我很难正确生成OAuth1.0a签名。以下是我在here (Request Token)
中使用的参数//URL parameters sans-signature
$preSignedParameters = [
'oauth_callback' => 'http://example.com/OAuthRequestToken.do',
'oauth_consumer_key' => 'WEhGuJZWUasHg',
'oauth_nonce' => 'zSs4RFI7lakpADpSsv',
'oauth_signature_method' => 'HMAC-SHA1',
'oauth_timestamp' => 1330442419,
'oauth_version' => '1.0'
];
$signature = $this->generateSignature(
CurlHelper::HTTP_GET,
"http://nid.naver.com/naver.oauth",
$preSignedParameters
);
我签了他们; (为便于阅读而修改的代码)
private function generateSignature($method, $url, $parameters)
{
return base64_encode(
hash_hmac(
'sha1',
$this->generateSignatureString($method, $url, $parameters),
$this->generateSignatureKey(),
true
)
);
}
}
private function generateSignatureString($method, $url, $parameters)
{
//Returns ksort() array
$parameters = $this->sortParams($parameters);
$string = $method
.'&'.rawurlencode($url)
.'&'.rawurlencode(http_build_query($parameters, PHP_QUERY_RFC3986));
return $string;
}
private function generateSignatureKey()
{
if (!$applicationToken = $this->getApplicationToken()) {
$applicationToken = '';
}
$key = rawurlencode('WEhGuJZWUasHg').'&'.rawurlencode($applicationToken);
return $key;
}
所以当我传递上述参数时......
generateSignatureString()返回
GET&
http%3A%2F%2Fnid.naver.com%2Fnaver.oauth&
oauth_callback%3Dhttp%253A%252F%252Fexample.com%252FOAuthRequestToken.do%26
oauth_consumer_key%3DWEhGuJZWUasHg%26
oauth_nonce%3DzSs4RFI7lakpADpSsv%26
oauth_signature_method%3DHMAC-SHA1%26
oauth_timestamp%3D1330442419%26
oauth_version%3D1.0
generateSignatureKey()返回
WEhGuJZWUasHg&
generateSignature()返回
5EqAAGLxoAovkYs+4gS1E4S9l5I=
预期签名(根据链接指南)
wz9+ZO5OLUnTors7HlyaKat1Mo0=
当然,它继续得到一个" invalid_signature"来自OAuth提供商的错误。
我做错了什么???