OAuth 签名生成

【问题标题】:OAuth signature generationOAuth 签名生成
【发布时间】:2017-03-17 18:29:04
【问题描述】:

我有一个 Magento 2 与 Wordpress 的集成。我在 Wordpress 中调用需要身份验证的 REST API 调用。我正在使用 OAuth 1.0a。

看起来我在创建 OAuth 签名时遇到了麻烦。 Wordpress 总是返回错误:

string(106) "{"code":"json_oauth1_signature_mismatch","message":"OAuth signature does not match","data":{"status":401}}"

创建 OAuth 签名的代码如下(我基于从 Magento 中找到的代码)

public function buildAuthorizationHeader(
        $params,
        $requestUrl,
        $signatureMethod = self::SIGNATURE_SHA1,
        $httpMethod = 'POST'
    ) {
        $headerParameters = [
            'oauth_nonce' => $this->_nonceGenerator->generateNonce(null),
            'oauth_timestamp' => $this->_nonceGenerator->generateTimestamp(),
            'oauth_version' => '1.0',
            'oauth_signature_method' => $signatureMethod
        ];
        $headerParameters = array_merge($headerParameters, $params);
        $headerParameters['oauth_signature'] = $this->_httpUtility->sign(
            $params,
            $signatureMethod,
            $headerParameters['oauth_consumer_secret'],
            $headerParameters['oauth_token_secret'],
            $httpMethod,
            $requestUrl
        );

        $authorizationHeader = $this->_httpUtility->toAuthorizationHeader($headerParameters);
        $authorizationHeader =  str_replace('realm="",', '', $authorizationHeader);
        return $authorizationHeader;
    }

关于我可能做错了什么的任何线索。

提前致谢,

【问题讨论】:

    标签: php wordpress magento oauth


    【解决方案1】:

    现在回答太晚了,但发布此内容将供其他人参考。

    使用 Groovy 生成 OAuth 1.0 签名:

    import javax.crypto.spec.SecretKeySpec;
import javax.crypto.Mac;
import java.net.URLEncoder; 
import com.eviware.soapui.support.types.StringToStringMap;
def method = "POST";
def protocal = "https";
def host = "testurl.com";
def port = "8888";
def baseURI = "https://testurl.com:8888";
def api = "/getAccess";
def encodedURL = URLEncoder.encode(baseURI + api,"UTF-8");
def baseString = method + "&" + encodedURL + "&clientID=1234567890" + "&clientPassword=testpassword";
 SecretKeySpec key = new SecretKeySpec(("1232131231232132131232321321").getBytes("UTF-8"),"HmacSHA1"); 
 //1232131231232132131232321321 - Secret key
    Mac mac = Mac.getInstance("HmacSHA1");
    mac.init(key); 
    byte[] bytes = mac.doFinal(baseString.getBytes("UTF-8")); 
    StringBuilder sb = new StringBuilder();
for (byte b : bytes) {
    sb.append(String.format("%1\$02X", b));
}
log.info( sb.toString().toLowerCase());

    在 Javascript 中:

    var method = "POST";
var protocal = "https";
var host = "testUrl.com";
var port = "8888";
var baseURI = "https://testUrl.com:8888/";
var api = "/getAccess";
var encodedURL = encodeURIComponent(baseURI + api)
var baseString = method + "&" + encodedURL + "&clientID=" + "client-id" + "&clientPassword=" + "client-pass"
var signature = CryptoJS.HmacSHA1(baseString, "123123123123123123");
// 123123123123123123 - secret key
var hexSignature = signature.toString(CryptoJS.enc.Hex);
console.log(hexSignature);

    【讨论】:

      【解决方案2】:

      我没有签署完整的参数,只是一个子集。现在工作完美。我发布我的课程以防有人发现它有用:)

      use Magento\Framework\App\Helper\AbstractHelper;

class OAuth extends AbstractHelper
{
    const SIGNATURE_SHA1 = 'HMAC-SHA1';

    /**
     * @var  \Zend_Oauth_Http_Utility
     */
    protected $_httpUtility;

    /**
     * @var \Magento\Framework\Oauth\NonceGeneratorInterface
     */
    protected $_nonceGenerator;

    public function __construct(
        \Magento\Framework\Oauth\NonceGeneratorInterface $nonceGenerator,
        \Zend_Oauth_Http_Utility $httpUtility = null
    ) {
        $this->_nonceGenerator = $nonceGenerator;
        // null default to prevent ObjectManagerFactory from injecting, see MAGETWO-30809
        $this->_httpUtility = $httpUtility ?: new \Zend_Oauth_Http_Utility();
    }

    public function buildAuthorizationHeader(
        $params,
        $requestUrl,
        $httpMethod = 'POST'
    ) {
        $headerParameters = [
            'oauth_nonce' => $this->_nonceGenerator->generateNonce(null),
            'oauth_timestamp' => $this->_nonceGenerator->generateTimestamp(),
            'oauth_version' => '1.0',
            'oauth_signature_method' => self::SIGNATURE_SHA1
        ];
        $headerParameters = array_merge($headerParameters, $params);
        $headerParameters['oauth_signature'] = $this->_httpUtility->sign(
            $headerParameters,
            self::SIGNATURE_SHA1,
            $headerParameters['oauth_consumer_secret'],
            $headerParameters['oauth_token_secret'],
            $httpMethod,
            $requestUrl
        );

        $authorizationHeader = $this->_httpUtility->toAuthorizationHeader($headerParameters);
        $authorizationHeader =  str_replace('realm="",', '', $authorizationHeader);
        return $authorizationHeader;
    }

}

      【讨论】:

        猜你喜欢
        • 2012-09-08
        • 1970-01-01
        • 1970-01-01
        • 1970-01-01
        • 1970-01-01
        • 1970-01-01
        • 1970-01-01
        • 1970-01-01
        • 2016-06-01
        相关资源
        最近更新 更多
        热门标签
        Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode