在 C# 中生成 OAuth1 签名

Question

在 C# 中生成 OAuth1 签名

我有一个大问题。我使用 C# 开发 UWP Windows 10 应用程序，我想使用 OAuth 1。

一切都差不多了，但签名是错误的。不过，我在 Microsoft GitHub 上找到了示例代码。显然，我做了一些修改......

我的代码：

private async Task GoCo()
{
        String LifeInvaderUrl = "http://stage.api.lolilolz.be/v8/login";

        string timeStamp = GetTimeStamp();
        string nonce = GetNonce();
        string consumerKey = "noob-stage";
        string consumerSecret = "TOPSECRETxxXXxx";

        string SigBaseStringParams = "oauth_consumer_key=" + consumerKey;
        SigBaseStringParams += "&" + "oauth_signature_method=HMAC-SHA1";
        SigBaseStringParams += "&" + "oauth_timestamp=" + timeStamp;
        SigBaseStringParams += "&" + "oauth_nonce=" + nonce;
        SigBaseStringParams += "&" + "oauth_version=1.0";

        string SigBaseString = "POST&";
        SigBaseString += Uri.EscapeDataString(LifeInvaderUrl) + "&" + Uri.EscapeDataString(SigBaseStringParams);

        String Signature = GetSignature(SigBaseString, consumerSecret);

        string authorizationHeaderParams = "oauth_consumer_key=\"" + consumerKey + "\", oauth_signature_method=\"HMAC-SHA1\", oauth_timestamp=\"" + timeStamp + "\", oauth_nonce=\"" + nonce +   "\", oauth_vesrion=\"1.0\", oauth_signature=\"" + Uri.EscapeDataString(Signature)+ "\"";

        HttpClient httpClient = new HttpClient();

        //...

}

Run Code Online (Sandbox Code Playgroud)

以及签名生成器方法：

string GetSignature(string sigBaseString, string consumerSecretKey)
{
        IBuffer KeyMaterial = CryptographicBuffer.ConvertStringToBinary(consumerSecretKey + "&", BinaryStringEncoding.Utf8);
        MacAlgorithmProvider HmacSha1Provider = MacAlgorithmProvider.OpenAlgorithm("HMAC_SHA1");
        CryptographicKey MacKey = HmacSha1Provider.CreateKey(KeyMaterial);
        IBuffer DataToBeSigned = CryptographicBuffer.ConvertStringToBinary(sigBaseString, BinaryStringEncoding.Utf8);
        IBuffer SignatureBuffer = CryptographicEngine.Sign(MacKey, DataToBeSigned);
        string Signature = CryptographicBuffer.EncodeToBase64String(SignatureBuffer);

        return Signature;
}

Run Code Online (Sandbox Code Playgroud)

先感谢您：）

Answer 1

Dev*_*vMJ 5

您的基本字符串参数乱序。对于 OAuth 1.0，需要对其进行排序。我创建了用于创建基本字符串的通用函数。你可以用它。

\n\n

`        private static string GetSignatureBaseString(string strUrl, string TimeStamp,\n            string Nonce, string strConsumer, string strOauthToken, SortedDictionary<string, string> data)\n        {\n            //1.Convert the HTTP Method to uppercase and set the output string equal to this value.\n            string Signature_Base_String = "POST";\n            Signature_Base_String = Signature_Base_String.ToUpper();\n\n            //2.Append the \xe2\x80\x98&\xe2\x80\x99 character to the output string.\n            Signature_Base_String = Signature_Base_String + "&";\n\n            //3.Percent encode the URL and append it to the output string.\n            string PercentEncodedURL = Uri.EscapeDataString(strUrl);\n            Signature_Base_String = Signature_Base_String + PercentEncodedURL;\n\n            //4.Append the \xe2\x80\x98&\xe2\x80\x99 character to the output string.\n            Signature_Base_String = Signature_Base_String + "&";\n\n            //5.append OAuth parameter string to the output string.\n            var parameters = new SortedDictionary<string, string>\n            {\n                {"oauth_consumer_key", strConsumer},\n                { "oauth_token", strOauthToken },\n                {"oauth_signature_method", "HMAC-SHA1"},\n                {"oauth_timestamp", TimeStamp},\n                {"oauth_nonce", Nonce},\n                {"oauth_version", "1.0"}\n            };\n\n            //6.append parameter string to the output string.\n            foreach (KeyValuePair<string, string> elt in data)\n            {\n                parameters.Add(elt.Key, elt.Value);\n            }\n\n            bool first = true;\n            foreach (KeyValuePair<string, string> elt in parameters)\n            {\n                if (first)\n                {\n                    Signature_Base_String = Signature_Base_String + Uri.EscapeDataString(elt.Key + "=" + elt.Value);\n                    first = false;\n                }\n                else\n                {\n                    Signature_Base_String = Signature_Base_String + Uri.EscapeDataString("&" + elt.Key + "=" + elt.Value);\n                }\n            }\n\n            return Signature_Base_String;\n        }\n

Run Code Online (Sandbox Code Playgroud)\n\n

`\n使用上面的函数，您将获得基础，您可以使用您的密钥将其传递给下面的函数并获得签名

\n\n

private static string GetSha1Hash(string key, string base)\n    {\n        var encoding = new System.Text.ASCIIEncoding();\n\n        byte[] keyBytes = encoding.GetBytes(key);\n        byte[] messageBytes = encoding.GetBytes(base);\n\n        string strSignature = string.Empty;\n\n        using (HMACSHA1 SHA1 = new HMACSHA1(keyBytes))\n        {\n            var Hashed = SHA1.ComputeHash(messageBytes);\n            strSignature = Convert.ToBase64String(Hashed);\n        }\n\n        return strSignature;\n    }\n

Run Code Online (Sandbox Code Playgroud)\n

Answer 2

Jim*_*ell 3

有一个类型 oauth_vesrion 应该是 oauth_version

归档时间：	9 年，10 月前
查看次数：	10174 次
最近记录：	4 年，9 月前