使用Digg API进行OAuth

时间:2010-03-11 05:08:35

标签: ruby-on-rails ruby oauth

我试图让Rails在Digg API的OAuth中发挥出色。我正在使用oauth gem(ruby one,而不是rails)。

我的代码看起来大致如下:

@consumer = OAuth::Consumer.new(API_KEY, API_SECRET,
  :scheme => :header,
  :http_method => :post,
  :oauth_callback => "http://locahost:3000",
  :request_token_url => 'http://services.digg.com/1.0/endpoint?method=oauth.getRequestToken',
  :access_token_url => 'http://services.digg.com/1.0/endpoint?method=oauth.getAccessToken',
  :authorize_url => 'http://digg.com/oauth/authorize')
  @request_token = DiggController.consumer.get_request_token({
      :oauth_callback => "http://xx.xxx.xxx.x:3000/digg/callback"
    }, {
      'Content-Type' => 'application/x-www-form-urlencoded'
    })
session[:request_token] = @request_token.token
session[:request_token_secret] = @request_token.secret
redirect_to @request_token.authorize_url

根据宝石文档给我的内容,这是一本书。但是,当调用@ consumer.get_request_token时,Digg向我发出“400 Bad Request”错误。我无法弄清楚我做错了什么。有什么想法吗?

编辑:更新了代码并添加了Wireshark输出。我的错误现在是“需要401授权”。

Wireshark的输出:

POST /1.0/endpoint?method=oauth.getRequestToken HTTP/1.1
Accept: */*
Connection: close
User-Agent: OAuth gem v0.3.6
Content-Type: application/x-www-form-urlencoded
Authorization: OAuth oauth_nonce="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
  oauth_callback="http%3A%2F%2Fxx.xxx.xxx.x%3A3000%2Fdigg%2Fcallback",
  oauth_signature_method="HMAC-SHA1",
  oauth_timestamp="1268687137",
  oauth_consumer_key="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
  oauth_signature="xxx%2Bxxxxxxxxxxxxxxx%2Fxxxxxxx%3D", oauth_version="1.0"
Content-Length: 48
Host: services.digg.com

Content-Type=application%2fx-www-form-urlencoded



HTTP/1.1 401 Authorization Required
Date: Mon, 15 Mar 2010 21:05:37 GMT
Server: Apache
X-Powered-By: PHP/5.2.9-digg8
Cache-control: private
X-RateLimit-Current: 1
X-RateLimit-Max: 1000
X-RateLimit-Reset: 3600
X-Digg-Api-Version: 1.0
Accept-Ranges: bytes
Content-Length: 111
Keep-Alive: timeout=5, max=9998
Connection: Keep-Alive
Content-Type: text/xml;charset=utf-8

<?xml version="1.0" encoding="UTF-8"?>
<error code="5001" message="Invalid
signature" timestamp="1268687137"/>

1 个答案:

答案 0 :(得分:1)

顺便提一下,回调参数不应该是localhost:3000,而应该是您的公共IP地址(确保还为计算机和/或路由器防火墙中的外部连接打开端口3000),或者留下默认(带外)。

检查被抛出的OAuth::Unauthorized异常的内容(或使用诸如tcpdumpWireshark之类的嗅探器)以获取有关HTTP 400错误的其他详细信息(它们可能具有您的一些参数问题。)

相关问题
最新问题