终发布请求。签名文档位于this page上,后续发布请求文档位于this page上。但是我找不到关于我的错误的更多信息。我使用了指南中给出的示例代码来生成签名,并且得到了与指南相同的结果,因此我认为签名生成不是问题。我三重检查了我的api密钥和api密钥机密。
这是我的完整代码。谁能看到问题吗?
require 'net/http'
require 'uri'
require 'json'
require 'base64'
require 'cgi'
require 'openssl'
oauth_callback = "http://www.example.localhost:3000/twittercallback"
oauth_consumer_key = '[KEY]'
oauth_timestamp = Time.now.to_i
oauth_nonce = SecureRandom.hex(10) + oauth_timestamp.to_s
oauth_signature_method = "HMAC-SHA1"
oauth_version = "1.0"
one1 = CGI.escape "oauth_callback"
one2 = CGI.escape oauth_callback
two1 = CGI.escape "oauth_consumer_key"
two2 = CGI.escape oauth_consumer_key
three1 = CGI.escape "oauth_nonce"
three2 = CGI.escape oauth_nonce
four1 = CGI.escape "oauth_signature_method"
four2 = CGI.escape oauth_signature_method
five1 = CGI.escape "oauth_timestamp"
five2 = CGI.escape oauth_timestamp.to_s
six1 = CGI.escape "oauth_version"
six2 = CGI.escape oauth_version
string = "#{one1}=#{one2}&#{two1}=#{two2}&#{three1}=#{three2}&#{four1}=#{four2}&#{five1}=#{five2}&#{six1}=#{six2}"
encoded_string = CGI.escape string
url = "https://api.twitter.com/oauth/request_token"
encoded_url = CGI.escape url
encoded_string = "POST&" + encoded_url + "&" + encoded_string
signing_key = '[SECRET]'
encoded_signing_key = (CGI.escape signing_key) + "&"
digest = OpenSSL::Digest::Digest.new( 'sha1' )
hmac = OpenSSL::HMAC.digest( digest, encoded_signing_key, encoded_string)
signature = Base64.encode64( hmac ).chomp.gsub( /\n/, '' )
uri = URI.parse("https://api.twitter.com/oauth/request_token")
request = Net::HTTP::Post.new(uri)
request.content_type = "application/json"
request["oath_callback"] = CGI.escape oauth_callback
request["oauth_nonce"] = oauth_nonce
request["oauth_signature_method"] = "HMAC-SHA1"
request["oauth_timestamp"] = oauth_timestamp.to_s
request["oauth_consumer_key"] = '[KEY]'
request["oauth_signature"] = CGI.escape signature
request["oauth_version"] = "1.0"
request.body = ""
req_options = {
use_ssl: uri.scheme == "https",
}
response = Net::HTTP.start(uri.hostname, uri.port, req_options) do |http|
http.request(request)
end
binding.pry #here 'response.body' returns the error I posted above.
end
您没有提供所需的Authorization标头,但为每个参数提供了单独的标头。您需要将以下形式的参数与OAuth组合在一起:
OAuth oauth_nonce="K7ny27JTpKVsTgdyLdDfmQQWVLERj2zAK5BslRsqyw", oauth_callback="http%3A%2F%2Fmyapp.com%3A3005%2Ftwitter%2Fprocess_callback", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1300228849", oauth_consumer_key="OqEqJeafRSF11jBMStrZz", oauth_signature="Pc%2BMLdv028fxCErFyi8KXFM%2BddU%3D", oauth_version="1.0"
并在Authorization标头中提供:
request['Authorization'] = <OAuth string>