问题描述

我正在使用 pecl oAuth 库，是否可以构建一个主体签名的 oauth 请求，如下所示:

I'm using the pecl oAuth library, is it possible to build a body signed oauth request that looks like:

POST http://www.imsglobal.org/developers/BLTI/service_handle.php HTTP/1.0
Host: 127.0.0.1:80
Content-Length: 757
Authorization: OAuth realm="",oauth_version="1.0",
oauth_nonce="29f90c047a44b2ece73d00a09364d49b",
oauth_timestamp="1313350943",oauth_consumer_key="lmsng.school.edu",
oauth_body_hash="v%2BxFnmDSHV%2Fj29qhxLwkFILrtPo%3D",
oauth_signature_method="HMAC-SHA1",
oauth_signature="8auRpRdPY2KRXUrOyz3HKCs92y8%3D"
Content-type: application/xml
<?xml version = "1.0" encoding = "UTF-8"?>
... more xml data ...

我正在尝试使用 IMS Global LTI 标准接口与 Instructure 的 Canvas LMS 进行通信.结果服务允许您使用

I'm trying to communicate with Instructure's Canvas LMS using the IMS Global LTI standard interface. The Outcomes Service lets you send scores back to the LMS using oauth signed xml messages

推荐答案

事实证明，pecl oAuth 目前不支持 oaut_body_hash.

As it turns out pecl oAuth doesn't support oaut_body_hash currently.

我最终使用了这个 google 代码存储库中的 oAuth 库http://code.google.com/p/oauth/ 并且计算身体有我自己:

I ended up using the oAuth library from this google code repository http://code.google.com/p/oauth/ and computing the body has myself:

$bodyHash = base64_encode(sha1($body, TRUE)); // build oauth_body_hash
$consumer = new \OAuthConsumer($key, $secret);
$request = \OAuthRequest::from_consumer_and_token($consumer, '', 'POST', $endpoint, array('oauth_body_hash' => $bodyHash) );
$request->sign_request(new \OAuthSignatureMethod_HMAC_SHA1(), $consumer, '');
$header = $request->to_header() . "\r\nContent-Type: application/xml\r\n"; // add content type header

这篇关于使用 pecl oauth 为 LTI Outcomes 服务构建主体签名的 oauth xml 请求的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！