我正在将dotnetopenauth与WCF服务结合使用来请求访问令牌。以下步骤没有问题:
当我尝试代表用户执行请求(获取用户的收藏夹)时,会出现问题。收到401回复,收到“错误签名”消息。
显然签名是问题,但我不知道为什么它是一个不正确的签名,因为它是由dotnetopenauth库生成的。我甚至检查了基线,看起来很好。所以有些参数必定是错误的。
可能是问题是请求完成的域。我目前在代理后面(但是将代理的ip添加到我的应用程序中允许的域列表中)?
编辑:添加了LOGS:
用户将应用程序从应用程序重定向到Twitter Auth页面,然后使用请求令牌和验证程序将其重定向到我的应用程序。然后我交换那些anaccesToken和Secret。但是当使用thos执行请求时,我得到错误'错误签名'。
2011-05-19 17:32:57,815 [8] INFO DotNetOpenAuth [(null)] - DotNetOpenAuth, Version=3.4.7.11121, Culture=neutral, PublicKeyToken=2780ccd10d57b246 (official)
2011-05-19 17:32:57,849 [8] INFO DotNetOpenAuth [(null)] - Reporting will use isolated storage with scope: User, Domain, Assembly
2011-05-19 17:32:57,900 [8] DEBUG DotNetOpenAuth.Messaging.Channel [(null)] - Preparing to send UnauthorizedTokenRequest (1.0.1) message.
2011-05-19 17:32:57,901 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.OAuth.ChannelElements.OAuthHttpMethodBindingElement applied to message.
2011-05-19 17:32:57,904 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement applied to message.
2011-05-19 17:32:57,905 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement applied to message.
2011-05-19 17:32:57,907 [8] DEBUG DotNetOpenAuth.Messaging.Channel [(null)] - Applying secrets to message to prepare for signing or signature verification.
2011-05-19 17:32:57,908 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Signing UnauthorizedTokenRequest message using HMAC-SHA1.
2011-05-19 17:32:57,923 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Constructed signature base string: GET&http%3A%2F%2Fapi.twitter.com%2Foauth%2Frequest_token&oauth_callback%3Dhttp%253A%252F%252Ftest%252FsocialApi.svc%252FOauth2%253FsessionToken%253D%26oauth_consumer_key%3DLP0drhz9ry2F5f4lt0HCwg%26oauth_nonce%3D0Rq1Uatx%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1305819177%26oauth_version%3D1.0
2011-05-19 17:32:57,923 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.OAuth.ChannelElements.SigningBindingElementChain applied to message.
2011-05-19 17:32:57,930 [8] INFO DotNetOpenAuth.Messaging.Channel [(null)] - Prepared outgoing UnauthorizedTokenRequest (1.0.1) message for http://api.twitter.com/oauth/request_token:
oauth_callback: http://test/socialApi.svc/Oauth2?sessionToken=
oauth_consumer_key: LP0drhz9ry2F5f4lt0HCwg
oauth_nonce: 0Rq1Uatx
oauth_signature_method: HMAC-SHA1
oauth_signature: AegT69ULyJBbh/sM4XtFO69J5as=
oauth_version: 1.0
oauth_timestamp: 1305819177
2011-05-19 17:32:57,933 [8] DEBUG DotNetOpenAuth.Messaging.Channel [(null)] - Sending UnauthorizedTokenRequest request.
2011-05-19 17:32:57,945 [8] DEBUG DotNetOpenAuth.Http [(null)] - HTTP GET http://api.twitter.com/oauth/request_token
2011-05-19 17:32:59,317 [8] DEBUG DotNetOpenAuth.Messaging.Channel [(null)] - Received UnauthorizedTokenResponse response.
2011-05-19 17:32:59,320 [8] INFO DotNetOpenAuth.Messaging.Channel [(null)] - Processing incoming UnauthorizedTokenResponse (1.0.1) message:
oauth_token: 0tTPF0N8Z0R3zFpnfHAfFAU6TFgrbD8ttYLjakbRo
oauth_token_secret: EmxJ9VeAPUuaofGToOOoO37nGlKqA8feYARBsUseI
oauth_callback_confirmed: true
2011-05-19 17:32:59,323 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.OAuth.ChannelElements.SigningBindingElementChain did not apply to message.
2011-05-19 17:32:59,324 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did not apply to message.
2011-05-19 17:32:59,326 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement did not apply to message.
2011-05-19 17:32:59,326 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.OAuth.ChannelElements.OAuthHttpMethodBindingElement did not apply to message.
2011-05-19 17:32:59,326 [8] DEBUG DotNetOpenAuth.Messaging.Channel [(null)] - After binding element processing, the received UnauthorizedTokenResponse (1.0.1) message is:
oauth_token: 0tTPF0N8Z0R3zFpnfHAfFAU6TFgrbD8ttYLjakbRo
oauth_token_secret: EmxJ9VeAPUuaofGToOOoO37nGlKqA8feYARBsUseI
oauth_callback_confirmed: true
2011-05-19 17:32:59,329 [8] DEBUG DotNetOpenAuth.Messaging.Channel [(null)] - Preparing to send UserAuthorizationRequest (1.0.1) message.
2011-05-19 17:32:59,329 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.OAuth.ChannelElements.OAuthHttpMethodBindingElement did not apply to message.
2011-05-19 17:32:59,329 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement did not apply to message.
2011-05-19 17:32:59,329 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did not apply to message.
2011-05-19 17:32:59,329 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.OAuth.ChannelElements.SigningBindingElementChain did not apply to message.
2011-05-19 17:32:59,329 [8] INFO DotNetOpenAuth.Messaging.Channel [(null)] - Prepared outgoing UserAuthorizationRequest (1.0.1) message for http://api.twitter.com/oauth/authorize:
oauth_token: 0tTPF0N8Z0R3zFpnfHAfFAU6TFgrbD8ttYLjakbRo
2011-05-19 17:32:59,329 [8] DEBUG DotNetOpenAuth.Messaging.Channel [(null)] - Sending message: UserAuthorizationRequest
2011-05-19 17:32:59,335 [8] DEBUG DotNetOpenAuth.Http [(null)] - Redirecting to http://api.twitter.com/oauth/authorize?oauth_token=0tTPF0N8Z0R3zFpnfHAfFAU6TFgrbD8ttYLjakbRo
2011-05-19 17:32:59,340 [8] DEBUG socialApi.socialApi [(null)] - TWITTERLOG: DotNetOpenAuth.OAuth.WebConsumer
[Footer]
[Header]
2011-05-19 17:33:01,567 [8] INFO DotNetOpenAuth.Messaging.Channel [(null)] - Scanning incoming request for messages: http://test/socialApi.svc/Oauth2?sessionToken=&oauth_token=0tTPF0N8Z0R3zFpnfHAfFAU6TFgrbD8ttYLjakbRo&oauth_verifier=tRYmE40kQYOwR9U0kmSMKn1fdIHKN1xVGAa43jbWp3M
2011-05-19 17:33:01,574 [8] DEBUG DotNetOpenAuth.Messaging.Channel [(null)] - Incoming request received: UserAuthorizationResponse
2011-05-19 17:33:01,574 [8] INFO DotNetOpenAuth.Messaging.Channel [(null)] - Processing incoming UserAuthorizationResponse (1.0.1) message:
oauth_verifier: tRYmE40kQYOwR9U0kmSMKn1fdIHKN1xVGAa43jbWp3M
oauth_token: 0tTPF0N8Z0R3zFpnfHAfFAU6TFgrbD8ttYLjakbRo
sessionToken:
2011-05-19 17:33:01,574 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.OAuth.ChannelElements.SigningBindingElementChain did not apply to message.
2011-05-19 17:33:01,574 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did not apply to message.
2011-05-19 17:33:01,574 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement did not apply to message.
2011-05-19 17:33:01,575 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.OAuth.ChannelElements.OAuthHttpMethodBindingElement did not apply to message.
2011-05-19 17:33:01,575 [8] DEBUG DotNetOpenAuth.Messaging.Channel [(null)] - After binding element processing, the received UserAuthorizationResponse (1.0.1) message is:
oauth_verifier: tRYmE40kQYOwR9U0kmSMKn1fdIHKN1xVGAa43jbWp3M
oauth_token: 0tTPF0N8Z0R3zFpnfHAfFAU6TFgrbD8ttYLjakbRo
sessionToken:
2011-05-19 17:33:01,576 [8] DEBUG DotNetOpenAuth.Messaging.Channel [(null)] - Preparing to send AuthorizedTokenRequest (1.0.1) message.
2011-05-19 17:33:01,576 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.OAuth.ChannelElements.OAuthHttpMethodBindingElement applied to message.
2011-05-19 17:33:01,576 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement applied to message.
2011-05-19 17:33:01,576 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement applied to message.
2011-05-19 17:33:01,576 [8] DEBUG DotNetOpenAuth.Messaging.Channel [(null)] - Applying secrets to message to prepare for signing or signature verification.
2011-05-19 17:33:01,576 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Signing AuthorizedTokenRequest message using HMAC-SHA1.
2011-05-19 17:33:01,578 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Constructed signature base string: GET&http%3A%2F%2Fapi.twitter.com%2Foauth%2Faccess_token&oauth_consumer_key%3DLP0drhz9ry2F5f4lt0HCwg%26oauth_nonce%3DShyS8gWa%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1305819181%26oauth_token%3D0tTPF0N8Z0R3zFpnfHAfFAU6TFgrbD8ttYLjakbRo%26oauth_verifier%3DtRYmE40kQYOwR9U0kmSMKn1fdIHKN1xVGAa43jbWp3M%26oauth_version%3D1.0
2011-05-19 17:33:01,578 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.OAuth.ChannelElements.SigningBindingElementChain applied to message.
2011-05-19 17:33:01,578 [8] INFO DotNetOpenAuth.Messaging.Channel [(null)] - Prepared outgoing AuthorizedTokenRequest (1.0.1) message for http://api.twitter.com/oauth/access_token:
oauth_verifier: tRYmE40kQYOwR9U0kmSMKn1fdIHKN1xVGAa43jbWp3M
oauth_token: 0tTPF0N8Z0R3zFpnfHAfFAU6TFgrbD8ttYLjakbRo
oauth_consumer_key: LP0drhz9ry2F5f4lt0HCwg
oauth_nonce: ShyS8gWa
oauth_signature_method: HMAC-SHA1
oauth_signature: g4OTXcaVAi8D3x4MHtGzDAbHE+U=
oauth_version: 1.0
oauth_timestamp: 1305819181
2011-05-19 17:33:01,578 [8] DEBUG DotNetOpenAuth.Messaging.Channel [(null)] - Sending AuthorizedTokenRequest request.
2011-05-19 17:33:01,579 [8] DEBUG DotNetOpenAuth.Http [(null)] - HTTP GET http://api.twitter.com/oauth/access_token
2011-05-19 17:33:01,935 [8] DEBUG DotNetOpenAuth.Messaging.Channel [(null)] - Received AuthorizedTokenResponse response.
2011-05-19 17:33:01,935 [8] INFO DotNetOpenAuth.Messaging.Channel [(null)] - Processing incoming AuthorizedTokenResponse (1.0.1) message:
oauth_token: 300285844-uc1Yfu8a6rxjivWWIWyPVdq8UQILlYohwC3ChihE
oauth_token_secret: 3fHEPHp5faATgk82WuS80RJba3HsFUrFoQ0VGyxC1I
user_id: 300285844
screen_name: TesterTest3
2011-05-19 17:33:01,935 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.OAuth.ChannelElements.SigningBindingElementChain did not apply to message.
2011-05-19 17:33:01,935 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did not apply to message.
2011-05-19 17:33:01,935 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement did not apply to message.
2011-05-19 17:33:01,935 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.OAuth.ChannelElements.OAuthHttpMethodBindingElement did not apply to message.
2011-05-19 17:33:01,935 [8] DEBUG DotNetOpenAuth.Messaging.Channel [(null)] - After binding element processing, the received AuthorizedTokenResponse (1.0.1) message is:
oauth_token: 300285844-uc1Yfu8a6rxjivWWIWyPVdq8UQILlYohwC3ChihE
oauth_token_secret: 3fHEPHp5faATgk82WuS80RJba3HsFUrFoQ0VGyxC1I
user_id: 300285844
screen_name: TesterTest3
2011-05-19 17:33:01,937 [8] DEBUG DotNetOpenAuth.Messaging.Channel [(null)] - Preparing to send AccessProtectedResourceRequest (1.0.1) message.
2011-05-19 17:33:01,937 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.OAuth.ChannelElements.OAuthHttpMethodBindingElement applied to message.
2011-05-19 17:33:01,937 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement applied to message.
2011-05-19 17:33:01,937 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement applied to message.
2011-05-19 17:33:01,937 [8] DEBUG DotNetOpenAuth.Messaging.Channel [(null)] - Applying secrets to message to prepare for signing or signature verification.
2011-05-19 17:33:01,937 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Signing AccessProtectedResourceRequest message using HMAC-SHA1.
2011-05-19 17:33:01,939 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Constructed signature base string: GET&http%3A%2F%2Fapi.twitter.com%2Fstatuses%2Ffriends_timeline.xml&oauth_consumer_key%3DLP0drhz9ry2F5f4lt0HCwg%26oauth_nonce%3DAOP0gDJR%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1305819181%26oauth_token%3D300285844-uc1Yfu8a6rxjivWWIWyPVdq8UQILlYohwC3ChihE%26oauth_version%3D1.0
2011-05-19 17:33:01,939 [8] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] - Binding element DotNetOpenAuth.OAuth.ChannelElements.SigningBindingElementChain applied to message.
2011-05-19 17:33:01,939 [8] INFO DotNetOpenAuth.Messaging.Channel [(null)] - Prepared outgoing AccessProtectedResourceRequest (1.0.1) message for http://api.twitter.com/statuses/friends_timeline.xml:
oauth_token: 300285844-uc1Yfu8a6rxjivWWIWyPVdq8UQILlYohwC3ChihE
oauth_consumer_key: LP0drhz9ry2F5f4lt0HCwg
oauth_nonce: AOP0gDJR
oauth_signature_method: HMAC-SHA1
oauth_signature: kaYZtw1L2lC6Y/NcayRFyN9cdf0=
oauth_version: 1.0
oauth_timestamp: 1305819181
2011-05-19 17:33:01,941 [8] DEBUG DotNetOpenAuth.Http [(null)] - HTTP GET http://api.twitter.com/statuses/friends_timeline.xml?oauth_token=300285844-uc1Yfu8a6rxjivWWIWyPVdq8UQILlYohwC3ChihE&oauth_consumer_key=LP0drhz9ry2F5f4lt0HCwg&oauth_nonce=AOP0gDJR&oauth_signature_method=HMAC-SHA1&oauth_signature=kaYZtw1L2lC6Y/NcayRFyN9cdf0=&oauth_version=1.0&oauth_timestamp=1305819181
2011-05-19 17:33:02,279 [8] ERROR DotNetOpenAuth.Http [(null)] - WebException from http://api.twitter.com/statuses/friends_timeline.xml?oauth_token=300285844-uc1Yfu8a6rxjivWWIWyPVdq8UQILlYohwC3ChihE&oauth_consumer_key=LP0drhz9ry2F5f4lt0HCwg&oauth_nonce=AOP0gDJR&oauth_signature_method=HMAC-SHA1&oauth_signature=kaYZtw1L2lC6Y/NcayRFyN9cdf0=&oauth_version=1.0&oauth_timestamp=1305819181:
<?xml version="1.0" encoding="UTF-8"?>
<hash>
<request>/statuses/friends_timeline.xml?oauth_token=300285844-uc1Yfu8a6rxjivWWIWyPVdq8UQILlYohwC3ChihE&oauth_consumer_key=LP0drhz9ry2F5f4lt0HCwg&oauth_nonce=AOP0gDJR&oauth_signature_method=HMAC-SHA1&oauth_signature=kaYZtw1L2lC6Y%2FNcayRFyN9cdf0%3D&oauth_version=1.0&oauth_timestamp=1305819181</request>
<error>Incorrect signature</error>
</hash>