我已经成功地遵循了rauth OAuth1示例来获取我的访问令牌,从而从fatsecret API中检索数据。我将我的access_token和access_token_secret存储在一个搁置的数据库中。我的问题是,当我稍后尝试使用存储的令牌检索更多数据时,收到“无效签名”错误。
这是获取令牌并检索exercise_entries.get方法的原始脚本:
from rauth.service import OAuth1Service
import shelve
api_url = 'http://platform.fatsecret.com/rest/server.api'
shelf = shelve.open('token_shelf.db')
fatsecret = OAuth1Service(
consumer_key = 'xxxxxxxxxxxxx',
consumer_secret = 'xxxxxxxxxxxxx',
name = 'fatsecret',
request_token_url = 'http://www.fatsecret.com/oauth/request_token',
access_token_url = 'http://www.fatsecret.com/oauth/access_token',
authorize_url = 'http://www.fatsecret.com/oauth/authorize')
request_token, request_token_secret = fatsecret.get_request_token(
method = 'GET',
params = {'oauth_callback':'oob'})
authorize_url = fatsecret.get_authorize_url(request_token)
print 'Visit this URL in your browser: ' + authorize_url
pin = raw_input('Enter PIN from browser: ')
shelf['fatsecret_request_token'] = request_token
shelf['fatsecret_request_token_secret'] = request_token_secret
shelf['fatsecret_pin'] = pin
session = fatsecret.get_auth_session(
request_token,
request_token_secret,
params={'oauth_verifier': pin}
)
shelf['fatsecret_access_token'] = session.access_token
shelf['fatsecret_access_token_secret'] = session.access_token_secret
my_params = {'method': 'exercise_entries.get', 'format': 'json'}
r = session.get(api_url, params=my_params)
print r.json()
print r.content
shelf.close()
然后,我尝试从架子上还原我的access_token和access_token_secret并打开一个新会话,但被告知我签名无效。
from rauth.service import OAuth1Service
import shelve
api_url = 'http://platform.fatsecret.com/rest/server.api'
shelf = shelve.open('token_shelf.db')
fs_access_token = shelf['fatsecret_access_token']
fs_access_token_secret = shelf['fatsecret_access_token']
fatsecret = OAuth1Service(
consumer_key = 'xxxxxxxxxxxxx',
consumer_secret = 'xxxxxxxxxxxxx',
name = 'fatsecret',
request_token_url = 'http://www.fatsecret.com/oauth/request_token',
access_token_url = 'http://www.fatsecret.com/oauth/access_token',
authorize_url = 'http://www.fatsecret.com/oauth/authorize')
session = fatsecret.get_session((fs_access_token,fs_access_token_secret))
my_params = {'method': 'exercise_entries.get', 'format': 'json'}
r = session.get(api_url,params=my_params)
print r.content
print r.url
shelf.close()
这将返回
r.content为:{ "error": {"code": 8, "message": "Invalid signature: oauth_signature 'ccZpSYAPSn+umkTxcAVH7EChVvw='" }}
r.url是:http://platform.fatsecret.com/rest/server.api?oauth_nonce=604416f368159818e3ad8252a0da323be16319a3&format=json&oauth_consumer_key=xxxxxxxxxxxxx&oauth_timestamp=1390015877&oauth_signature_method=HMAC-SHA1&oauth_version=1.0&oauth_token=xxxxxxxxxxxxx&oauth_signature=l4Ricqpbbwl%2BHPS2ItLLnvXQo%2FA%3D&method=exercise_entries.get
唯一引起我注意的地方是r.url参数似乎没有按照字母顺序排列,但是我不知道该参数是否准确反映了发送给fatsecret的内容,无论如何在第一个脚本中它可以正常工作。
我尝试了类似的using OAuth1Session而不是
OAuth1Service的方法,但是得到的结果完全相同。我将不胜感激,以帮助您实现这一目标。
最佳答案
我无数次地检查了此代码,没有发现任何错误。当我添加了用于调试的额外打印时,我注意到我在重用会话的第6行中两次检索了access_token。毕竟这只是一个错字。
更改:
fs_access_token = shelf['fatsecret_access_token']
fs_access_token_secret = shelf['fatsecret_access_token']
至:
fs_access_token = shelf['fatsecret_access_token']
fs_access_token_secret = shelf['fatsecret_access_token_secret']
因此,以上代码实际上是使用python使用fatsecret api进行身份验证的一个很好的演示。