facebook api 超过休息得到不正确的签名104
我正在尝试发送rest api Users.getLoggedInUser 我拥有所有秘密会话和所有身份验证 根据该网站: http://wiki.developers.facebook.com/index.php/Authorization_and_Authentication_for_Desktop_Applications 这是我的代码(cpp QT,但它可以是其他任何东西):
QString toAPISignature =
"api_key="
+ API_KEY
+ "call_id=" + strCallid
+ "format=XML"
+ "method=Users.getLoggedInUser"
+ "session_key="+ fbSessionKey
+ "v=1.0"+m_fbSecretKey;
QByteArray hashedApiData= QCryptographicHash::hash(toAPISignature.toAscii(),
QCryptographicHash::Md5);
QString APIMD5Signature(hashedApiData);
.....
.....
.....
// now set the api request
QUrl api_url;
api_url.setUrl(FB_REST_URL);
api_url.addQueryItem("api_key",API_KEY);
api_url.addQueryItem("session_key",fbSessionKey);
api_url.addQueryItem("call_id",strCallid);
api_url.addQueryItem("sig",APIMD5Signature);
api_url.addQueryItem("format","XML");
api_url.addQueryItem("method","Users.getLoggedInUser");
api_url.addQueryItem("v","1.0");
then i init the request object :
QNetworkRequest request;
request.setHeader(QNetworkRequest::ContentTypeHeader,"application/x-www-form-urlencoded");
request.setRawHeader("User-Agent", "Facebook API Client 0.1");
request.setUrl(url);
do the get request :
QEventLoop loop;
QNetworkReply *reply = networkManager->get(request);
connect(reply, SIGNAL(finished()), &loop, SLOT(quit()));
loop.exec();
QByteArray data=reply->readAll();
这是我返回的 xml: 看看..为什么签名看起来像这样? 散列 MD5 看起来像一组数字吗?
<arg>
<key>sig</key>
<value>N{?¬???¬@?±B???????¶</value>
</arg>
<?xml version="1.0" encoding="UTF-8"?>
<error_response xmlns="http://api.facebook.com/1.0/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://api.facebook.com/1.0/ http://api.facebook.com/1.0/facebook.xsd">
<error_code>104</error_code>
<error_msg>Incorrect signature</error_msg>
<request_args list="true">
<arg>
<key>api_key</key>
<value>bc5xxxxxxxxx57811</value>
</arg>
<arg>
<key>session_key</key>
<value>a99fdxxxxxxx5c2-100xxxxx455</value>
</arg>
<arg>
<key>call_id</key>
<value>1</value>
</arg>
<arg>
<key>sig</key>
<value>N{?¬???¬@?±B???????¶</value>
</arg>
<arg>
<key>format</key>
<value>XML</value>
</arg>
<arg>
<key>method</key>
<value>Users.getLoggedInUser</value>
</arg>
<arg>
<key>v</key>
<value>1.0</value>
</arg>
</request_args>
</error_response>
im trying to send rest api Users.getLoggedInUser
i have all the secret session and all the Authenticationi made
according to this site :
http://wiki.developers.facebook.com/index.php/Authorization_and_Authentication_for_Desktop_Applications
here is my code (cpp QT but it can be any thing else ) :
QString toAPISignature =
"api_key="
+ API_KEY
+ "call_id=" + strCallid
+ "format=XML"
+ "method=Users.getLoggedInUser"
+ "session_key="+ fbSessionKey
+ "v=1.0"+m_fbSecretKey;
QByteArray hashedApiData= QCryptographicHash::hash(toAPISignature.toAscii(),
QCryptographicHash::Md5);
QString APIMD5Signature(hashedApiData);
.....
.....
.....
// now set the api request
QUrl api_url;
api_url.setUrl(FB_REST_URL);
api_url.addQueryItem("api_key",API_KEY);
api_url.addQueryItem("session_key",fbSessionKey);
api_url.addQueryItem("call_id",strCallid);
api_url.addQueryItem("sig",APIMD5Signature);
api_url.addQueryItem("format","XML");
api_url.addQueryItem("method","Users.getLoggedInUser");
api_url.addQueryItem("v","1.0");
then i init the request object :
QNetworkRequest request;
request.setHeader(QNetworkRequest::ContentTypeHeader,"application/x-www-form-urlencoded");
request.setRawHeader("User-Agent", "Facebook API Client 0.1");
request.setUrl(url);
do the get request :
QEventLoop loop;
QNetworkReply *reply = networkManager->get(request);
connect(reply, SIGNAL(finished()), &loop, SLOT(quit()));
loop.exec();
QByteArray data=reply->readAll();
and this is the xml im getting back:
look ..why the sig looks like this ?
does the hash MD5 suppose to look like set of numbers ?
<arg>
<key>sig</key>
<value>N{?¬???¬@?±B???????¶</value>
</arg>
<?xml version="1.0" encoding="UTF-8"?>
<error_response xmlns="http://api.facebook.com/1.0/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://api.facebook.com/1.0/ http://api.facebook.com/1.0/facebook.xsd">
<error_code>104</error_code>
<error_msg>Incorrect signature</error_msg>
<request_args list="true">
<arg>
<key>api_key</key>
<value>bc5xxxxxxxxx57811</value>
</arg>
<arg>
<key>session_key</key>
<value>a99fdxxxxxxx5c2-100xxxxx455</value>
</arg>
<arg>
<key>call_id</key>
<value>1</value>
</arg>
<arg>
<key>sig</key>
<value>N{?¬???¬@?±B???????¶</value>
</arg>
<arg>
<key>format</key>
<value>XML</value>
</arg>
<arg>
<key>method</key>
<value>Users.getLoggedInUser</value>
</arg>
<arg>
<key>v</key>
<value>1.0</value>
</arg>
</request_args>
</error_response>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
最大的问题是您需要将 hashedApiData QByteArray 转换为十六进制:
这可能会为您完成,但您仍然可能会导致来回转换为字符串的问题,而您实际上不需要这样做。
以下是我如何处理创建 sig 并将帖子发布到 Facebook 的方法。
m_argMap
包含 POST 对(例如 <"format","XML">),但 POST 不需要但 sig 需要的密钥除外。 (我在那里使用 QVariant 是因为在 QMap 到达这里之前发生了一些预处理)。The big problem is that you need to convert the hashedApiData QByteArray to Hex:
That may do it for you, but you can still cause problems converting back and forth to strings, which you really don't need to do.
Here's how I handle creating the sig and doing the post to facebook. The
m_argMap
contains the pairs for the POST (e.g. <"format","XML">) except for the secret which isn't needed for the POST but is needed for the sig. (I'm using a QVariant there due to some pre-processing that happens involving that QMap before it gets here).