我想通过使用排球库将我的Android应用程序链接到woocommerce网站。 我测试了使用volley发送身份验证参数。 首先,我发送了一个测试链接,我得到了成功的回复,我收到了json。 然后我测试由邮差生产的产品链接(包括授权参数),它也是成功的,我收到了json。 然后我将我的授权参数放到标题中,如下所示:
@Override
public Map<String, String> getHeaders() throws AuthFailureError {
Map<String, String> headers = new HashMap<>();
String apiSecret = getString(R.string.apisecret);
String oauth_consumer_key = getString(R.string.consumerkey);
String oauth_signature_method = "HMAC-SHA1";
String oauth_timestamp = String.valueOf(System.currentTimeMillis());
Log.d("oauth_timestamp", oauth_timestamp);
String oauth_nonce = UUID.randomUUID().toString();
Log.d("oauth_nonce", oauth_nonce);
String oauth_version = "1.0";
String baseString = genBaseString(oauth_consumer_key, apiSecret, "GET", oauth_nonce, oauth_timestamp);
Log.d("baseString", baseString);
String oauth_signature = null;
try {
oauth_signature = computeHmac(baseString, apiSecret);
Log.d("oauth_signature", oauth_signature);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
Log.d("oauth_signature", "sig error");
}
oauth_signature = encodeUrl(oauth_signature);
Log.d("oauth_signature", oauth_signature);
String auth = "OAuth oauth_consumer_key=" + oauth_consumer_key + ",oauth_signature_method=\"HMAC-SHA1\",oauth_timestamp=" + oauth_timestamp + ",oauth_nonce=" + oauth_nonce + ",oauth_version=\"1.0\",oauth_signature=" + oauth_signature;
headers.put("Authorization", auth);
Log.d("header", headers.toString());
return headers;
}
当我想发送带有凌空的Auth参数作为我收到onResponceError的标题时。如果从postman获取oauth_nonce,oauth_tmestamp和oauth_signature并放入标题,它可以工作一次但是当我使用自己的代码生成这些参数时,我没有和我面对401错误。
这里是genBaseString(),computeHmac()和encodeUrl()方法:
public String genBaseString(String c_key, String c_secret, String method,
String nonce, String timestamp) {
String BASE_SITE = "ealda.ir";
String BASE_URL = "http://" + BASE_SITE + "/wp-json/wc/v1/products";//AS a example listing product is used
String COSTUMER_KEY = c_key;
String COSTUMER_SECRET = c_secret;
String METHOD = method;//change API method eg POST,PUT, DELETE etc (ONLY FOR THIS EXAMPLE FOR LIB LIKE RETROFIT,OKHTTP, The Are Dynamic Way)
String firstEncodedString = METHOD + "&" + encodeUrl(BASE_URL);
Log.d("firstEncodedString", firstEncodedString);
String parameterString="oauth_consumer_key="
+COSTUMER_KEY+"&oauth_nonce="
+nonce+"&oaut
h_signature_method=HMAC-SHA1&oauth_timestamp="
+timestamp+"&oauth_version=1.0";
String secoundEncodedString = "&" + encodeUrl(parameterString);
Log.d("secoundEncodedString", secoundEncodedString);
//The base String is used to generate signature
String baseString = firstEncodedString + secoundEncodedString;
return baseString;
}
public String encodeUrl(String url) {
String encodedurl = "";
try {
encodedurl = URLEncoder.encode(url, "UTF-8");
Log.d("Encodeurl", encodedurl);
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return encodedurl;
}
public String computeHmac(String baseString, String key)
throws NoSuchAlgorithmException, InvalidKeyException {
Mac mac = Mac.getInstance("HmacSHA1");
SecretKeySpec secret = new SecretKeySpec(key.getBytes(),
mac.getAlgorithm());
mac.init(secret);
byte[] digest = mac.doFinal(baseString.getBytes());
byte[] result = Base64.encode(digest, Base64.DEFAULT);
return new String(result);
}
我不知道我的签名是正确的还是我的oauth_nonce错了。 你能救我吗?
提前致谢