我正在尝试通过OAuth 1.0a加载Twitter users friend列表。 如果URL没有任何参数,它可以工作,例如:
作品:https://api.twitter.com/1.1/friends/list.json
不起作用:https://api.twitter.com/1.1/friends/list.json?cursor=-1&skip_status=true&include_user_entities=false
如果我向其添加参数,则会返回此错误:
无法验证您的身份
可能是什么原因? 我的代码:
<?php
$oauthToken = 'removed';
$oauthTokenSecret = 'removed';
function buildBaseString($baseURI, $method, $params)
{
$r = array();
ksort($params);
foreach($params as $key=>$value){
$r[] = "$key=" . rawurlencode($value);
}
return $method."&" . rawurlencode($baseURI) . '&' . rawurlencode(implode('&', $r));
}
function buildAuthorizationHeader($oauth)
{
$r = 'Authorization: OAuth ';
$values = array();
foreach($oauth as $key=>$value)
$values[] = "$key=\"" . rawurlencode($value) . "\"";
$r .= implode(', ', $values);
return $r;
}
//WORKS:
$url = 'https://api.twitter.com/1.1/friends/list.json';
//DOESN'T WORK, WHY?:
//$url = 'https://api.twitter.com/1.1/friends/list.json?cursor=-1&skip_status=true&include_user_entities=false';
$consumer_key = 'removed';
$consumer_secret = 'removed';
$oauth = array( 'oauth_consumer_key' => $consumer_key,
'oauth_nonce' => time(),
'oauth_signature_method' => 'HMAC-SHA1',
'oauth_token' => $oauthToken,
'oauth_timestamp' => time(),
'oauth_version' => '1.0');
$base_info = buildBaseString($url, 'GET', $oauth);
$composite_key = rawurlencode($consumer_secret) . '&' . rawurlencode($oauthTokenSecret);
$oauth_signature = base64_encode(hash_hmac('sha1', $base_info, $composite_key, true));
$oauth['oauth_signature'] = $oauth_signature;
$header = array(buildAuthorizationHeader($oauth), 'Expect:');
$options = array( CURLOPT_HTTPHEADER => $header,
CURLOPT_HEADER => false,
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYPEER => false);
$feed = curl_init();
curl_setopt_array($feed, $options);
$json = curl_exec($feed);
echo "JSON: ".$json;
curl_close($feed);
?>
答案 0 :(得分:2)
您需要在OAuth标头中包含参数。执行此操作的最佳方法是将其从URL中分离出来。
$params = array(
"cursor" => -1,
"skip_status" => "true",
"include_user_entities" => "false"
);
现在使用基本URL构建基本字符串。
$url = 'https://api.twitter.com/1.1/friends/list.json'
$oAuthHeaders = $oauth + $params;
$base_info = buildBaseString($url, 'GET', $oAuthHeaders);
$composite_key = rawurlencode($consumer_secret) . '&' . rawurlencode($oauthTokenSecret);
$oauth_signature = base64_encode(hash_hmac('sha1', $base_info, $composite_key, true));
$oAuthHeaders['oauth_signature'] = $oauth_signature;
最后,使用其他参数创建URLString:
if ($params) {
$finalURL = "$url?";
foreach ($params as $key=>$param) {
$finalURL .= rawurlencode($key) . "=" . rawurlencode($param) . "&";
}
$finalURL = substr($finalURL, 0, strlen($finalURL) - 1);
}
现在您已准备好发送整个软件包:
$header = array(buildAuthorizationHeader($oAuthHeaders), 'Expect:');
答案 1 :(得分:0)
url也有params,所以你应该尝试遵循这个(在你的函数buildBaseString中):
(摘自:creating signatures)
现在你有类似这个编码的基本网址:
GET&https%3A%2F%2Fapi.twitter.com%2F1.1%2Ffriends%2Flist.json%3Fcursor%3D-1%26skip_status%3Dtrue%26include_user_entities%3Dfalse&oauth_consumer_key%3Dremoved%26oauth_nonce%3D1423633315%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1423633315%26oauth_token%3Dremoved%26oauth_version%3D1.0
也许你必须尝试这个:
GET&https%3A%2F%2Fapi.twitter.com%2F1.1%2Ffriends%2Flist.json&cursor%3D-1%26skip_status%3Dtrue%26include_user_entities%3Dfalse%26oauth_consumer_key%3Dremoved%26oauth_nonce%3D1423633315%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1423633315%26oauth_token%3Dremoved%26oauth_version%3D1.0
答案 2 :(得分:-1)
您似乎在rawurlencode符号上使用=。这会将其转换为%3D。
因此,当您需要cursor%3D-1时,您将获得cursor=-1。
也许尝试简化功能,以便不编码=?
答案 3 :(得分:-1)
这是获取用户信息的示例代码
require_once('oauth/twitteroauth.php');
$oauth_token='YOUR OAUTH TOKEN';
$oauth_token_secret='YOUR SECRET KEY';
function getConnectionWithAccessToken($oauth_token, $oauth_token_secret) {
$connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $oauth_token, $oauth_token_secret);
return $connection;
}
$connection = getConnectionWithAccessToken($oauth_token, $oauth_token_secret);
$content = $connection->get('account/verify_credentials');