ETRADE - 使用ColdFusion获取请求令牌

时间:2017-05-30 00:26:43

标签: oauth coldfusion

我正试图从ETrade获取令牌以启动身份验证过程,但我似乎无法获得与eTrade认为应该匹配的签名。

ETrade API的链接: https://developer.etrade.com/ctnt/dev-portal/getDetail?contentUri=V0_Documentation-AuthorizationAPI-GetRequestToken

OAuth规范的链接: https://oauth.net/core/1.0a/#sig_base_example

由于显而易见的原因,我不得不粉碎消费者密钥和秘密,因此这段代码无法直接测试...但问题似乎是我发送的参数与我的哈希值不匹配发送。

我从Etrade收到的回复是:oauth_problem = signature_invalid。我见过很多图书馆,我很乐意尝试其中一个,但似乎没有一个与Etrade的方法相符。欢迎所有的想法!提前谢谢。

<!--- Generate epoctime --->
<cfset TheDate = now()>
<cfset TheDate = DateAdd("h",5,TheDate)>
<cfset EpocTime = DateDiff("s", "January 1 1970 00:00", DateConvert("local2utc", TheDate))>

<!--- Set Keys / URL --->
<cfset consumer_key = "aaaaaaaaa">
<cfset consumer_secret = "1111111">
<cfset GetTokenURL = "https://etws.etrade.com/oauth/request_token">

<!--- generate message for oauth signature --->
<cfset message = "GET">
<cfset message = message & "&" & "https%3A%2F%2Fetws.etrade.com%2Foauth%2Frequest_token">
<cfset message = message & "&" & "oauth_callback%3Doob">
<cfset message = message & "%26oauth_consumer_key%3D#consumer_key#">
<cfset message = message & "%26oauth_nonce%3DLTg2ODUzOTQ5MTEzMTY3MzQwMzE%3D">
<cfset message = message & "%26oauth_signature_method%3DHMAC-SHA1">
<cfset message = message & "%26oauth_timestamp%3D#epoctime#">

<!--- debug message --->
<cfoutput>#message#</cfoutput><BR><BR>

<!--- Apply HMAC function to generate signature (absent of token) --->
<cfset oauth_signature = hmac(message, consumer_secret & "&", "HMACSHA1")> 
<cfoutput>#oauth_signature#</cfoutput><BR><BR>

<!--- Encode and debug output --->
<cfset oauth_signature = urlencodedformat(toBase64(Binarydecode(oauth_signature , "hex")))>
<cfoutput>#oauth_signature#</cfoutput><BR><BR>

<!--- Make the CFHTTP Request --->
<cfhttp result="result" method="GET" charset="utf-8" url="https://etws.etrade.com/oauth/request_token">
    <cfhttpparam name="Authorization" type="header" value="OAuth" />        
    <cfhttpparam name="realm" type="url" value="">
    <cfhttpparam name="oauth_callback" type="url" value="oob">
    <cfhttpparam name="oauth_consumer_key" type="url" value=#consumer_key#>
    <cfhttpparam name="oauth_nonce" type="url" value="LTg2ODUzOTQ5MTEzMTY3MzQwMzE%3D">
    <cfhttpparam name="oauth_signature" type="url" value=#oauth_signature#>
    <cfhttpparam name="oauth_signature_method" type="url" value="HMAC-SHA1">
    <cfhttpparam name="oauth_timestamp" type="url" value="#epoctime#">  
</cfhttp>

<!--- Output the results --->
<cfoutput>#result.FileContent#</cfoutput>
<BR><BR>
<cfdump var="#result#">

0 个答案:

没有答案
相关问题
最新问题