twitter未经授权401 c#oauth / request_token

时间:2017-05-06 23:35:13

标签: c# api twitter oauth twitter-oauth

我在这里有一些代码而且我收到并且错误401未经授权。我已用twitter框检查了登录信息。

public async Task get_Oauth_token_TaskAsync()
    {


        //variables for action
        string oauth_nonce;
        string oauth_callback;
        string oauth_signature_method;
        string oauth_timestamp;
        string oauth_consumer_key;
        string oauth_signature;
        string oauth_version;
        string req_url;
        //set values to variables
        var dt = DateTime.Now;
        var ticks = dt.Ticks;
        var seconds = ticks / TimeSpan.TicksPerSecond;
        oauth_timestamp = seconds.ToString();
        oauth_callback = "http://www.localhost:55593/TwitterSync.aspx";
        oauth_nonce = Convert.ToBase64String(Guid.NewGuid().ToByteArray()).Substring(0, 16).ToString(); //random string
        oauth_signature_method = "HMAC-SHA1";
        oauth_consumer_key = "xxxx";
        oauth_version = "1.0";
        req_url = "https://api.twitter.com/oauth/request_token";
        oauth_signature = create_auth_Signature_Task(oauth_nonce,oauth_callback,oauth_signature_method,oauth_timestamp,oauth_consumer_key,oauth_version,req_url);

        ///action
        HttpWebRequest request = (HttpWebRequest)WebRequest.Create(req_url);
        request.Method = "POST";
        request.UserAgent = "themattharris' HTTP Client";
        request.Host = "api.twitter.com";

        request.Headers.Add(HttpRequestHeader.Authorization, "OAuth oauth_callback = \"" + Uri.EscapeDataString(oauth_callback) + "\"" + ",oauth_consumer_key = \"" + oauth_consumer_key + "\",oauth_nonce = " + "\"" + oauth_nonce + "\", oauth_signature = \"" + oauth_signature + "\", oauth_signature_method = \"HMAC-SHA1\", oauth_timestamp = \"" + oauth_timestamp + "\", oauth_version = \"1.0\"");


        WebResponse response = await request.GetResponseAsync();
        Stream str = response.GetResponseStream();
        StreamReader reader = new StreamReader(str);
        dynamic resp = reader.ReadToEndAsync();

    }

    private string create_auth_Signature_Task(string oauth_nonce, string oauth_callback,
       string oauth_signature_method, string oauth_timestamp, string oauth_consumer_key, string oauth_version, string req_url)
    {
        string oauth_nonce_enc = Uri.EscapeDataString(oauth_nonce);
        string oauth_callback_enc = Uri.EscapeDataString(oauth_callback);
        string oauth_signature_method_enc = Uri.EscapeDataString(oauth_signature_method);
        string oauth_timestamp_enc = Uri.EscapeDataString(oauth_timestamp);
        string oauth_consumer_key_enc = Uri.EscapeDataString(oauth_consumer_key);
        string oauth_version_enc = Uri.EscapeDataString(oauth_version);
        string req_url_enc = Uri.EscapeDataString(req_url);
        string secret = "xxxx";
        string signature_base = "POST&" + req_url_enc + "&" + Uri.EscapeDataString("oauth_consumer_key=" + oauth_consumer_key_enc + "&oauth_nonce=" + oauth_nonce + "&oauth_signature_method=" + oauth_signature_method_enc + "&oauth_timestamp=" + oauth_timestamp_enc + "&oauth_version=" + oauth_version_enc);


        return ShaHash(signature_base, secret);
    }

    private string ShaHash(string value, string key)
    {
        using (var hmac = new HMACSHA1(Encoding.UTF32.GetBytes(key)))
        {
            return ByteToString(hmac.ComputeHash(Encoding.UTF32.GetBytes(value)));
        }
    }

    static string ByteToString(IEnumerable<byte> data)
    {
        return string.Concat(data.Select(b => b.ToString("x2")));
    }

我根据这个page做了一切。现在我迷失了,任何想法为什么它不起作用?

1 个答案:

答案 0 :(得分:2)

您没有正确计算oauth_timestamp。这应该计算为Unix时间,即自1970年1月1日00:00:00 UTC以来的秒数。

int unixTimestamp = (int)DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1)).TotalSeconds;

或使用.NET 4.6

long unixTimestamp = DateTimeOffset.UtcNow.ToUnixTimeSeconds();

用于创建签名的签名密钥也应该是百分比编码的消费者秘密和由&符号(&amp;)连接的百分比编码的令牌秘密的串联。在获取请求令牌的情况下,令牌秘密尚未知晓,因此您应该使用消费者秘密,然后使用&符号(&amp;)。

var signingKey = oauth_consumer_key_enc + "&";

最后,在计算完哈希值之后,应该返回Base64编码的字符串,以便您的函数变为:

private string ShaHash(string value, string signingKey)
{
  using (var hmac = new HMACSHA1(Encoding.ASCII.GetBytes(signingKey)))
  {
    return Convert.ToBase64String(hmac.ComputeHash(Encoding.ASCII.GetBytes(value)));
  }
}