通过 Django Piston 请求令牌引发 TypeError 异常

【问题标题】:Requesting Token via Django Piston Throws TypeError Exception通过 Django Piston 请求令牌引发 TypeError 异常
【发布时间】:2011-05-19 11:29:18
【问题描述】:

在 Django Piston 中尝试通过 OAuth 进行身份验证时,抛出以下异常:

Environment:

Request Method: GET
Request URL: http://localhost:8000/api/oauth/request_token/?oauth_nonce=32921052&oauth_timestamp=1291331173&oauth_consumer_key=ghof7av2vu8hal2hek&oauth_signature_method=HMAC-SHA1&oauth_version=1.0&oauth_signature=
Python Version: 


Traceback:
File "/Users/derek/.virtualenvs/optimal-rest/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
  100.                     response = callback(request, *callback_args, **callback_kwargs)
File "/Users/derek/.virtualenvs/optimal-rest/lib/python2.7/site-packages/piston/authentication.py" in oauth_request_token
  130.         token = oauth_server.fetch_request_token(oauth_request)
File "/Users/derek/.virtualenvs/optimal-rest/lib/python2.7/site-packages/piston/oauth.py" in fetch_request_token
  302.             self._check_signature(oauth_request, consumer, None)
File "/Users/derek/.virtualenvs/optimal-rest/lib/python2.7/site-packages/piston/oauth.py" in _check_signature
  393.         valid_sig = signature_method.check_signature(oauth_request, consumer, token, signature)
File "/Users/derek/.virtualenvs/optimal-rest/lib/python2.7/site-packages/piston/oauth.py" in check_signature
  482.         built = self.build_signature(oauth_request, consumer, token)
File "/Users/derek/.virtualenvs/optimal-rest/lib/python2.7/site-packages/piston/oauth.py" in build_signature
  513.             hashed = hmac.new(key, raw, sha)
File "/usr/local/Cellar/python/2.7/lib/python2.7/hmac.py" in new
  133.     return HMAC(key, msg, digestmod)
File "/usr/local/Cellar/python/2.7/lib/python2.7/hmac.py" in __init__
  72.         self.outer.update(key.translate(trans_5C))

Exception Type: TypeError at /api/oauth/request_token/?oauth_nonce=32921052&oauth_timestamp=1291331173&oauth_consumer_key=ghof7av2vu8hal2hek&oauth_signature_method=HMAC-SHA1&oauth_version=1.0&oauth_signature=
Exception Value: character mapping must return integer, None or unicode

不知道这是 Piston 中的错误还是我无法使用 oauth2 库。

消费者代码:

import os
import cgi
import oauth2 as oauth

# settings for the local test consumer
CONSUMER_SERVER = os.environ.get("CONSUMER_SERVER") or 'localhost'
CONSUMER_PORT = os.environ.get("CONSUMER_PORT") or '8000'
print CONSUMER_SERVER , CONSUMER_PORT 

# fake urls for the test server (matches ones in server.py)
REQUEST_TOKEN_URL = 'http://%s:%s/api/oauth/request_token/' % (CONSUMER_SERVER, CONSUMER_PORT)
ACCESS_TOKEN_URL = 'http://%s:%s/api/oauth/access_token/' % (CONSUMER_SERVER, CONSUMER_PORT)
AUTHORIZE_URL = 'http://%s:%s/api/oauth/authorize/' % (CONSUMER_SERVER, CONSUMER_PORT)

# key and secret granted by the service provider for this consumer application - same as the MockOAuthDataStore
CONSUMER_KEY = 'ghof7av2vu8hal2hek'
CONSUMER_SECRET = 'ohhey'

consumer = oauth.Consumer(CONSUMER_KEY, CONSUMER_SECRET)
client = oauth.Client(consumer)

# Step 1: Get a request token. This is a temporary token that is used for 
# having the user authorize an access token and to sign the request to obtain 
# said access token.

resp, content = client.request(REQUEST_TOKEN_URL, "GET")
if resp['status'] != '200':
    raise Exception("Invalid response %s." % resp['status'])

引用 https://github.com/clemesha/django-piston-oauth-example 获取消费者代码。

【问题讨论】:

  • 我也遇到了同样的问题,你找到解决办法了吗?

标签: python django oauth django-piston


【解决方案1】:

这是一个活塞问题,来自消费者的密钥/秘密的编码问题。 解决方案是强制将从数据库返回的密钥/秘密编码为 ASCII。

在Piston的store.py文件中,修改lookup_consumer,如下所示:

def lookup_consumer(self, key):
    try:
        self.consumer = Consumer.objects.get(key=key)
        self.consumer.key = self.consumer.key.encode('ascii')
        self.consumer.secret = self.consumer.secret.encode('ascii')
        return self.consumer
    except Consumer.DoesNotExist:
        return None

Here 是我的 django-piston 分支解决了这个问题。

【讨论】:

    【解决方案2】:

    如果传入 unicode 键值,Piston 的“oauth.py”模块的“build_signature()”方法中也会出现此问题。我在使用上面提到的 clemesha/django-piston-oauth-example 客户端代码时发现了这个问题因为在提示输入“PIN 码”后一直失败。

    潜在问题在此处记录为问题 #169: https://bitbucket.org/jespern/django-piston/issue/169/oauth-request-token-error-with-hmac

    上述的重新编码方案也适用于这种情况:

    def build_signature(self, oauth_request, consumer, token):
    """Builds the base signature string."""
    key, raw = self.build_signature_base_string(oauth_request, consumer,
        token)

    #BUG: character mapping must return integer, None or unicode
    #FIX:
    key = key.encode('ascii')

    # HMAC object.
    try:
        import hashlib # 2.5
        hashed = hmac.new(key, raw, hashlib.sha1)
    except:
        import sha # Deprecated
        hashed = hmac.new(key, raw, sha)

    # Calculate the digest base 64.
    return binascii.b2a_base64(hashed.digest())[:-1]

    【讨论】:

      猜你喜欢
      • 2017-10-21
      • 1970-01-01
      • 2013-02-24
      • 1970-01-01
      • 2019-12-08
      • 1970-01-01
      • 2020-09-29
      • 1970-01-01
      • 2017-12-19
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode