从邮递员到PHP：无法正确生成Oauth 1签名

Question

我很难获得一个简单的Oauth 1 api调用来工作。我已经弄清楚了如何通过邮递员访问我想要的数据，并成功地调用了清单，已加星标的项目等。如果我复制了邮递员已经运行的呼叫并在本地重新运行，只要时间戳是超时的时间（3分钟），api将接受它，我将能够接收和解析json数据。

我已经独立测试并运行了代码的所有元素，并且一切似乎都正常工作……似乎不起作用的是生成了正确的签名。

完整代码在下面...感激不尽！

<?php

// Include Manually Entered Credentials
include 'credentials.php';

####################################

// GENERATE TIMESTAMP:
$oathtimestamp = time();

// GENERATE NONCE:
function generateNonce() {
    $length = 15;
    $chars='1234567890qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM';
    $ll = strlen($chars)-1;
    $o = '';
    while (strlen($o) < $length) {
      $o .= $chars[ rand(0, $ll) ];
      }
    return $o;
    }

$oathnonce = generateNonce();

####################################

// API Determinants
$APIurl = "https://www.example.com/api/";

####################################

// GENERATE Oath1 Signature:
$signatureMethod = "HMAC-SHA1";
$oathVersion = "1.0";

      $base =  "POST&".$APIurl."&"."folder_id=starred"."&limit=25"."&oauth_consumer_key=".$oauth_consumer_key."&oauth_nonce=".$oathnonce."&oauth_signature_method=".$signatureMethod."&oauth_timestamp=".$oathtimestamp."&oauth_token=".$oauth_token."&oauth_version=".$oathVersion."&x_auth_mode=client_auth"."&x_auth_password=".$x_auth_password."&x_auth_username=".$x_auth_username;
      //echo $base;

      $key = $oauth_consumer_key."&".$oath_tokenSecret;
      //echo $key; 

      $signature = base64_encode(hash_hmac('sha1', $oauth_consumer_key, $key));
      //echo $signature;

      $oath_getstringlength =     
        "folder_id=starred".
        "&limit=25".
        "&oauth_consumer_key=".$oauth_consumer_key.
        "&oauth_nonce=".$oathnonce.
        "&oauth_signature=".$signature.
        "&oauth_signature_method=".$signatureMethod.
        "&oauth_timestamp=".$oathtimestamp.
        "&oauth_token=".$oauth_token.
        "&oauth_version=".$oathVersion.
        "&x_auth_mode=client_auth".
        "&x_auth_password=".$x_auth_password.
        "&x_auth_username=".$x_auth_username;

      $oath_stringlength = strlen($oath_getstringlength);
      //echo $oath_stringlength;

####################################

$curl = curl_init();

curl_setopt_array($curl, array(
  CURLOPT_URL => "https://www.example.com/api/",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "POST",
  CURLOPT_POSTFIELDS => 
    "folder_id=starred".
    "&limit=25".
    "&oauth_consumer_key=".$oauth_consumer_key.
    "&oauth_nonce=".$oathnonce.
    "&oauth_signature=".$signature.
    "&oauth_signature_method=".$signatureMethod.
    "&oauth_timestamp=".$oathtimestamp.
    "&oauth_token=".$oauth_token.
    "&oauth_version=".$oathVersion.
    "&x_auth_mode=client_auth".
    "&x_auth_password=".$x_auth_password.
    "&x_auth_username=".$x_auth_username,
  CURLOPT_HTTPHEADER => array(
    "Accept: */*",
    "Accept-Encoding: gzip, deflate",
    "Cache-Control: no-cache",
    "Connection: keep-alive",
    "Content-Length: $oath_stringlength",
    "Content-Type: application/x-www-form-urlencoded",
    "Host: www.example.com",
    "User-Agent: curlAPICall",
    "cache-control: no-cache"
  ),
));

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "... cURL Error #:" . $err;
} else {
  echo $response;
  $jsonresponse = json_decode($response, true);
  print_r($jsonresponse);
}

?>