本文介绍了Delphi TOAuth1Authenticator如何设置Realm的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述 29岁程序员，3月因学历无情被辞！ 尝试使用/调用具有基于令牌的身份验证的 NetSuite Restlet，使用 Delphi RESTClient.我有一个有效的 Postman 请求，用于验证所需的所有授权参数.缺少的一个参数 - 领域 - 在代码中添加时确实会更改从 NetSuite 端返回的错误消息，但仍然不会导致成功调用.Trying to use/call a NetSuite Restlet with token based authentication using the Delphi RESTClient. I have a working Postman request that verifies all the authorization parameters required. The one parameter missing - realm - when added in code does change the error message returned from the NetSuite side but still doesn't result in a successful call.procedure TForm1.OAuth1Authenticator1Authenticate(ARequest: TCustomRESTRequest; var ADone: Boolean);begin // XXXXXXX_RP is a NetSuite account number and environment ARequest.AddAuthParameter('realm','XXXXXX_RP',pkQUERY);end;如果不添加realm(以上代码注释掉)返回的剩余内容为:If realm is not added (the above code is commented out) the returned rest content is:error code: USER_ERRORerror message: header is not NLAuth scheme [ OAuth oauth_consumer_key="fe8da7b31dccbd47e90e5dd5e641fe7b0cbff032a951b4058618c207caf569f8", oauth_nonce="c98fa9de2c601f45bdc8d5c640f1b3cf", oauth_signature_method="HMAC-SHA1", oauth_signature="PfCQE3A4DicTtCfpBEPmbSOmqNg%3D", oauth_timestamp="1568639138", oauth_token="a8190ba34e223f25b32cdb4837d9e1973b8fd6208804e93306f4618ccdb6d648", oauth_version="1.0" ]添加领域后，我仍然得到:With realm added I still get:error code: INVALID_LOGIN_ATTEMPTerror message: Invalid login attempt.有人使用 Delphi RESTClient 成功调用 NetSuite restlets 吗?Anybody successfully make calls to NetSuite restlets using the Delphi RESTClient?更新:看起来它不支持使用可选的领域参数.手动添加它会将其添加到规范化参数列表中以在不应该添加时进行签名.我在 REST.Authenticator.OAuth 中修改了 TOAuth1SignatureMethod_HMAC_SHA1.BuildSignature 以跳过此参数(只是添加了一个 if Lparam.Name 'realm' then begin.. end; 阻止一些代码)但仍然没有成功向 NetSuite 发出请求.在阅读 https://oauth.net/core/1.0/ 第 9.1.1 节后这样做了.规范化请求参数:Update: Looks like it does not support using the optional realm parameter. Adding it manually gets it added to the normalized parameter list for signing when it shouldn't be. I have modified TOAuth1SignatureMethod_HMAC_SHA1.BuildSignature in REST.Authenticator.OAuth to skip this parameter (just added a if Lparam.Name <> 'realm' then begin .. end; block around some code) but still no luck successfully making a request to NetSuite. Did this after reading https://oauth.net/core/1.0/ section 9.1.1. Normalize Request Parameters:请求参数被收集、排序并连接成一个标准化字符串: The request parameters are collected, sorted and concatenated into a normalized string:OAuth HTTP 授权标头中的参数不包括领域参数.HTTP POST 请求正文中的参数(内容类型为 application/x-www-form-urlencoded).添加到查询部分 URL 的 HTTP GET 参数(如 [RFC3986] 第 3 节所定义).推荐答案最终使用 Indy 手动组装请求.下面是组装 AUTH 标头部分的副本以及使用 Indy 的 IdHTTP 执行测试请求的代码.注意:Netsuite 帐号和 ID/Secrets 仅供展示.Ended up manually assembling the request with Indy. A copy of the part that assembles the AUTH header is below along with code that does a test request using Indy's IdHTTP. Note: the Netsuite account number and IDs/Secrets are just for show.procedure TForm1.Button1Click(Sender: TObject);Const NETSUITE_ACCOUNT_ID = '4000000_RP'; BASE_URL = 'https://4000000-rp.restlets.api.netsuite.com/app/site/hosting/restlet.nl'; HTTP_METHOD = 'POST'; SCRIPT_ID = '331'; SCRIPT_DEPLOYMENT_ID = 'customdeploy_salesorderimport'; OAUTH_VERSION = '1.0'; TOKEN_ID = 'a8190ba34e223f25b3267843437d9e1973b8fd6208804e93306f4618ccdb6d648'; TOKEN_SECRET = 'ecb5321eaf832714828ede7f920320b942ad6b2d4221da3b12496f389d68e1c4'; CONSUMER_KEY = 'fe8da7c2cbd47e90e5dd5e6415fe7b0cbff2032a5951b4058618c07c7af569f8'; CONSUMER_SECRET = '848cae6150a651ecbc6975656f4b92ca08d7c27c829185cf98e7a0a30c24dbc2';Var OAUTH_NONCE,TIME_STAMP,STRING2SIGN : string; oauth_signature, oauth, BaseURL : string; JSONValue : TJsonValue;begin OAUTH_NONCE := THashMD5.GetHashString(IntToStr(DateTimeToUnix(TTimeZone.Local.ToUniversalTime(Now))) + IntToStr(Random(MAXINT))); TIME_STAMP := IntToStr(DateTimeToUnix(TTimeZone.Local.ToUniversalTime(Now))); // These are in alphabetical order - required by signing STRING2SIGN := ''; STRING2SIGN := STRING2SIGN + 'deploy=' + SCRIPT_DEPLOYMENT_ID + '&'; STRING2SIGN := STRING2SIGN + 'oauth_consumer_key=' + CONSUMER_KEY + '&'; STRING2SIGN := STRING2SIGN + 'oauth_nonce=' + OAUTH_NONCE + '&'; STRING2SIGN := STRING2SIGN + 'oauth_signature_method=' + 'HMAC-SHA256' + '&'; STRING2SIGN := STRING2SIGN + 'oauth_timestamp=' + TIME_STAMP + '&'; STRING2SIGN := STRING2SIGN + 'oauth_token=' + TOKEN_ID + '&'; STRING2SIGN := STRING2SIGN + 'oauth_version=' + OAUTH_VERSION + '&'; STRING2SIGN := STRING2SIGN + 'script=' + SCRIPT_ID; STRING2SIGN := URIEncode(STRING2SIGN); STRING2SIGN := HTTP_METHOD + '&' + URIEncode(BASE_URL) + '&' + STRING2SIGN; oauth_signature := URIEncode(TNetEncoding.Base64.EncodeBytesToString(THashSHA2.GetHMACAsBytes(STRING2SIGN, CONSUMER_SECRET + '&' + TOKEN_SECRET))); oauth :='OAuth oauth_signature="' + oauth_signature + '",'; oauth := oauth + 'oauth_version="' + OAUTH_VERSION + '",'; oauth := oauth + 'oauth_nonce="' + OAUTH_NONCE + '",'; oauth := oauth + 'oauth_signature_method="HMAC-SHA256",'; oauth := oauth + 'oauth_consumer_key="' + CONSUMER_KEY + '",'; oauth := oauth + 'oauth_token="' + TOKEN_ID + '",'; oauth := oauth + 'oauth_timestamp="' + TIME_STAMP + '",'; oauth := oauth + 'realm="' + NETSUITE_ACCOUNT_ID + '"'; BaseURL := BASE_URL + '?script=' + SCRIPT_ID + '&deploy=' + SCRIPT_DEPLOYMENT_ID; IdHTTP1.Request.CustomHeaders.FoldLines := false; IdHTTP1.Request.Accept := 'application/json, text/javascript, */*; q=0.01'; IdHTTP1.Request.ContentType := 'application/json'; IdHTTP1.Request.CustomHeaders.Values['Authorization'] := oauth;try memo1.Text := idhttp1.Post(BaseURL,'C:UsersevansDocumentsJson.txt'); JSONValue := TJSonObject.ParseJSONValue(memo1.Text); SynEdit1.Text := JSonValue.Format;finally JSonValue.Free;end;注意:代码更新为使用 SHA256 而不是 SHA1 进行 OAUTH 签名.NetSuite 已发出通知，他们将在 NetSuite 2021.2 版中要求这样做.Note: code updated to use SHA256 instead of SHA1 for OAUTH signing. NetSuite has sent out notice they will be requiring this with NetSuite Release 2021.2. 这篇关于Delphi TOAuth1Authenticator如何设置Realm的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！ 上岸，阿里云！