在https://etws.etrade.com/market/rest/optionexpiredate上使用oauth调用etrade Web api时如何解决未经授权的请求错误

时间:2019-04-10 21:43:45

标签: c# oauth etrade-api

我已经成功从etrade Web api获取了访问令牌和访问密码,但是当我尝试访问市场时,总是 未经授权的错误

我已经用c#在asp.net中尝试过

using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Net;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace myetest { public partial class oauth3 : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) {

            string url; url = MyConstants.myurl4; // public const string myurl4 = "
        https://etws.etrade.com/market/rest/optionexpiredate";

            string requestUrl = url  + "?" + MyCommons.CommonAuth(url) + "&underlier=AMZN"; Response.Write(" requestUrl4 is " +
        requestUrl);

            HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(requestUrl);

            request.Method = "GET"; request.ContentType = "application/x-www-form-urlencoded"; //request.ContentType =
        "application/json"; //request.Accept = "application/json"; //string OAuthHeader = " OAuth " +
        MyCommons.CommonAuth(url);

           // Response.Write(" OAuthHeader is " + OAuthHeader); //  request.Headers["Authorization"] = OAuthHeader;

            string rawData = "";

            try { HttpWebResponse response = (HttpWebResponse)request.GetResponse();

 StreamReader responseStream = new StreamReader(response.GetResponseStream()); rawData = responseStream.ReadToEnd();
        Response.Write(" requestUrl4  rawData response is " + rawData); response.Close(); } catch (WebException err) {
        String responseBody = new StreamReader(err.Response.GetResponseStream()).ReadToEnd();

                Response.Write(" requestUrl4  error message is " + responseBody); /* Stream objStream =
        err.Response.GetResponseStream(); StreamReader objStreamReader = new StreamReader(objStream); rawData =
        objStreamReader.ReadToEnd();*/ }

        } } }

//********************
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Web;

namespace myetest { public class MyCommons {

        public static string UpperCaseUrlEncode(string s) { //  char[] temp = Server.UrlEncode(s).ToCharArray();

            char[] temp = HttpContext.Current.Server.UrlEncode(s).ToCharArray();

            for (int i = 0; i < temp.Length - 2; i++) { if (temp[i] == '%') { temp[i + 1] = char.ToUpper(temp[i + 1]); temp[i + 2]
        = char.ToUpper(temp[i + 2]); } } return new string(temp); }

        public static string CommonAuth(string url) {

            TimeSpan ts = DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0); string timestamp =
        Convert.ToInt64(ts.TotalSeconds).ToString();

            /* for oauth_nonce */ /* (obviously you wouldn't create a new Random class every time!) */ string nonce = new
        Random().Next(123400, 9999999).ToString();

            /* parameters to include in the request - get the list from       */ /*  "Obtaining an unauthorized request token"
        */

            System.Collections.Generic.List<string> parameters = new System.Collections.Generic.List<string>();

            parameters.Add("oauth_consumer_key=" + MyCommons.UpperCaseUrlEncode(MyConstants.OAUTHCONSUMERKEY_FOR_MY_APP));
        parameters.Add("oauth_timestamp=" + MyCommons.UpperCaseUrlEncode(timestamp)); parameters.Add("oauth_nonce=" +
        MyCommons.UpperCaseUrlEncode(nonce)); parameters.Add("oauth_signature_method=HMAC-SHA1");
        parameters.Add("oauth_token=" + MyCommons.UpperCaseUrlEncode(MyConstants.accessToken));
        parameters.Add("oauth_verifier=" + MyCommons.UpperCaseUrlEncode(MyConstants.oauth_verifier)); //
        parameters.Add("oauth_signature=" + MyCommons.UpperCaseUrlEncode(MyConstants.signature1));

            /* although not clearly documented, it seems that parameters need to be */ /*  sorted in order for Fire Eagle to
        accept the signature              */ parameters.Sort(); string parametersStr = string.Join("&", parameters.ToArray());

            string baseStr = "GET" + "&" + MyCommons.UpperCaseUrlEncode(url) + "&" + MyCommons.UpperCaseUrlEncode(parametersStr);
                 //  Response.Write(" baseStr is " + baseStr); /* create the crypto class we use to generate a
                 signature for the request */ HMACSHA1 sha1 = new HMACSHA1();

            byte[] key = Encoding.UTF8.GetBytes(MyConstants.VAL_OAUTHCONSUMERSECRET + "&" + MyConstants.accessSecret); //byte[]
        key = Encoding.UTF8.GetBytes(MyConstants.VAL_OAUTHCONSUMERSECRET + "&" );

            if (key.Length > 64) { /* I had to do this to handle a minor bug in my version of HMACSHA1 */ /*  which falls over if
        you give it keys that are too long          */ /* You probably won't need to do this.                              */
        SHA1CryptoServiceProvider coreSha1 = new SHA1CryptoServiceProvider(); key = coreSha1.ComputeHash(key); } sha1.Key =
        key;

            /* generate the signature and add it to our parameters */ byte[] baseStringBytes = Encoding.UTF8.GetBytes(baseStr);
        byte[] baseStringHash = sha1.ComputeHash(baseStringBytes); String base64StringHash =
        Convert.ToBase64String(baseStringHash); String encBase64StringHash = MyCommons.UpperCaseUrlEncode(base64StringHash);
        parameters.Add("oauth_signature=" + encBase64StringHash); //MyConstants.signature1 = encBase64StringHash; /* we are
        ready to send the request! */ // string requestUrl = url + "?" + string.Join("&", parameters.ToArray()); string
        requestUrl = string.Join("&", parameters.ToArray()); // string OAuthHeader = string.Join(",", parameters.ToArray());
        //string OAuthHeader2 =  OAuthHeader.Replace("=", "=\""); //string OAuthHeader3 =  OAuthHeader2.Replace(",", "\",") +
        "\"";

            //return OAuthHeader3; return requestUrl;

        } } }

0 个答案:

没有答案