無法驗證oauth簽名和令牌 - 生成OAuth令牌的問題

Question

我一直在尋求在SF上的OAuth站點&上創建簽名，但是我創建了我的簽名我總是得到相同的錯誤，任何想法我做錯了這裏？

Error: Failed to validate oauth signature and token 

我有一個工作程序舊其餘API，所以我知道我的問題是不是與我的應用程序或服務器等

<?php 
function Post_Data($url,$data,$header){ 
    $ch = curl_init(); 
    curl_setopt($ch, CURLOPT_URL, $url); 
    curl_setopt($ch, CURLOPT_POST, 1); 
    curl_setopt($ch, CURLOPT_POSTFIELDS,$data); 
    curl_setopt($ch, CURLOPT_HTTPHEADER, $header); 
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
    $result = curl_exec($ch); 
    curl_close($ch); 
    return $result; 
    } 
// Get OAuth Token 
$consumer_key = "hidden"; 
$consumer_secret = "hidden"; 
$request_url = "http://api.twitter.com/oauth/request_token"; 
$callback = "http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF']; 
$nonce = md5(time()); 
$timestamp = time(); 
$data = array(
    "oauth_callback" => $callback, 
    "oauth_consumer_key" => $consumer_key, 
    "oauth_nonce" => $nonce, 
    "oauth_signature_method" => "HMAC-SHA1", 
    "oauth_timestamp" => $timestamp, 
    "oauth_version" => "1.0" 
    ); 
$post_string = ''; 
foreach($data as $key => $value){ 
    $post_string .= $key.'='.($value).'&'; 
    } 
$post_string = rtrim($post_string, '&'); 
$base_string = 'GET&'.urlencode($request_url).'&'.urlencode($post_string); 
$data["oauth_signature"] = base64_encode(hash_hmac('sha1', $base_string, $consumer_secret, true)); 
$header = array("Expect:"); 
$content = Post_Data($request_url,$data,$header); 
print_r($content); 
?> 

Answer 1

也可能是你的服務器的時鐘？ http://blainegarrett.com/2009/07/14/failed-to-validate-oauth-signature-and-token-on-twitter-oauth-check-your-cloc/

Answer 2

也許您應該刪除「oauth_callback」並重試。

這是我的代碼

class Twitter 
{ 
    private $CALLBACK_URL = 'http://your_site'; 

    private $REQUEST_TOKEN_URL = 'https://api.twitter.com/oauth/request_token'; 
    private $ACCESS_TOKEN_URL = 'https://api.twitter.com/oauth/access_token'; 
    private $AUTHORIZE_URL = 'https://api.twitter.com/oauth/authorize'; 

    private $consumer_key = 'your_key'; 
    private $consumer_secret = 'your_secret'; 
    private $access_token = 'your_token'; // oauth_token 
    private $access_token_secret = 'your_token_secret'; 

    private $token_secret = ''; 

    private $method = 'POST'; // [HEAD, GET, POST] 
    private $params = array(); 

    public function get_request_token() { 
     //$this->params['oauth_callback'] = $this->CALLBACK_URL; // Something worng with this "Failed to validate oauth signature and token", God dammit... 
     $this->params['oauth_consumer_key'] = $this->consumer_key; 
     $this->params['oauth_nonce'] = md5(uniqid('prefix')); 
     $this->params['oauth_signature_method'] = 'HMAC-SHA1'; // [HMAC-SHA1, RSA-SHA1, PLAINTEXT] 
     $this->params['oauth_timestamp'] = time(); 
     $this->params['oauth_version'] = '1.0'; // [1.0, 1.1] *Optional 

     $this->params['oauth_signature'] = $this->HMAC_SHA1(); 

     $headers = array(); 
     ksort($this->params); 
     foreach($this->params as $k => $v){ 
      $headers[] = $this->RFC3986($k).'="'.$this->RFC3986($v).'"'; 
     } 

     $c = curl_init(); 
     curl_setopt($c, CURLOPT_URL, $this->REQUEST_TOKEN_URL); 
     curl_setopt($c, CURLOPT_POST, true); 
     curl_setopt($c, CURLOPT_HTTPHEADER, array('Authorization: OAuth '.implode(', ', $headers))); 
     curl_setopt($c, CURLOPT_RETURNTRANSFER, true); 

     $result = curl_exec($c); // if(CURLOPT_RETURNTRANSFER == true){ return "Result" or FALSE }else{ return TRUE or FALSE } 
     curl_close($c); 

     return $result; 
    } 

    private function HMAC_SHA1() { 
     $text = $this->get_signature_base_string(); 
     $key = $this->RFC3986($this->consumer_secret).'&'.$this->RFC3986($this->token_secret); 

     if(function_exists('hash_hmac')){ 
      $signature = base64_encode(hash_hmac('sha1', $text, $key, true)); 
     }else{ 
      $blocksize = 64; 
      $hashfunc = 'sha1'; 
      if(strlen($key) > $blocksize){ 
       $key = pack('H*', $hashfunc($key)); 
      } 
      $key = str_pad($key, $blocksize, chr(0x00)); 
      $ipad = str_repeat(chr(0x36), $blocksize); 
      $opad = str_repeat(chr(0x5c), $blocksize); 
      $hmac = pack('H*', $hashfunc(($key^$opad).pack('H*', $hashfunc(($key^$ipad).$base_string)))); 
      $signature = base64_encode($hmac); 
     } 

     return $signature; 
    } 

    private function get_signature_base_string() { 
     $base = array(
      strtoupper($this->method), 
      $this->RFC3986($this->REQUEST_TOKEN_URL), 
      $this->RFC3986($this->get_normalized_params()) 
     ); 

     return implode('&', $base); 
    } 

    private function RFC3986($str) { 
     return str_replace('+', ' ', str_replace('%7E', '~', rawurlencode(($str)))); 
    } 

    private function get_normalized_params() { 
     $normalized = array(); 

     ksort($this->params); 
     foreach($this->params as $k => $v){ 
      if($k != 'oauth_signature'){ 
       $normalized[] = $k.'='.$v; 
      } 
     } 

     return implode('&', $normalized); 
    } 
} 

$T = new Twitter(); 
echo $T->get_request_token();