Oauth1.0:如何在不使用python中的访问令牌和令牌密钥的情况下生成HMAC-SHA1 Oauth_signature?

时间:2018-10-04 15:01:26

标签: python python-2.7 oauth oauth-2.0 postman

我正在尝试访问必须为其执行Oauth1授权的资源。当我使用邮递员提供的选项来添加空参数来签名时,它的工作正常,但是当我尝试使用Python实现相同的操作时,它会抛出错误。

enter image description here

这是我的python代码,所以请告诉我我要进行哪些更改

import requests
import json
from requests_oauthlib import OAuth1Session
from requests_oauthlib import OAuth1
import urllib
import random
import time
from hashlib import sha1
import hmac
def sign_request(epocTime,nounce):
    key = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXX' 
    url = "GET&https://XXXXXXXXXXXXXXXXXXXXX/api/XXXXXXXXXXXXX&oauth_consumer_key=XXXXXXX&oauth_nonce=12345&oauth_signature_method=HMAC-SHA1&oauth_timestamp={}&oauth_version=1.0".format(epoch_time)
    raw = urllib.quote(url)
    hashed = hmac.new(key, raw, sha1)
    print hashed
    return hashed.digest().encode("base64")

def test():
    nounce = "12345"
    epoch_time = int(time.time())
    url = "https://XXXXXXXXXXXXXX/api/XXXXXXXXXXXXXXXXXXXXXX"
    strr = sign_request(epoch_time,nounce)
    print strr
    querystring = {"oauth_consumer_key":"1XXXXXXXXXXXXXXXXX","oauth_token":"",
    "oauth_signature_method":"HMAC-SHA1","oauth_timestamp":epocTime,
    "oauth_nonce":nounce,"oauth_version":"1.0",
    "oauth_signature":strr}
    response = requests.request("GET", url, params=querystring)
    print response.text
test()

1 个答案:

答案 0 :(得分:0)

我在Python 3中遇到了类似的问题...试图在不使用令牌的网站上使用OAuth 1.0。对我而言,最难的部分是获得正确的签名。 This answer got me where I needed to be.