Question

请你帮我。我正在尝试为7 Digital的Premium API生成HMAC-SHA1哈希，但是我无法获得正确的签名。我已关注此帖https://oauth1.wp-api.org/docs/basics/Signing.html并获得以下代码：

 public function __construct(){
        $this->timestamp = time();
        $this->_nonce = rand();
        $this->consumerKey = 'KEY';
        $this->consumerSecret = 'SECRET';
        $this->signitureMethod = 'HMAC-SHA1';


    }

    public function buildSignature()
    {          
        $method = 'GET&';
        $url = 'https://api.7digital.com/1.2/oauth/requesttoken';
        $params = 'oauth_consumer_key='.$this->consumerKey.'&oauth_nonce='.$this->_nonce.'&oauth_signature_method=HMAC-SHA1&oauth_timestamp='.$this->timestamp.'&oauth_version=1.0';
        $baseString = $method.urlencode($url).'&'.urlencode($params);
        $key = $this->consumerKey . '&' . $this->consumerSecret;

        $signature = hash_hmac( 'sha1', $baseString,  $key );
        $string = 'https://api.7digital.com/1.2/oauth/requesttoken?oauth_consumer_key='.$this->consumerKey.'&oauth_nonce='.$this->_nonce.'&oauth_signature_method=HMAC-SHA1&oauth_timestamp='.$this->timestamp.'&oauth_version=1.0&oauth_signature='.$signature;
        echo $string;

    }

请注意我也尝试使用base64_encode对签名进行编码不起作用，并尝试对其进行urlencode，如下所示：

            $key = urlencode($this->consumerKey) . '&' . urlencode($this->consumerSecret);

我也使用过参考页面。

以上输出：

https://api.7digital.com/1.2/oauth/requesttoken?oauth_consumer_key=KEY&oauth_nonce=495776478&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1477934267&oauth_version=1.0&oauth_signature=fe3a5c61618d2a144b608570ce2be36f4c3b3e55

非常感谢您的帮助，谢谢！

Answer 1

所以，经过多次拔毛后，我遇到了以下问题：

需要对sha1哈希进行urlencoded，如下所示：

urlencode（base64_encode（hash_hmac（＆＃39; sha1＆＃39;，$ baseString，$ key，true）））;
$ baseString有＆amp;在网址的末尾。
关键是你的oauth_consumer_secret，然后是＆amp;

对于遇到此问题的其他人来说，这是完整的！

    public function buildUrl() {
        $params = [
           'method' => $this->method,
           'url' => urlencode($this->url),
           'additionalParams' =>  urlencode($this->additionalParams . '&'),
           'params' => urlencode($this->params),
           ];
        if ($this->additionalParams) {
            $baseString = $params['method'] . '&' . $params['url'] . '&' . $params['additionalParams'] . $params['params'];
        }
        else{
            $baseString = $params['method'] . '&' . $params['url'] . '&' .  $params['params'];
        }
        $this->_signiture =  $this->getSigniture($baseString, $this->key);

        if ($params['additionalParams']) {
            $url = urldecode($params['url']) . '?' . urldecode($params['additionalParams']) . urldecode($params['params']) . '&oauth_signature='.$this->_signiture;
        }
        else {
            $url = urldecode($params['url']) . '?' . urldecode($params['params']) . '&'. urldecode($params['additionalParams']) . '&oauth_signature='.$this->_signiture;
        }
     echo $url;
    }
  function getSigniture($baseString, $key){
        return   urlencode(base64_encode(hash_hmac( 'sha1' , $baseString,  $key , true)));
    }

7数字API无效签名

1 个答案: