推特未授权 401 c# oauth/request_token
twitter unauthorized 401 c# oauth/request_token
我这里有一些代码,我收到错误 401 未授权。我已经检查了使用 twitter 框登录。
public async Task get_Oauth_token_TaskAsync()
{
//variables for action
string oauth_nonce;
string oauth_callback;
string oauth_signature_method;
string oauth_timestamp;
string oauth_consumer_key;
string oauth_signature;
string oauth_version;
string req_url;
//set values to variables
var dt = DateTime.Now;
var ticks = dt.Ticks;
var seconds = ticks / TimeSpan.TicksPerSecond;
oauth_timestamp = seconds.ToString();
oauth_callback = "http://www.localhost:55593/TwitterSync.aspx";
oauth_nonce = Convert.ToBase64String(Guid.NewGuid().ToByteArray()).Substring(0, 16).ToString(); //random string
oauth_signature_method = "HMAC-SHA1";
oauth_consumer_key = "xxxx";
oauth_version = "1.0";
req_url = "https://api.twitter.com/oauth/request_token";
oauth_signature = create_auth_Signature_Task(oauth_nonce,oauth_callback,oauth_signature_method,oauth_timestamp,oauth_consumer_key,oauth_version,req_url);
///action
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(req_url);
request.Method = "POST";
request.UserAgent = "themattharris' HTTP Client";
request.Host = "api.twitter.com";
request.Headers.Add(HttpRequestHeader.Authorization, "OAuth oauth_callback = \"" + Uri.EscapeDataString(oauth_callback) + "\"" + ",oauth_consumer_key = \"" + oauth_consumer_key + "\",oauth_nonce = " + "\"" + oauth_nonce + "\", oauth_signature = \"" + oauth_signature + "\", oauth_signature_method = \"HMAC-SHA1\", oauth_timestamp = \"" + oauth_timestamp + "\", oauth_version = \"1.0\"");
WebResponse response = await request.GetResponseAsync();
Stream str = response.GetResponseStream();
StreamReader reader = new StreamReader(str);
dynamic resp = reader.ReadToEndAsync();
}
private string create_auth_Signature_Task(string oauth_nonce, string oauth_callback,
string oauth_signature_method, string oauth_timestamp, string oauth_consumer_key, string oauth_version, string req_url)
{
string oauth_nonce_enc = Uri.EscapeDataString(oauth_nonce);
string oauth_callback_enc = Uri.EscapeDataString(oauth_callback);
string oauth_signature_method_enc = Uri.EscapeDataString(oauth_signature_method);
string oauth_timestamp_enc = Uri.EscapeDataString(oauth_timestamp);
string oauth_consumer_key_enc = Uri.EscapeDataString(oauth_consumer_key);
string oauth_version_enc = Uri.EscapeDataString(oauth_version);
string req_url_enc = Uri.EscapeDataString(req_url);
string secret = "xxxx";
string signature_base = "POST&" + req_url_enc + "&" + Uri.EscapeDataString("oauth_consumer_key=" + oauth_consumer_key_enc + "&oauth_nonce=" + oauth_nonce + "&oauth_signature_method=" + oauth_signature_method_enc + "&oauth_timestamp=" + oauth_timestamp_enc + "&oauth_version=" + oauth_version_enc);
return ShaHash(signature_base, secret);
}
private string ShaHash(string value, string key)
{
using (var hmac = new HMACSHA1(Encoding.UTF32.GetBytes(key)))
{
return ByteToString(hmac.ComputeHash(Encoding.UTF32.GetBytes(value)));
}
}
static string ByteToString(IEnumerable<byte> data)
{
return string.Concat(data.Select(b => b.ToString("x2")));
}
我都是按照这个page做的。现在我迷路了,为什么它不起作用?
您没有正确计算 oauth_timestamp。这应该计算为 Unix 时间,即自 1970 年 1 月 1 日 00:00:00 UTC 以来的秒数。
int unixTimestamp = (int)DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1)).TotalSeconds;
或使用 .NET 4.6
long unixTimestamp = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
此外,用于创建签名的签名密钥应该是百分比编码的消费者秘密和百分比编码的令牌秘密的串联,由与号 (&) 连接。在获取请求令牌的情况下,令牌机密尚不清楚,因此您应该只使用消费者机密,后跟一个与号 (&)。
var signingKey = oauth_consumer_key_enc + "&";
最后你应该 return 在你计算你的散列后 Base64 编码的字符串所以你的函数变成:
private string ShaHash(string value, string signingKey)
{
using (var hmac = new HMACSHA1(Encoding.ASCII.GetBytes(signingKey)))
{
return Convert.ToBase64String(hmac.ComputeHash(Encoding.ASCII.GetBytes(value)));
}
}
我这里有一些代码,我收到错误 401 未授权。我已经检查了使用 twitter 框登录。
public async Task get_Oauth_token_TaskAsync()
{
//variables for action
string oauth_nonce;
string oauth_callback;
string oauth_signature_method;
string oauth_timestamp;
string oauth_consumer_key;
string oauth_signature;
string oauth_version;
string req_url;
//set values to variables
var dt = DateTime.Now;
var ticks = dt.Ticks;
var seconds = ticks / TimeSpan.TicksPerSecond;
oauth_timestamp = seconds.ToString();
oauth_callback = "http://www.localhost:55593/TwitterSync.aspx";
oauth_nonce = Convert.ToBase64String(Guid.NewGuid().ToByteArray()).Substring(0, 16).ToString(); //random string
oauth_signature_method = "HMAC-SHA1";
oauth_consumer_key = "xxxx";
oauth_version = "1.0";
req_url = "https://api.twitter.com/oauth/request_token";
oauth_signature = create_auth_Signature_Task(oauth_nonce,oauth_callback,oauth_signature_method,oauth_timestamp,oauth_consumer_key,oauth_version,req_url);
///action
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(req_url);
request.Method = "POST";
request.UserAgent = "themattharris' HTTP Client";
request.Host = "api.twitter.com";
request.Headers.Add(HttpRequestHeader.Authorization, "OAuth oauth_callback = \"" + Uri.EscapeDataString(oauth_callback) + "\"" + ",oauth_consumer_key = \"" + oauth_consumer_key + "\",oauth_nonce = " + "\"" + oauth_nonce + "\", oauth_signature = \"" + oauth_signature + "\", oauth_signature_method = \"HMAC-SHA1\", oauth_timestamp = \"" + oauth_timestamp + "\", oauth_version = \"1.0\"");
WebResponse response = await request.GetResponseAsync();
Stream str = response.GetResponseStream();
StreamReader reader = new StreamReader(str);
dynamic resp = reader.ReadToEndAsync();
}
private string create_auth_Signature_Task(string oauth_nonce, string oauth_callback,
string oauth_signature_method, string oauth_timestamp, string oauth_consumer_key, string oauth_version, string req_url)
{
string oauth_nonce_enc = Uri.EscapeDataString(oauth_nonce);
string oauth_callback_enc = Uri.EscapeDataString(oauth_callback);
string oauth_signature_method_enc = Uri.EscapeDataString(oauth_signature_method);
string oauth_timestamp_enc = Uri.EscapeDataString(oauth_timestamp);
string oauth_consumer_key_enc = Uri.EscapeDataString(oauth_consumer_key);
string oauth_version_enc = Uri.EscapeDataString(oauth_version);
string req_url_enc = Uri.EscapeDataString(req_url);
string secret = "xxxx";
string signature_base = "POST&" + req_url_enc + "&" + Uri.EscapeDataString("oauth_consumer_key=" + oauth_consumer_key_enc + "&oauth_nonce=" + oauth_nonce + "&oauth_signature_method=" + oauth_signature_method_enc + "&oauth_timestamp=" + oauth_timestamp_enc + "&oauth_version=" + oauth_version_enc);
return ShaHash(signature_base, secret);
}
private string ShaHash(string value, string key)
{
using (var hmac = new HMACSHA1(Encoding.UTF32.GetBytes(key)))
{
return ByteToString(hmac.ComputeHash(Encoding.UTF32.GetBytes(value)));
}
}
static string ByteToString(IEnumerable<byte> data)
{
return string.Concat(data.Select(b => b.ToString("x2")));
}
我都是按照这个page做的。现在我迷路了,为什么它不起作用?
您没有正确计算 oauth_timestamp。这应该计算为 Unix 时间,即自 1970 年 1 月 1 日 00:00:00 UTC 以来的秒数。
int unixTimestamp = (int)DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1)).TotalSeconds;
或使用 .NET 4.6
long unixTimestamp = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
此外,用于创建签名的签名密钥应该是百分比编码的消费者秘密和百分比编码的令牌秘密的串联,由与号 (&) 连接。在获取请求令牌的情况下,令牌机密尚不清楚,因此您应该只使用消费者机密,后跟一个与号 (&)。
var signingKey = oauth_consumer_key_enc + "&";
最后你应该 return 在你计算你的散列后 Base64 编码的字符串所以你的函数变成:
private string ShaHash(string value, string signingKey)
{
using (var hmac = new HMACSHA1(Encoding.ASCII.GetBytes(signingKey)))
{
return Convert.ToBase64String(hmac.ComputeHash(Encoding.ASCII.GetBytes(value)));
}
}