通过oauth1.0和volley库将android应用程序链接到woocommerce网站

时间:2018-06-01 15:59:16

标签: android oauth woocommerce cryptography android-volley

我想通过使用排球库将我的Android应用程序链接到woocommerce网站。 我测试了使用volley发送身份验证参数。 首先,我发送了一个测试链接,我得到了成功的回复,我收到了json。 然后我测试由邮差生产的产品链接(包括授权参数),它也是成功的,我收到了json。 然后我将我的授权参数放到标题中,如下所示:

@Override
        public Map<String, String> getHeaders() throws AuthFailureError {
            Map<String, String> headers = new HashMap<>();

            String apiSecret = getString(R.string.apisecret);

            String oauth_consumer_key = getString(R.string.consumerkey);
            String oauth_signature_method = "HMAC-SHA1";

            String oauth_timestamp = String.valueOf(System.currentTimeMillis());

            Log.d("oauth_timestamp", oauth_timestamp);

            String oauth_nonce = UUID.randomUUID().toString();


            Log.d("oauth_nonce", oauth_nonce);

            String oauth_version = "1.0";

            String baseString = genBaseString(oauth_consumer_key, apiSecret, "GET", oauth_nonce, oauth_timestamp);
            Log.d("baseString", baseString);

            String oauth_signature = null;
            try {
                oauth_signature = computeHmac(baseString, apiSecret);

                Log.d("oauth_signature", oauth_signature);

            } catch (NoSuchAlgorithmException e) {
                e.printStackTrace();
            } catch (InvalidKeyException e) {
                e.printStackTrace();
            } catch (Exception e) {
                e.printStackTrace();
                Log.d("oauth_signature", "sig error");

            }

            oauth_signature = encodeUrl(oauth_signature);

            Log.d("oauth_signature", oauth_signature);

            String auth = "OAuth oauth_consumer_key=" + oauth_consumer_key + ",oauth_signature_method=\"HMAC-SHA1\",oauth_timestamp=" + oauth_timestamp + ",oauth_nonce=" + oauth_nonce + ",oauth_version=\"1.0\",oauth_signature=" + oauth_signature;

            headers.put("Authorization", auth);

            Log.d("header", headers.toString());

            return headers;
        }

当我想发送带有凌空的Auth参数作为我收到onResponceError的标题时。如果从postman获取oauth_nonce,oauth_tmestamp和oauth_signature并放入标题,它可以工作一次但是当我使用自己的代码生成这些参数时,我没有和我面对401错误。

这里是genBaseString(),computeHmac()和encodeUrl()方法:

 public String genBaseString(String c_key, String c_secret, String method, 
     String nonce, String timestamp) {

    String BASE_SITE = "ealda.ir";
    String BASE_URL = "http://" + BASE_SITE + "/wp-json/wc/v1/products";//AS a example listing product is used
    String COSTUMER_KEY = c_key;
    String COSTUMER_SECRET = c_secret;
    String METHOD = method;//change API method eg POST,PUT, DELETE etc (ONLY FOR THIS EXAMPLE FOR LIB LIKE RETROFIT,OKHTTP, The Are Dynamic Way)

    String firstEncodedString = METHOD + "&" + encodeUrl(BASE_URL);
    Log.d("firstEncodedString", firstEncodedString);

    String parameterString="oauth_consumer_key="
         +COSTUMER_KEY+"&oauth_nonce="
         +nonce+"&oaut 
  h_signature_method=HMAC-SHA1&oauth_timestamp="
         +timestamp+"&oauth_version=1.0";

    String secoundEncodedString = "&" + encodeUrl(parameterString);

    Log.d("secoundEncodedString", secoundEncodedString);

    //The base String is used to generate signature
    String baseString = firstEncodedString + secoundEncodedString;
    return baseString;
}

public String encodeUrl(String url) {
    String encodedurl = "";
    try {

        encodedurl = URLEncoder.encode(url, "UTF-8");
        Log.d("Encodeurl", encodedurl);
    } catch (UnsupportedEncodingException e) {
        e.printStackTrace();
    }

    return encodedurl;
}

public String computeHmac(String baseString, String key)
        throws NoSuchAlgorithmException, InvalidKeyException {
    Mac mac = Mac.getInstance("HmacSHA1");
    SecretKeySpec secret = new SecretKeySpec(key.getBytes(), 
    mac.getAlgorithm());
    mac.init(secret);
    byte[] digest = mac.doFinal(baseString.getBytes());
    byte[] result = Base64.encode(digest, Base64.DEFAULT);
    return new String(result);
}

我不知道我的签名是正确的还是我的oauth_nonce错了。 你能救我吗?

提前致谢

0 个答案:

没有答案