当我在OAuthConsumer客户端上使用Http GET调用时,出现401未经授权的错误。
我具有Oauth 1.0授权的所有必需参数。
Consumer Key = "XXX"
Consumer Secret = "YYY"
oauth_signature_method = "HMAC-SHA1"
oauth_timestamp = "calculated timestamp"
oauth_nonce = "calculated nonce"
oauth_version = 1.0
oauth_signature = "calculated signature"
通过使用使用者密钥,秘密和 signature_type ='auth_header'并调用request.get(),Python中相同的Ouath 1.0代码对我来说效果很好。这是下面的我的python代码:
import requests
from requests_oauthlib import OAuth1
url = "XXX"
header_auth = OAuth1('consumer_key','consumer_secret', signature_type='auth_header')
response = requests.get(url, auth=header_auth)
print(response.status_code)
print(response.content)
这是我的Java代码段。你能建议我哪里出问题了吗?
公共类OauthConsumerClient {
@SuppressWarnings("deprecation")
public static void main(String[] args) {
String url = "XXX";
DefaultHttpClient httpClient = new DefaultHttpClient();
httpClient.getParams().setParameter("http.protocol.content-charset", "UTF-8");
HttpRequestBase httpRequest = null;
URI uri = null;
HttpResponse httpResponse = null;
OAuthConsumer oAuthConsumer = new CommonsHttpOAuthConsumer("consumer_key", "consumer_secret");
oAuthConsumer.setSigningStrategy(new AuthorizationHeaderSigningStrategy());
try {
uri = new URI(url);
httpRequest = new HttpGet(uri);
httpRequest.setHeader("Content-Type", "application/json");
oAuthConsumer.sign(httpRequest);
HttpHost target = new HttpHost(uri.getHost(), -1, uri.getScheme());
httpResponse = httpClient.execute(target, httpRequest);
System.out.println("Connection status : " + httpResponse.getStatusLine());
System.out.println("Connection status code : " + httpResponse.getStatusLine().getStatusCode());
} catch (Exception e) {
System.out.println("Exception occured");
}
InputStream inputStraem = httpResponse.getEntity().getContent();
StringWriter writer = new StringWriter();
IOUtils.copy(inputStraem, writer, "UTF-8");
String output = writer.toString();
System.out.println("Connection response : " + output);
}
}
Output
-------------------------------------------------------------------------
16:13:43.064 [main] DEBUG o.a.h.impl.client.DefaultHttpClient - Authentication required
16:13:43.064 [main] DEBUG o.a.h.impl.client.DefaultHttpClient - "URL" requested authentication
16:13:43.064 [main] DEBUG o.a.h.i.c.TargetAuthenticationStrategy - Authentication schemes in the order of preference: [Negotiate, Kerberos, NTLM, Digest, Basic]
16:13:43.064 [main] DEBUG o.a.h.i.c.TargetAuthenticationStrategy - Challenge for Negotiate authentication scheme not available
16:13:43.064 [main] DEBUG o.a.h.i.c.TargetAuthenticationStrategy - Challenge for Kerberos authentication scheme not available
16:13:43.064 [main] DEBUG o.a.h.i.c.TargetAuthenticationStrategy - Challenge for NTLM authentication scheme not available
16:13:43.064 [main] DEBUG o.a.h.i.c.TargetAuthenticationStrategy - Challenge for Digest authentication scheme not available
16:13:43.064 [main] DEBUG o.a.h.i.c.TargetAuthenticationStrategy - Challenge for Basic authentication scheme not available
Connection status : HTTP/1.1 401 Unauthorized
Connection status code : 401
16:13:43.076 [main] DEBUG org.apache.http.wire - << " ["The request must be signed"]"
16:13:43.076 [main] DEBUG o.a.h.i.c.BasicClientConnectionManager - Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@78691363
16:13:43.076 [main] DEBUG o.a.h.i.c.BasicClientConnectionManager - Connection can be kept alive indefinitely
Connection response : ["The request must be signed"]
注意:当我在邮递员中使用Oauth 1.0授权类型点击相同的URL时。我的身体收到响应码200 OK。
让我知道是否需要其他信息。非常感谢您的帮助!