HMAC-SHA1功能-Oauth

时间:2019-06-28 15:29:50

标签: twitter

我正在尝试通过Twitter在OAuth中创建一些请求;我的问题是签名:按照Twitter上的步骤进行操作,似乎我在获取正确的字符串和正确的密钥,但是HMAC-SHA1加密的结果与Twitter的页面结果不同

        String signatureString = new String();
        signatureString += "include_entities=true";
        signatureString = appendSignature(signatureString, ("oauth_consumer_key="+oauth_cons_token));
        signatureString = appendSignature(signatureString, ("oauth_nonce="+nonce));
        signatureString = appendSignature(signatureString, ("oauth_timestamp="+timestamp));
        signatureString = appendSignature(signatureString, ("oauth_token="+oauth_user_token));
        signatureString = appendSignature(signatureString, ("oauth_version=1.0"));
        signatureString = appendSignature(signatureString, ("status=prova"));

        System.out.println("\n Parameters\n");
        System.out.println(signatureString);

        /*
        Twitter specs:
        1 - Convert the HTTP Method to uppercase and set the output string equal to this value.
        2 - Append the ‘&’ character to the output string.
        3 - Percent encode the URL and append it to the output string.
        4 - Append the ‘&’ character to the output string.
        5 - Percent encode the parameter string and append it to the output string.
         */
        String signatureBaseString = new String();
        signatureBaseString+=method.toUpperCase();
        signatureBaseString+="&";
        signatureBaseString+=URLEncoder.encode(URI.toString(), "UTF-8");
        signatureBaseString+="&";
        signatureBaseString+=URLEncoder.encode(signatureString, "UTF-8");

        System.out.println("\n SignatureBase:\n”);
        System.out.println(signatureBaseString);

        //costruzione della chiave
        String signingKey = new String();
        signingKey+=URLEncoder.encode(oauth_cons_secret, "UTF-8");
        signingKey+="&";
        signingKey+=URLEncoder.encode(oauth_user_secret, "UTF-8");

        System.out.println("Signign Key\n");
        System.out.println(signingKey);

        System.out.println("\n Sign\n Binario:");
        SecretKeySpec keySpec = new SecretKeySpec(signingKey.getBytes(), "HmacSHA1");

        Mac mac = Mac.getInstance("HmacSHA1");
        mac.init(keySpec);
        byte[] result = mac.doFinal(signatureBaseString.getBytes());
        System.out.println(result);

        System.out.println("\nResult Base 64:\n");
        System.out.println(Base64.getEncoder().encodeToString(result));

        DST += encodeCredentials("oauth_signature", Base64.getEncoder().encodeToString(result));

        return DST;
        }

Twitter的结果是:hCtSmYh+iHYCEqBWrE7C7hYmtUk=

我的结果是:xz3V54TPQ0gkITDU3JyxllbeX1g=

我认为HMAC-SHA1加密存在一些问题

0 个答案:

没有答案
相关问题
最新问题