从 Twitter 请求访问令牌时的哈希值错误 API
Wrong hash value when requesting access token from Twitter API
我正在学习这个有效的教程 here by Twitter on how to implement a 3-legged oauth flow. Particularly I am stuck on generating a signature. When I follow the how to generate a signature tutorial,我可以像这样验证签名:
import hmac
import hashlib
import base64
digest = hmac.new("kAcSOqF21Fu85e7zjz7ZN2U4ZRhfV3WpwPAoE3Z7kBw&LswwdoUaIvS8ltyTt5jkRh4J50vUPVVHtR2YPi5kE".encode(), "POST&https%3A%2F%2Fapi.twitter.com%2F1.1%2Fstatuses%2Fupdate.json&include_entities%3Dtrue%26oauth_consumer_key%3Dxvz1evFS4wEEPTGEFPHBog%26oauth_nonce%3DkYjzVBB8Y0ZFabxSWbWovY3uYSQ2pTgmZeNu2VS4cg%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1318622958%26oauth_token%3D370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb%26oauth_version%3D1.0%26status%3DHello%2520Ladies%2520%252B%2520Gentlemen%252C%2520a%2520signed%2520OAuth%2520request%2521".encode(), hashlib.sha1)
signature = base64.b64encode(digest.digest())
这会产生预期的“hCtSmYh+iHYCEqBWrE7C7hYmtUk=”结果。
但是当我运行登录教程中变量的相同代码时,我没有得到正确的结果,请看这里:
import hmac
import hashlib
import base64
import urllib
digest = hmac.new("L8qq9PZyRg6ieKGEKhZolGC0vJWLw8iEJ88DRdyOg&".encode(), "POST&https%3A%2F%2Fapi.twitter.com%2Foauth%2Frequest_token&oauth_callback%3Dhttp%3A%2F%2Flocalhost%2Fsign-in-with-twitter%2F%26oauth_consumer_key%3DcChZNFj6T5R0TigYB9yd1w%26oauth_nonce%3Dea9ec8429b68d6b77cd5600adbbb0456%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1318467427%26oauth_version%3D1.0".encode(), hashlib.sha1)
signature = urllib.quote(base64.b64encode(digest.digest()))
这给了我签名“52p9NEN/ZvtrV7DgroTrODYr6dM%3D”,这不是教程中规定的签名:“F1Li3tvehgcraF8DMJ7OyxO4w9Y%3D”。我想知道我怎样才能得到这个签名?我使用与教程相同的所有变量。
事实证明教程中的散列确实是错误的,不要尝试对其进行编程。
我正在学习这个有效的教程 here by Twitter on how to implement a 3-legged oauth flow. Particularly I am stuck on generating a signature. When I follow the how to generate a signature tutorial,我可以像这样验证签名:
import hmac
import hashlib
import base64
digest = hmac.new("kAcSOqF21Fu85e7zjz7ZN2U4ZRhfV3WpwPAoE3Z7kBw&LswwdoUaIvS8ltyTt5jkRh4J50vUPVVHtR2YPi5kE".encode(), "POST&https%3A%2F%2Fapi.twitter.com%2F1.1%2Fstatuses%2Fupdate.json&include_entities%3Dtrue%26oauth_consumer_key%3Dxvz1evFS4wEEPTGEFPHBog%26oauth_nonce%3DkYjzVBB8Y0ZFabxSWbWovY3uYSQ2pTgmZeNu2VS4cg%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1318622958%26oauth_token%3D370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb%26oauth_version%3D1.0%26status%3DHello%2520Ladies%2520%252B%2520Gentlemen%252C%2520a%2520signed%2520OAuth%2520request%2521".encode(), hashlib.sha1)
signature = base64.b64encode(digest.digest())
这会产生预期的“hCtSmYh+iHYCEqBWrE7C7hYmtUk=”结果。
但是当我运行登录教程中变量的相同代码时,我没有得到正确的结果,请看这里:
import hmac
import hashlib
import base64
import urllib
digest = hmac.new("L8qq9PZyRg6ieKGEKhZolGC0vJWLw8iEJ88DRdyOg&".encode(), "POST&https%3A%2F%2Fapi.twitter.com%2Foauth%2Frequest_token&oauth_callback%3Dhttp%3A%2F%2Flocalhost%2Fsign-in-with-twitter%2F%26oauth_consumer_key%3DcChZNFj6T5R0TigYB9yd1w%26oauth_nonce%3Dea9ec8429b68d6b77cd5600adbbb0456%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1318467427%26oauth_version%3D1.0".encode(), hashlib.sha1)
signature = urllib.quote(base64.b64encode(digest.digest()))
这给了我签名“52p9NEN/ZvtrV7DgroTrODYr6dM%3D”,这不是教程中规定的签名:“F1Li3tvehgcraF8DMJ7OyxO4w9Y%3D”。我想知道我怎样才能得到这个签名?我使用与教程相同的所有变量。
事实证明教程中的散列确实是错误的,不要尝试对其进行编程。