【问题标题】:Generate OAuth1 signature in C#在 C# 中生成 OAuth1 签名
【发布时间】:2016-06-11 04:52:14
【问题描述】:

我有一个大问题。我使用 C# 开发 UWP Windows 10 应用程序,我想使用 OAuth 1。

几乎一切正常,但签名错误。但是,我在 Microsoft GitHub 上找到了示例代码。显然,我做了一些修改......

我的代码:

private async Task GoCo()
{
        String LifeInvaderUrl = "http://stage.api.lolilolz.be/v8/login";

        string timeStamp = GetTimeStamp();
        string nonce = GetNonce();
        string consumerKey = "noob-stage";
        string consumerSecret = "TOPSECRETxxXXxx";

        string SigBaseStringParams = "oauth_consumer_key=" + consumerKey;
        SigBaseStringParams += "&" + "oauth_signature_method=HMAC-SHA1";
        SigBaseStringParams += "&" + "oauth_timestamp=" + timeStamp;
        SigBaseStringParams += "&" + "oauth_nonce=" + nonce;
        SigBaseStringParams += "&" + "oauth_version=1.0";

        string SigBaseString = "POST&";
        SigBaseString += Uri.EscapeDataString(LifeInvaderUrl) + "&" + Uri.EscapeDataString(SigBaseStringParams);

        String Signature = GetSignature(SigBaseString, consumerSecret);

        string authorizationHeaderParams = "oauth_consumer_key=\"" + consumerKey + "\", oauth_signature_method=\"HMAC-SHA1\", oauth_timestamp=\"" + timeStamp + "\", oauth_nonce=\"" + nonce +   "\", oauth_vesrion=\"1.0\", oauth_signature=\"" + Uri.EscapeDataString(Signature)+ "\"";

        HttpClient httpClient = new HttpClient();

        //...

}

以及签名生成器方法:

string GetSignature(string sigBaseString, string consumerSecretKey)
{
        IBuffer KeyMaterial = CryptographicBuffer.ConvertStringToBinary(consumerSecretKey + "&", BinaryStringEncoding.Utf8);
        MacAlgorithmProvider HmacSha1Provider = MacAlgorithmProvider.OpenAlgorithm("HMAC_SHA1");
        CryptographicKey MacKey = HmacSha1Provider.CreateKey(KeyMaterial);
        IBuffer DataToBeSigned = CryptographicBuffer.ConvertStringToBinary(sigBaseString, BinaryStringEncoding.Utf8);
        IBuffer SignatureBuffer = CryptographicEngine.Sign(MacKey, DataToBeSigned);
        string Signature = CryptographicBuffer.EncodeToBase64String(SignatureBuffer);

        return Signature;
}

提前谢谢你:)

【问题讨论】:

  • 遇到同样的问题,我的签名一直失败...

标签: c# windows oauth signature


【解决方案1】:

有一个类型 oauth_vesrion 应该是 oauth_version

【讨论】:

    【解决方案2】:

    您的签名基本参数有问题。这些值根据它们的编码名称排序,如果相等,则根据它们的编码值排序。所以你的 SigBaseStringParams 应该是这样的:

        string SigBaseStringParams = "oauth_consumer_key=" + consumerKey;
        SigBaseStringParams += "&" + "oauth_nonce=" + nonce;
        SigBaseStringParams += "&" + "oauth_signature_method=HMAC-SHA1";
        SigBaseStringParams += "&" + "oauth_timestamp=" + timeStamp;
        SigBaseStringParams += "&" + "oauth_version=1.0";
    

    【讨论】:

      【解决方案3】:

      您的基本字符串参数有问题。对于 OAuth 1.0,它需要进行排序。我创建了用于创建基本字符串的通用函数。你可以使用它。

      `        private static string GetSignatureBaseString(string strUrl, string TimeStamp,
                  string Nonce, string strConsumer, string strOauthToken, SortedDictionary<string, string> data)
              {
                  //1.Convert the HTTP Method to uppercase and set the output string equal to this value.
                  string Signature_Base_String = "POST";
                  Signature_Base_String = Signature_Base_String.ToUpper();
      
                  //2.Append the ‘&’ character to the output string.
                  Signature_Base_String = Signature_Base_String + "&";
      
                  //3.Percent encode the URL and append it to the output string.
                  string PercentEncodedURL = Uri.EscapeDataString(strUrl);
                  Signature_Base_String = Signature_Base_String + PercentEncodedURL;
      
                  //4.Append the ‘&’ character to the output string.
                  Signature_Base_String = Signature_Base_String + "&";
      
                  //5.append OAuth parameter string to the output string.
                  var parameters = new SortedDictionary<string, string>
                  {
                      {"oauth_consumer_key", strConsumer},
                      { "oauth_token", strOauthToken },
                      {"oauth_signature_method", "HMAC-SHA1"},
                      {"oauth_timestamp", TimeStamp},
                      {"oauth_nonce", Nonce},
                      {"oauth_version", "1.0"}
                  };
      
                  //6.append parameter string to the output string.
                  foreach (KeyValuePair<string, string> elt in data)
                  {
                      parameters.Add(elt.Key, elt.Value);
                  }
      
                  bool first = true;
                  foreach (KeyValuePair<string, string> elt in parameters)
                  {
                      if (first)
                      {
                          Signature_Base_String = Signature_Base_String + Uri.EscapeDataString(elt.Key + "=" + elt.Value);
                          first = false;
                      }
                      else
                      {
                          Signature_Base_String = Signature_Base_String + Uri.EscapeDataString("&" + elt.Key + "=" + elt.Value);
                      }
                  }
      
                  return Signature_Base_String;
              }
      

      ` 使用上面的函数,您将获得基础,您可以使用您的密钥将其传递给下面的函数并获取签名

      private static string GetSha1Hash(string key, string base)
          {
              var encoding = new System.Text.ASCIIEncoding();
      
              byte[] keyBytes = encoding.GetBytes(key);
              byte[] messageBytes = encoding.GetBytes(base);
      
              string strSignature = string.Empty;
      
              using (HMACSHA1 SHA1 = new HMACSHA1(keyBytes))
              {
                  var Hashed = SHA1.ComputeHash(messageBytes);
                  strSignature = Convert.ToBase64String(Hashed);
              }
      
              return strSignature;
          }
      

      【讨论】:

      猜你喜欢
      • 2022-12-07
      • 2017-07-08
      • 2016-01-15
      • 2019-05-23
      • 2017-08-29
      • 1970-01-01
      • 2017-05-20
      • 1970-01-01
      • 1970-01-01
      相关资源
      最近更新 更多