c# - OAuth1.0 身份验证显示“无效签名 - 提供的签名不匹配。\”错误 401
问题描述
OAuth1.0 身份验证说:
无效签名 - 提供的签名不匹配。”错误 401
我想从 GravityForm 提供的 API 中获取数据,它完全可以在 Postman 中运行,但我无法通过我自己的 C# 应用程序获取数据。我在 Stackoverflow 上尝试过朋友提供的不同解决方案,但不幸的是,它们都不起作用。这是我的最终代码:
private void button2_Click(object sender, EventArgs e)
{
string sig = GetAuthorizationToken();
ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;
var client = new RestClient("https://kashfsho.com/wp-json/gf/v2/entries/");
var request = new RestRequest(Method.GET);
request.AddHeader("cache-control", "no-cache");
request.AddHeader("Content-Type", "application/json");
request.AddHeader("authorization", sig);
IRestResponse response = client.Execute(request);
}
public string GetAuthorizationToken()
{
timeStamp = ((int)(DateTime.UtcNow - new DateTime(1970, 1, 1)).TotalSeconds).ToString();
nonce = System.Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(timeStamp + timeStamp + timeStamp));
ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;
HttpWebRequest httpWebRequest = (HttpWebRequest)WebRequest.Create("https://kashfsho.com/wp-json/gf/v2/entries/");
httpWebRequest.Method = "Get";
string consumer_secret = Uri.EscapeDataString(conSumerSecret);
string signature_base_string = GetSignatureBaseString(timeStamp, nonce);
SHA1HASH = GetSha1Hash(signature_base_string, consumer_secret); //also tried with nonEscaped consumer!
string Header =
"OAuth oauth_consumer_key=" + '"' + consumerKey + '"' + "," +
"oauth_nonce=" + '"' + nonce + '"' + "," +
"oauth_signature=" + '"' + SHA1HASH + '"' + "," +
"oauth_signature_method=" + '"' + @"HMAC-SHA1" + '"' + "," +
"oauth_timestamp=" + '"' + timeStamp + '"' + "," +
"oauth_version=" + '"' + "1.0" + '"';
return Header;
}
private string GetSha1Hash(string key, string t)
{
var encoding = new System.Text.ASCIIEncoding();
byte[] keyBytes = encoding.GetBytes(key);
byte[] messageBytes = encoding.GetBytes(t);
string strSignature = string.Empty;
using (HMACSHA1 SHA1 = new HMACSHA1(keyBytes))
{
var Hashed = SHA1.ComputeHash(messageBytes);
SHA1HASH = Convert.ToBase64String(Hashed);
}
return SHA1HASH;
}
public string GetSignatureBaseString(string TimeStamp, string Nonce)
{
//1.Convert the HTTP Method to uppercase and set the output string equal to this value.
string Signature_Base_String = "Get";
Signature_Base_String = Signature_Base_String.ToUpper();
//2.Append the ‘&’ character to the output string.
Signature_Base_String = Signature_Base_String + "&";
//3.Percent encode the URL and append it to the output string.
ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;
string PercentEncodedURL = Uri.EscapeDataString("https://kashfsho.com/wp-json/gf/v2/entries/");
Signature_Base_String = Signature_Base_String + PercentEncodedURL;
//4.Append the ‘&’ character to the output string.
Signature_Base_String = Signature_Base_String + "&";
//5.append parameter string to the output string.
Signature_Base_String = Signature_Base_String + Uri.EscapeDataString("oauth_consumer_key=" + consumerKey);
Signature_Base_String = Signature_Base_String + Uri.EscapeDataString("&oauth_nonce=" + Nonce);
Signature_Base_String = Signature_Base_String + Uri.EscapeDataString("&oauth_signature_method=" + "HMAC-SHA1");
Signature_Base_String = Signature_Base_String + Uri.EscapeDataString("&oauth_timestamp=" + TimeStamp);
Signature_Base_String = Signature_Base_String + Uri.EscapeDataString("&oauth_version=" + "1.0");
return Signature_Base_String;
}
尝试过的解决方案: 在 C# 中生成 OAuth1 签名 使用 HMAC-SHA1 创建 OAuth 签名 加密返回 HTTP 401 使用 C# 创建用于搜索的 Twitter 授权标头
解决方案
哦,大约一个月后,我终于找到了解决方案。对于 GravityForm API 的身份验证,OAUTH 1.0 并不像您预期的那么稳定。相反,您最好像这样使用“基本身份验证”:
USERNAME = consumerKey
Password = consumerSecret
然后您可以使用以下解决方案: RestSharp HttpBasicAuthentication - 示例
推荐阅读
- python - 在哪里可以找到 python 官方文档中的 **options?
- html - Excel VBA 登录网站并获取 TR 和 TD 元素
- php - 使用 laravel 使用 mysql 数据库
- html - 上 div 背景与正文背景
- java - Java - 在 JDialog / JFrame 上调用 Component#setName
- python - 当子查询为空时,如何使 Django 查询不返回任何内容
- startup - Windows x64 上的 Watson Studio 桌面订阅 - 空白启动屏幕
- ibm-cloud-storage - 从 IBM Cloud 对象存储中读取对象的数据
- android - 在项目“:app”中找不到任务“installDebug”。仅在一个 react-native 项目中
- android - 尝试定义功能 (SAM) 接口时出错