当前位置: 文江博客话题详情

Twitter OAuth 验证仅在我更改页面之前有效?

发布于 2024-10-17 12:39:24 字数 3279 浏览 3 评论 0原文

我在网上找到了一个库来开始使用 Twitter OAuth,它让我能够连接,并能够从 Twitter 中提取一些数据。我将令牌保存到会话中(我将把它们放入数据库中进行生产,但我现在只是想了解基础知识)。当我切换到不同的页面并且无法再进行 API 调用时,问题就出现了。

这是我的代码:(

如果我的括号与此处不完全匹配,那是因为我删除了 twitter 部分来显示)

session_start();
if(strtolower($_GET['via']) == 'twitter'){
    //login to twitter
    $from = strip_tags($_GET['from']);
    $connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET);
     /* Get temporary credentials. */
    $request_token = $connection->getRequestToken($from);
    /* Save temporary credentials to session. */
    $_SESSION['oauth_token'] = $token = $request_token['oauth_token'];
    $_SESSION['oauth_token_secret'] = $request_token['oauth_token_secret'];
    switch ($connection->http_code) {
      case 200:
        /* Build authorize URL and redirect user to Twitter. */
        $url = $connection->getAuthorizeURL($token);
        header('Location: ' . $url);
        break;
      default:
        /* Show notification if something went wrong. */
        echo 'Could not connect to Twitter. Refresh the page or try again later.';
        }
    }elseif(!empty($_GET['oauth_verifier']) && !empty($_SESSION['oauth_token']) && !empty($_SESSION['oauth_token_secret'])){
/* If last connection failed don't display authorization link. */
$_SESSION['oauth_verifier'] = $_GET['oauth_verifier'];
$twitteroauth = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
// Let's request the access token
$access_token = $twitteroauth->getAccessToken($_SESSION['oauth_verifier']);
// Save it in a session var
$_SESSION['access_token'] = $access_token;
// Let's get the user's info
$user_info = $twitteroauth->get('account/verify_credentials');
$home_timeline = $twitteroauth->get('statuses/home_timeline', array('count' => 3));
// Print user's info
echo "<pre>";
print_r($user_info);
echo "</pre>";
echo "<pre>";
print_r($home_timeline);
echo "</pre>";
}

因此,在保存到变量并进行身份验证后,我就可以按预期查询 API。当我切换到具有与 elseif() 块中基本相同的代码的不同页面后,当我尝试提取数据时,我简单地收到以下错误消息:

stdClass Object
(
[request] => /1/account/verify_credentials.json?oauth_consumer_key=djtrixYaxkM4QFzhtfTg&oauth_nonce=8d27112c1ee645b4253c8f803cf428d4&oauth_signature=N6Ug5w%2BNqzo%2FY%2By7UuO0jDqWUdA%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1297720180&oauth_token=&oauth_version=1.0
[error] => Could not authenticate you.
)

有关如何获得此身份验证的任何见解在整个会话中“坚持”?

编辑 如下所示,URL 中的 oauth_token 没有值。所以我做了一个 print_r($_SESSION) ,我发现 $_SESSION['oauth_token'] 确实有一个值。

Array ( 
[oauth_token] => 12345
[oauth_token_secret] => 67890
[oauth_verifier] => [access_token] => Array (
    [ "1.0" encoding="UTF-8"?> /oauth/access_token?oauth_consumer_key=111111
    [amp;oauth_nonce] => 222222
    [amp;oauth_signature] => 777777= 
    [amp;oauth_signature_method] => HMAC-SHA1 
    [amp;oauth_timestamp] => 1297783851 
    [amp;oauth_token] => 12345
    [amp;oauth_version] => 1.0 Invalid / expired Token 
    )
)

这个数组看起来可能格式错误,但我承认我不知道它应该是什么样子。而且,由于我没有对库进行任何更改 - 只是演示代码 - 我不确定这是如何发生的。

原文

I found a library online to get started with Twitter OAuth and it gets me connected, and able to pull down some data from Twitter. I save the tokens to a session (I will be putting them into a database for production, but I'm just trying to get the basics for now). The problem comes when I change to a different page and am no longer able to make API calls.

Here is my code:

(If my brackets don't exactly match here, it's because I stripped the twitter portion out to show)

session_start();
if(strtolower($_GET['via']) == 'twitter'){
    //login to twitter
    $from = strip_tags($_GET['from']);
    $connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET);
     /* Get temporary credentials. */
    $request_token = $connection->getRequestToken($from);
    /* Save temporary credentials to session. */
    $_SESSION['oauth_token'] = $token = $request_token['oauth_token'];
    $_SESSION['oauth_token_secret'] = $request_token['oauth_token_secret'];
    switch ($connection->http_code) {
      case 200:
        /* Build authorize URL and redirect user to Twitter. */
        $url = $connection->getAuthorizeURL($token);
        header('Location: ' . $url);
        break;
      default:
        /* Show notification if something went wrong. */
        echo 'Could not connect to Twitter. Refresh the page or try again later.';
        }
    }elseif(!empty($_GET['oauth_verifier']) && !empty($_SESSION['oauth_token']) && !empty($_SESSION['oauth_token_secret'])){
/* If last connection failed don't display authorization link. */
$_SESSION['oauth_verifier'] = $_GET['oauth_verifier'];
$twitteroauth = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
// Let's request the access token
$access_token = $twitteroauth->getAccessToken($_SESSION['oauth_verifier']);
// Save it in a session var
$_SESSION['access_token'] = $access_token;
// Let's get the user's info
$user_info = $twitteroauth->get('account/verify_credentials');
$home_timeline = $twitteroauth->get('statuses/home_timeline', array('count' => 3));
// Print user's info
echo "<pre>";
print_r($user_info);
echo "</pre>";
echo "<pre>";
print_r($home_timeline);
echo "</pre>";
}

So after saving to a variable and authenticating, I then am able to query the API as expected. After I switch to a different page with essentially the same code as in the elseif() block, I simple recieve the following error message when I attempt to pull data:

stdClass Object
(
[request] => /1/account/verify_credentials.json?oauth_consumer_key=djtrixYaxkM4QFzhtfTg&oauth_nonce=8d27112c1ee645b4253c8f803cf428d4&oauth_signature=N6Ug5w%2BNqzo%2FY%2By7UuO0jDqWUdA%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1297720180&oauth_token=&oauth_version=1.0
[error] => Could not authenticate you.
)

Any insight on how I can get this authentication to "stick" across the session?

EDIT
As pointed out below, in the URL oauth_token has no value. So I did a print_r($_SESSION) and I am seeing that $_SESSION['oauth_token'] does indeed have a value.

Array ( 
[oauth_token] => 12345
[oauth_token_secret] => 67890
[oauth_verifier] => [access_token] => Array (
    [ "1.0" encoding="UTF-8"?> /oauth/access_token?oauth_consumer_key=111111
    [amp;oauth_nonce] => 222222
    [amp;oauth_signature] => 777777= 
    [amp;oauth_signature_method] => HMAC-SHA1 
    [amp;oauth_timestamp] => 1297783851 
    [amp;oauth_token] => 12345
    [amp;oauth_version] => 1.0 Invalid / expired Token 
    )
)

This array looks like it might be malformed, but I'll freely admit I don't know what it should look like. And, as I didn't make any changes to the library - just the demo code - I'm not sure how that could have happened.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

<逆流佳人身旁 2024-10-24 12:39:24

请注意,oauth_token 没有值。在您的其他页面上,您可能没有启动会话,或者没有正确地将访问令牌从会话中提取出来。

Notice that oauth_token has no value. On your other pages you are probably not initiating the session or you are not properly pulling the access token out of the session.

回复 原文
放低过去 2024-10-24 12:39:24

尝试将 OAuth oauth_timestamp 增加几个小时。

在 PHP OAuth 客户端中,它看起来像这样:

private static function generate_timestamp() {
    return time()+5*3600;
}

资源

http://www.backward兼容.net/149-Twitter-Timestamp-out-of-bounds-solved

Try to increase OAuth oauth_timestamp by a couple of hours.

In PHP OAuth client it looks like this:

private static function generate_timestamp() {
    return time()+5*3600;
}

resources

http://www.backwardcompatible.net/149-Twitter-Timestamp-out-of-bounds-solved

回复 原文
~没有更多了~

关于作者

我只土不豪

暂无简介

0 文章
0 评论
23 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

苦中寻乐

文章 0 评论 0

lueluelue

文章 0 评论 0

嗼ふ静

文章 0 评论 0

王权女流氓

文章 0 评论 0

与花如笺

文章 0 评论 0

残酷

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文