我有一个媒体API(代理人申请),我试图允许第三方应用程序(消费者应用程序)的用户代表用户(用户)通过我的API发送视频,所以我'实施Oauth Echo。我能够完成第一步,验证用户的凭据,因此我知道我的凭据是有效的;但是,当我去初始化上传时,我得到了一个"无法验证您的身份。错误。在分块媒体上传文档中,我注意到了这一部分,但我不清楚这是如何通过Oauth Echo执行chunked media upload的:
"因为该方法使用多部分POST,所以OAuth处理了一点 不同。时,不使用POST或查询字符串参数 计算OAuth签名基本字符串或签名。只有 使用oauth_ *参数。"
这是我的请求的调试输出:
opening connection to upload.twitter.com:443... opened starting SSL for upload.twitter.com:443... SSL established <- "POST /1.1/media/upload.json?command=INIT&media_type=video%2Fmp4&total_bytes=2000 HTTP/1.1\r\nAuthorization: OAuth oauth_consumer_key=\"XXXXXXXXXXXXXXXXX\", oauth_nonce=\"XXXXXXXXXXXXXXXXX\", oauth_signature=\"XXXXXXXXXXXXXXXXX\", oauth_signature_method=\"HMAC-SHA1\", oauth_timestamp=\"1457492349\", oauth_token=\"XXXXXXXXXXXXXXXXX\", oauth_version=\"1.0\"\r\nConnection: close\r\nHost: upload.twitter.com\r\nContent-Length: 0\r\nContent-Type: application/x-www-form-urlencoded\r\n\r\n" <- ""
-> "HTTP/1.1 401 Authorization Required\r\n"
-> "connection: close\r\n"
-> "content-length: 64\r\n"
-> "content-type: application/json; charset=utf-8\r\n"
-> "date: Wed, 09 Mar 2016 03:10:23 GMT\r\n"
-> "server: tsa_a\r\n"
-> "set-cookie: guest_id=v1%3A145749302339262531; Domain=.twitter.com; Path=/; Expires=Fri, 09-Mar-2018 03:10:23 UTC\r\n"
-> "strict-transport-security: max-age=631138519\r\n"
-> "vary: Origin\r\n"
-> "x-connection-hash: 6a4b3c223cca493550d30c3fed750df1\r\n"
-> "x-frame-options: SAMEORIGIN\r\n"
-> "x-response-time: 7\r\n"
-> "x-xss-protection: 1; mode=block\r\n"
-> "\r\n" reading 64 bytes...
-> ""
-> "{\"errors\":[{\"code\":32,\"message\":\"Could not authenticate you.\"}]}" read 64 bytes Conn close
=> #[{"code"=>32, "message"=>"Could not authenticate you."}]}, @response=#, @headers={"connection"=>["close"], "content-length"=>["64"], "content-type"=>["application/json; charset=utf-8"], "date"=>["Wed, 09 Mar 2016 03:10:23 GMT"], "server"=>["tsa_a"], "set-cookie"=>["guest_id=v1%3A145749302339262531; Domain=.twitter.com; Path=/; Expires=Fri, 09-Mar-2018 03:10:23 UTC"], "strict-transport-security"=>["max-age=631138519"], "vary"=>["Origin"], "x-connection-hash"=>["6a4b3c223cca493550d30c3fed750df1"], "x-frame-options"=>["SAMEORIGIN"], "x-response-time"=>["7"], "x-xss-protection"=>["1; mode=block"]}>
我正在使用HTTParty gem发出HTTP请求。这是他们的样子:
#IRL I'm getting the following two vars from the user, but for sake of demonstration this is more or less what they'll be
x_auth_service_provider = 'https://api.twitter.com/1.1/account/verify_credentials.json'
x_verify_credentials_authorization = 'OAuth oauth_consumer_key="XXXX", oauth_nonce="XXXX", oauth_signature="XXXX", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1457473883", oauth_token="XXXX", oauth_version="1.0"'
response = HTTParty.get(x_auth_service_provider,
:headers => {"Authorization" => x_verify_credentials_authorization})
if response.code == 200
init = HTTParty.post('https://upload.twitter.com/1.1/media/upload.json',
:headers => {"Authorization" => x_verify_credentials_authorization},
:body => {'command' => 'INIT', 'media_type'=> 'video/mp4', 'total_bytes' => '2000'},
:debug_output => $stdout)
end
答案 0 :(得分:1)
我试图在仪表板中发出相同的请求,但是我去了那里:
我第一次遇到和你一样的错误,但我注意到了这一点:
重要提示:此功能仅在几分钟内有效。
我尝试重新生成OAuth签名,然后请求进展顺利。那么,也许您的身份验证密钥也已过期了?