400个关于twitter oauth请求令牌的错误请求

时间:2016-02-25 10:50:55

标签: javascript extjs twitter oauth

我正在尝试向https://api.twitter.com/oauth/request_token发送POST请求。响应是400 Bad Request,没有信息。这是我的代码:

onTwitterRegisterClick: function() {
    var callbackURL = 'http://test.loc:1841/',
        consumerKey = 'm59nSEhyF3Zp4gVdpDzq6CIPp',
        consumerSecret = 'Wou436sq4LUXwO1ajE2egdMdAfV9LtPLkG4JlCF4Yi5YpcrnTF',
        requestTokenURL = 'https://api.twitter.com/oauth/request_token';

    var time = new Date().valueOf().toString(),
        oauth_nonce = makeRandomString(32);
    var paramsForSignature = [
        encodeURIComponent('oauth_callback') + '=' + encodeURIComponent(callbackURL),
        encodeURIComponent('oauth_consumer_key') + '=' + encodeURIComponent(consumerKey),
        encodeURIComponent('oauth_nonce') + '=' + encodeURIComponent(oauth_nonce),
        encodeURIComponent('oauth_signature_method') + '=' + encodeURIComponent('HMAC-SHA1'),
        encodeURIComponent('oauth_timestamp') + '=' + encodeURIComponent(time),
        encodeURIComponent('oauth_version') + '=' + encodeURIComponent('1.0')
    ];
    var paramsForSignatureStr = paramsForSignature.join('&');

    var signatureBaseString = 'POST&' + encodeURIComponent(requestTokenURL) + '&' + encodeURIComponent(paramsForSignatureStr);

    //alert(signatureBaseString);
    var signature = btoa(CryptoJS.HmacSHA1(signatureBaseString, consumerSecret + '&'));
    //var signature = prompt('hmac-sha1 of signatureBaseString=' + CryptoJS.HmacSHA1(signatureBaseString, consumerSecret + '&'));
    //alert(signature);

    Ext.Ajax.request({
        method: 'POST',
        url: requestTokenURL,
        async: false,
        headers:{
            Authorization: 'OAuth oauth_callback="' + encodeURIComponent(callbackURL) + '", ' +
            'oauth_consumer_key="' + consumerKey + '", ' +
            'oauth_nonce="' + oauth_nonce + '", ' +
            'oauth_signature="' + encodeURIComponent(signature) + '", ' +
            'oauth_signature_method="HMAC-SHA1", ' +
            'oauth_timestamp="' + time + '", ' +
            'oauth_version="1.0"'
        },

        success: function(response, opts) {
            alert(response.responseText);
        },

        failure: function (response, opts) {
            alert(response.responseText);
        }
    })
}

我几次阅读官方指南。我做错了什么?

我只注意到变量“signature”的值类似于“YTg5ZmI2ZmEwMWU4MDkzMjlkZmEmMmVmMmVmYzgxMjlmZTJlNDdlZQ ==”并且不像“tnnArxj06cWHq44gCs1OSKk / jLY =”(如在官方指南中),因为函数btoa()使用String而不是整数。

1 个答案:

答案 0 :(得分:-1)

尝试将异步:错误更改为 true