使用 OAuth 从 Flickr 获取访问令牌时签名无效
我正在为 iPhone 实现一个 Flicker 客户端,并且正在使用 OAuth
我成功地请求了令牌并将用户重定向到身份验证页面,
我的问题是当我尝试请求我收到的访问令牌时:
oauth_problem =签名_无效 这是我的标题:
header OAuth realm="",
oauth_callback="oob",
oauth_consumer_key="XXXXX",
oauth_token="XXXX",
oauth_verifier="XXXX",
oauth_signature_method="HMAC-SHA1",
oauth_signature="XX",
oauth_timestamp="1309773699",
oauth_nonce="XXX",
oauth_version="1.0"
这是我的基本字符串:
POST&http%3A%2F%2Fwww.flickr.com%2Fservices%2Foauth%2Faccess_token&
oauth_consumer_key%3DXXXX%26
oauth_nonce%3DXXXX%26
oauth_signature_method%3DHMAC-SHA1%26
oauth_token%3DXXXX%26
oauth_timestamp%3D1309773699%26
oauth_verifier%3DXXXX%26
oauth_version%3D1.0
提前谢谢您,
I'm implementing a Flicker Client for the IPhone, and I am using OAuth
I managed to request the tokens successfully as well as redirecting the user to the authentication page,
My problem is when I try to ask for the access token I receive:
oauth_problem=signature_invalid
Here's my header:
header OAuth realm="",
oauth_callback="oob",
oauth_consumer_key="XXXXX",
oauth_token="XXXX",
oauth_verifier="XXXX",
oauth_signature_method="HMAC-SHA1",
oauth_signature="XX",
oauth_timestamp="1309773699",
oauth_nonce="XXX",
oauth_version="1.0"
and here's my Base String:
POST&http%3A%2F%2Fwww.flickr.com%2Fservices%2Foauth%2Faccess_token&
oauth_consumer_key%3DXXXX%26
oauth_nonce%3DXXXX%26
oauth_signature_method%3DHMAC-SHA1%26
oauth_token%3DXXXX%26
oauth_timestamp%3D1309773699%26
oauth_verifier%3DXXXX%26
oauth_version%3D1.0
Thank you in advance,
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
通过从标头中删除回调属性解决了该问题。
因为签名是从标头重新生成的,然后与基本字符串进行比较。
因此,请确保标头包含与基本字符串相同的信息。
通过将我的标头与 Flicker API 中的示例进行比较,我发现了这一点。
The problem was solved by removing the callback attribute from the header.
as the signature is regenerated from the header and then compared with the base string..
So, make sure that the header contains the same information as the base string.
I found that by comparing my header with an example from the Flicker API..