vb.net中的HttpWebRequest标头格式

时间:2019-03-14 16:03:52

标签: vb.net httpwebrequest token netsuite oauth-1.0a

我有一个使用用户名和密码进行身份验证以连接到网络套件的应用程序。网络套件的身份验证方法已更改为令牌库。 查看25种不同的可能解决方案后,我得到401错误。这是我的代码:   授权类型OAuth 1.0 

Dim oauth_token = "xx"
        Dim oauth_token_secret = "xx"
        Dim oauth_consumer_key = "xx"
        Dim oauth_consumer_secret = "xx"
        Dim oauth_version = "1.0"
        Dim oauth_signature_method = "HMAC-SHA1"
        Dim oauth_nonce = Convert.ToBase64String(New ASCIIEncoding().GetBytes(DateTime.Now.Ticks.ToString()))
        Dim timeSpan = DateTime.UtcNow - New DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc)
        Dim oauth_timestamp = Convert.ToInt64(timeSpan.TotalSeconds).ToString()
        Dim resource_url = "https://646033-sb3.restlets.api.netsuite.com/app/site/hosting/restlet.nl?script=x&deploy=x"
          Dim baseFormat = "oauth_consumer_key={0}&oauth_nonce={1}&oauth_signature_method={2}" & "&oauth_timestamp={3}&oauth_token={4}&oauth_version={5}"
        Dim baseString = String.Format(baseFormat, oauth_consumer_key, oauth_nonce, oauth_signature_method, oauth_timestamp, oauth_token, oauth_version)

        baseString = String.Concat("PUT&", Uri.EscapeDataString(resource_url), "&", Uri.EscapeDataString(baseString))

        Dim compositeKey = String.Concat(Uri.EscapeDataString(oauth_consumer_secret), "&", Uri.EscapeDataString(oauth_token_secret))

        Dim oauth_signature As String
        Using hasher As New HMACSHA1(ASCIIEncoding.ASCII.GetBytes(compositeKey))
            oauth_signature = Convert.ToBase64String(hasher.ComputeHash(ASCIIEncoding.ASCII.GetBytes(baseString)))
        End Using

        'Dim headerFormat = "OAuth oauth_signature_method=""{0}"", " + "oauth_consumer_key=""{1}"", " + "oauth_token=""{2}"", oauth_signature=""{3}"", " + "oauth_version=""{4}"""

        Dim headerFormat = "OAuth oauth_nonce=""{0}"", oauth_signature_method=""{1}"", " & "oauth_timestamp=""{2}"", oauth_consumer_key=""{3}"", " & "oauth_token=""{4}"", oauth_signature=""{5}"", " & "oauth_version=""{6}"""

        'Dim authHeader = String.Format(headerFormat, Uri.EscapeDataString(oauth_signature_method), Uri.EscapeDataString(oauth_consumer_key), Uri.EscapeDataString(oauth_token),
        'Uri.EscapeDataString(oauth_signature), Uri.EscapeDataString(oauth_version))

        Dim authHeader = String.Format(headerFormat, Uri.EscapeDataString(oauth_nonce), Uri.EscapeDataString(oauth_signature_method), Uri.EscapeDataString(oauth_timestamp), Uri.EscapeDataString(oauth_consumer_key), Uri.EscapeDataString(oauth_token), Uri.EscapeDataString(oauth_signature), Uri.EscapeDataString(oauth_version))
        '****************************************************************************************************************************
        Dim Request As HttpWebRequest = WebRequest.Create("https://646033-sb3.restlets.api.netsuite.com/app/site/hosting/restlet.nl?script=1072&deploy=1")
        Request.Headers.Add("Authorization", authHeader)
        Request.ContentType = "application/json"
        Request.Method = "PUT"

        Using streamWriter = New StreamWriter(Request.GetRequestStream())
            Dim jsonFormatted As String = Regex.Unescape(JSon)
            streamWriter.Write(jsonFormatted)
            Console.WriteLine(authHeader)
        End Using

当我在邮递员中测试chrome应用程序的连接时,它工作正常。我认为问题出在我如何创建现时值,但不确定,因为这是我第一次处理基于令牌的身份验证。

我感谢大家的时间和评论,谢谢。

1 个答案:

答案 0 :(得分:0)

您需要在对哈希值进行哈希处理后对其进行转义。规范说,必须按照RFC3986进行转义,但是我看到Netsuite的示例仅转义加号(+)。

“在生成哈希后将其放置在Using块内或之后

oauth_signature = oauth_signature.Replace(“ +”,“%2B”)

或者-要通过RFC3986进行完全转义,您可以使用以下示例 注意:我在另一条斜线文章中发现了此功能:How to get Uri.EscapeDataString to comply with RFC 3986 “我只是在这里将它从C#移植到VB.NET:

oauth_signature = EscapeUriDataStringRfc3986(signatureString)

Friend Shared Function EscapeUriDataStringRfc3986(ByVal value As String) As String
    ' Start with RFC 2396 escaping by calling the .NET method to do the work.
    ' This MAY sometimes exhibit RFC 3986 behavior (according to the documentation).
    ' If it does, the escaping we do that follows it will be a no-op since the
    ' characters we search for to replace can't possibly exist in the string.
    Dim escaped As StringBuilder = New StringBuilder(Uri.EscapeDataString(value))

    ' Upgrade the escaping to RFC 3986, if necessary.
    Dim i As Integer = 0
    Do While (i < UriRfc3986CharsToEscape.Length)
        escaped.Replace(UriRfc3986CharsToEscape(i), Uri.HexEscape(UriRfc3986CharsToEscape(i)(0)))
        i = (i + 1)
    Loop

    '' Return the fully-RFC3986-escaped string.
    Return escaped.ToString
End Function
相关问题
最新问题