问题描述

我将用作发布到Twitter的OAuth实施。并且实现了 GoogleAppEngineOAuthConsumer 和 GoogleAppEngineOAuthProvider 类，但是由于它们非常微不足道，所以我没有提供源代码这里（还）。

这是我的验证部分，这似乎工作得很好。

LoginServlet.java ：

  //获取请求令牌
 OAuthConsumer consumer = new GoogleAppEngineOAuthConsumer（CONSUMER_KEY，CONSUMER_SECRET）; 
 OAuthProvider provider = new GoogleAppEngineOAuthProvider（REQUEST_TOKEN_URL，ACCESS_TOKEN_URL，AUTHORIZATION_URL）; 
 String redirectUrl = provider.retrieveRequestToken（consumer，CALLBACK_URL）; 
 //缓存请求令牌并请求令牌密码
 response.sendRedirect（redirectUrl）; 
  

CallbackServlet.java

  //获取访问令牌
字符串验证器=（String）req.getParameter（oauth_verifier）; 
 //从缓存中检索请求令牌并请求令牌密钥
 OAuthConsumer consumer = new GoogleAppEngineOAuthConsumer（CONSUMER_KEY，CONSUMER_SECRET）; 
 OAuthProvider provider = new GoogleAppEngineOAuthProvider（REQUEST_TOKEN_URL，
 consumer.setTokenWithSecret（token，tokenSecret）; 
 provider.setOAuth10a（true）; 
 provider.retrieveAccessToken（consumer，verifier）; 
 //存储访问令牌和访问令牌密码
  

这里是实际存在问题的部分。 p>

TweetServlet.java

  OAuthConsumer consumer = new GoogleAppEngineOAuthConsumer（CONSUMER_KEY，CONSUMER_SECRET） ; 
 //从存储中检索访问令牌并访问令牌密钥
 consumer.setTokenWithSecret（accessToken，accessTokenSecret）; 
 final HTTPRequest updateStatus = new HTTPRequest（new URL（http：// api。 （））; getBytes（））;}} getBytes（） ）; 
 consumer.sign（updateStatus）; 
 logger.debug（new String（URLFetchServiceFactory.getURLFetchService（）。fetch（updateStatus）.getContent（）） ）; 
  

每一次结果如下： {request：/ 1 /statuses/update.json\",\"error\":\"Incorrect signature} 。

我能够自己解决这个问题。问题是我没有为请求设置 Content-Type 标头，所以签名没有签名参数，导致签名无效。一旦我将它设置为 application / x-www-form-urlencoded ，它就开始工作。

  final HTTPRequest updateStatus = new HTTPRequest（new URL（http://api.twitter.com/1/statuses/update.json），HTTPMethod.POST）; 
 updateStatus.addHeader（new HTTPHeader（Content-Type，application / x-www-form-urlencoded））; 
  

I'm using Signpost as OAuth implementation for posting to Twitter. And implemented the GoogleAppEngineOAuthConsumer and GoogleAppEngineOAuthProvider classes, but since they're pretty trivial, so I'm not providing their sources here (yet).

Here's my authentication part, which seems to work just fine.

LoginServlet.java:

// fetching the request token
OAuthConsumer consumer = new GoogleAppEngineOAuthConsumer(CONSUMER_KEY, CONSUMER_SECRET);
OAuthProvider provider = new GoogleAppEngineOAuthProvider(REQUEST_TOKEN_URL, ACCESS_TOKEN_URL, AUTHORIZATION_URL);
String redirectUrl = provider.retrieveRequestToken(consumer, CALLBACK_URL);
// cache the request token and request token secret
response.sendRedirect(redirectUrl);

CallbackServlet.java

// fetching the access token
String verifier = (String) req.getParameter("oauth_verifier");
// retrieve request token and request token secret from cache
OAuthConsumer consumer = new GoogleAppEngineOAuthConsumer(CONSUMER_KEY, CONSUMER_SECRET);
OAuthProvider provider = new GoogleAppEngineOAuthProvider(REQUEST_TOKEN_URL,
consumer.setTokenWithSecret(token, tokenSecret);
provider.setOAuth10a(true);
provider.retrieveAccessToken(consumer, verifier);
// store access token and access token secret

And here's the actual problematic part.

TweetServlet.java

OAuthConsumer consumer = new GoogleAppEngineOAuthConsumer(CONSUMER_KEY, CONSUMER_SECRET);
// retrieve access token and access token secret from storage
consumer.setTokenWithSecret(accessToken, accessTokenSecret);
final HTTPRequest updateStatus = new HTTPRequest(new URL("http://api.twitter.com/1/statuses/update.json"), HTTPMethod.POST);
updateStatus.setPayload(("status=" + URLEncoder.encode(message, "UTF-8")).getBytes());
consumer.sign(updateStatus);
logger.debug(new String(URLFetchServiceFactory.getURLFetchService().fetch(updateStatus).getContent()));

Each and every time it results: {"request":"/1/statuses/update.json","error":"Incorrect signature"}.

I was able to solve this by myself. The problem was that I wasn't setting a Content-Type header to the request, so the signing didn't sign the parameters and it resulted the invalid signature. Once I set it to application/x-www-form-urlencoded it started working.

final HTTPRequest updateStatus = new HTTPRequest(new URL("http://api.twitter.com/1/statuses/update.json"), HTTPMethod.POST);
updateStatus.addHeader(new HTTPHeader("Content-Type", "application/x-www-form-urlencoded"));

这篇关于Twitter API状态更新总是返回“不正确的签名”的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！