1. 首頁
  2. 問答
  3. Twitter的OAuth與WinJS

Twitter的OAuth與WinJS

2013-06-03 70 views
1

嘗試通過我的Windows 8應用程序超過一週的Twitter驗證,但沒有成功。Twitter的OAuth與WinJS

我的應用程序被註冊在Twitter和它應該能夠讀,寫和登錄。

我想我已經嘗試在Twitter的文檔,所有的描述,但沒有任何工程。猜猜問題出在我身上,但找不到它。

我總是得到403禁止的迴應。

我的代碼:

function getTwitterCredentials() { 

    WinJS.xhr({ 
     type:"get", 
     url: "https://api.twitter.com/oauth/authenticate", 
     headers: { 
      consumerKey: "ZSNRXXXXXXXXX", 
      userKey: "GVknHzXXXXXXXXXXXXXXXXXXX", 
      Authorization: "OAuth", 
      oauth_consumer_key: "ZSNRtXXXXXXXXXXXXX", 
      oauth_nonce: "b7efbXXXXXXXXXXXXXXXx", 
      oauth_signature: "23zb0XXXXXXXXXXXXXXx", 
      oauth_signature_method: "HMAC-SHA1", 
      oauth_timestamp: "1368555677", 
      oauth_token: "1408XXXXXXXXXXXXXXXXXXXXXXXXXXXXx", 
      oauth_version: "1.0" 
     } 
    }).done(function (response) { 
     //it it works here some will be some action 
    }, function error(response) { 
     console.log(response.status); 
    }); 
}

有人有經驗白衣這個問題?

感謝馬洛

來源

2013-06-03 Marlowe

+0

你試過[web認證樣品(http://code.msdn.microsoft.com/windowsapps/Web-Authentication-d0485122) - 它的場景在Twitter登錄 – Sushil

回答

1

下面是一些演示JS代碼我從現有的樣本略作修改我們從OAuth網絡身份驗證代理網站Win8的演示。搜索'oob'查看我的更改,但它們很小。

此外,Linq to Twitter項目非常棒,所以可能要考慮檢查一下,並且可能會更容易一些。它自動處理auth,不需要輸入令牌響應。


//// THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF 
//// ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO 
//// THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A 
//// PARTICULAR PURPOSE. 
//// 
//// Copyright (c) Microsoft Corporation. All rights reserved 

(function() { 
    "use strict"; 
    var page = WinJS.UI.Pages.define("/html/oAuthTwitter.html", { 
     ready: function (element, options) { 
      document.getElementById("oAuthTwitterLaunch").addEventListener("click", launchTwitterWebAuth, false); 
      //did read that this is required for oAuth in a win8 app, however twitter uses 'oob' for a desktop app's callback url. 
      //in fact your app will show it. 
      //var endURI = Windows.Security.Authentication.Web.WebAuthenticationBroker.getCurrentApplicationCallbackUri(); 
      //document.getElementById("TwitterCallbackURL").innerText = endURI.displayUri; 
     } 
    }); 

    function sendRequest(url) { 
     try { 
      var request = new XMLHttpRequest(); 
      request.open("GET", url, false); 
      request.send(null); 
      return request.responseText; 
     } catch (err) { 
      WinJS.log("Error sending request: " + err, "Web Authentication SDK Sample", "error"); 
     } 
    } 

    function sendPostRequest(url, authzheader) { 
     try { 
      var request = new XMLHttpRequest(); 
      request.open("POST", url, false); 
      request.setRequestHeader("Authorization", authzheader); 
      request.send(null); 
      if (request.status != "200") { 
       console.log(request); 
      } 
      return request.responseText; 
     } catch (err) { 
      WinJS.log("Error sending request: " + err, "Web Authentication SDK Sample", "error");    
     } 
    } 

    function isValidUriString(uriString) { 
     var uri = null; 
     try { 
      uri = new Windows.Foundation.Uri(uriString); 
     } 
     catch (err) { 
     } 
     return uri !== null; 
    } 

    var authzInProgress = false; 

    function launchTwitterWebAuth() { 
     var twitterURL = "https://api.twitter.com/oauth/request_token"; 

     // Get all the parameters from the user 
     var clientID = document.getElementById("TwitterClientID").value; 
     if (clientID === null || clientID === "") { 
      WinJS.log("Please enter a ClientID for Twitter App", "Web Authentication SDK Sample", "error");    
      return; 
     } 

     var clientSecret = document.getElementById("TwitterSecret").value; 
     if (clientSecret === null || clientSecret === "") { 
      WinJS.log("Please enter a Secret for Twitter App", "Web Authentication SDK Sample", "error");    
      return; 
     } 

     var callbackURL = document.getElementById("TwitterCallbackURL").value; 
     //if (!isValidUriString(callbackURL)) { 
     // WinJS.log("Please enter a Callback URL for Twitter", "Web Authentication SDK Sample", "error");    
     // return; 
     //} 

     if (authzInProgress) { 
      document.getElementById("TwitterDebugArea").value += "\r\nAuthorization already in Progress ..."; 
      return; 
     } 

     // Acquiring a request token 
     var timestamp = Math.round(new Date().getTime()/1000.0); 
     var nonce = Math.random(); 
     nonce = Math.floor(nonce * 1000000000); 

     // Compute base signature string and sign it. 
     // This is a common operation that is required for all requests even after the token is obtained. 
     // Parameters need to be sorted in alphabetical order 
     // Keys and values should be URL Encoded. 
     var sigBaseStringParams = "oauth_callback=" + encodeURIComponent(callbackURL); 
     sigBaseStringParams += "&" + "oauth_consumer_key=" + clientID; 
     sigBaseStringParams += "&" + "oauth_nonce=" + nonce; 
     sigBaseStringParams += "&" + "oauth_signature_method=HMAC-SHA1"; 
     sigBaseStringParams += "&" + "oauth_timestamp=" + timestamp; 
     sigBaseStringParams += "&" + "oauth_version=1.0"; 
     var sigBaseString = "POST&"; 
     sigBaseString += encodeURIComponent(twitterURL) + "&" + encodeURIComponent(sigBaseStringParams); 

     var keyText = clientSecret + "&"; 
     var keyMaterial = Windows.Security.Cryptography.CryptographicBuffer.convertStringToBinary(keyText, Windows.Security.Cryptography.BinaryStringEncoding.Utf8); 
     var macAlgorithmProvider = Windows.Security.Cryptography.Core.MacAlgorithmProvider.openAlgorithm("HMAC_SHA1"); 
     var key = macAlgorithmProvider.createKey(keyMaterial); 
     var tbs = Windows.Security.Cryptography.CryptographicBuffer.convertStringToBinary(sigBaseString, Windows.Security.Cryptography.BinaryStringEncoding.Utf8); 
     var signatureBuffer = Windows.Security.Cryptography.Core.CryptographicEngine.sign(key, tbs); 
     var signature = Windows.Security.Cryptography.CryptographicBuffer.encodeToBase64String(signatureBuffer); 
     var dataToPost = "OAuth oauth_callback=\"" + encodeURIComponent(callbackURL) + "\", oauth_consumer_key=\"" + clientID + "\", oauth_nonce=\"" + nonce + "\", oauth_signature_method=\"HMAC-SHA1\", oauth_timestamp=\"" + timestamp + "\", oauth_version=\"1.0\", oauth_signature=\"" + encodeURIComponent(signature) + "\""; 
     var response = sendPostRequest(twitterURL, dataToPost); 
     var oauth_token; 
     var oauth_token_secret; 
     var keyValPairs = response.split("&"); 

     for (var i = 0; i < keyValPairs.length; i++) { 
      var splits = keyValPairs[i].split("="); 
      switch (splits[0]) { 
       case "oauth_token": 
        oauth_token = splits[1]; 
        break; 
       case "oauth_token_secret": 
        oauth_token_secret = splits[1]; 
        break; 
      } 
     } 

     document.getElementById("TwitterDebugArea").value += "\r\nOAuth Token = " + oauth_token; 
     document.getElementById("TwitterDebugArea").value += "\r\nOAuth Token Secret = " + oauth_token_secret; 

     // Send the user to authorization 
     twitterURL = "https://api.twitter.com/oauth/authorize?oauth_token=" + oauth_token; 

     document.getElementById("TwitterDebugArea").value += "\r\nNavigating to: " + twitterURL + "\r\n"; 
     var startURI = new Windows.Foundation.Uri(twitterURL); 
     //var endURI = new Windows.Foundation.Uri(callbackURL); 
     //we use 'oob' in the request_auth, but now for authorize, we use the apps URI. 
     var endURI = Windows.Security.Authentication.Web.WebAuthenticationBroker.getCurrentApplicationCallbackUri(); 
     authzInProgress = true; 
     Windows.Security.Authentication.Web.WebAuthenticationBroker.authenticateAsync(
      Windows.Security.Authentication.Web.WebAuthenticationOptions.none, startURI, endURI) 
      .done(function (result) { 
       document.getElementById("TwitterReturnedToken").value = result.responseData; 
       document.getElementById("TwitterDebugArea").value += "Status returned by WebAuth broker: " + result.responseStatus + "\r\n"; 
       if (result.responseStatus === Windows.Security.Authentication.Web.WebAuthenticationStatus.errorHttp) { 
        document.getElementById("TwitterDebugArea").value += "Error returned: " + result.responseErrorDetail + "\r\n"; 
       } 
       authzInProgress = false; 
      }, function (err) { 
       WinJS.log("Error returned by WebAuth broker: " + err, "Web Authentication SDK Sample", "error"); 
       document.getElementById("TwitterDebugArea").value += " Error Message: " + err.message + "\r\n"; 
       authzInProgress = false; 
      }); 
    } 
})();

來源

2013-06-03 19:35:40

+0

嗨亞當,這看起來。喜歡偉大的東西。 但我有點困惑。我得到了一個consumer_key,但是客戶的祕密是什麼?在win 8應用程序中,回調url是什麼? – Marlowe

+0

在Win 8應用程序中成功驗證的關鍵似乎是將回調URL設置爲「oob」。然後可以發送用戶授權請求。 – Marlowe

+1

對於那些來到這裏,我現在只使用這個庫:https://github.com/cauld/winjs-oauth-for-twitter –

相關問題

 相關問題