获取用Java或Groovy填充的有效oauth_signature的绝对最小代码?

所以我正在测试Rest OAuth实现。 我的测试工具将发送HTTP请求,但我需要准备Authorization标头。

我需要的是:我想要一个有效的授权标题

我拥有:除了oauth_signature之外的所有标题我还有2个秘密,即token_secret和consumer_secret。 我也拥有access_token。 所以它真的归结为,必须签署这个请求。 我怎么做?

简介 :我只需要为RESTful服务填充Authorization标头的oauth_signature部分。 我该怎么做?

基本上: 

oAuthHeader="OAuth"; oAuthHeader=oAuthHeader+" oauth_signature_method="+oauth_signature_method; oAuthHeader=oAuthHeader+",oauth_version="+oauth_version; oAuthHeader=oAuthHeader+",oauth_nonce="+oauth_nonce; oAuthHeader=oAuthHeader+",oauth_timestamp="+oauth_timestamp; oAuthHeader=oAuthHeader+",oauth_consumer_key="+oauth_consumer_key; oAuthHeader=oAuthHeader+",oauth_token="+oauth_token; oAuthHeader=oAuthHeader+",oauth_signature="+**oauth_signature**; Authorization = oAuthHeader;

我的问题是我没有oauth_signature部分。 我不知道如何得到它。 请帮助?

这是我的Flickr OAuth代码。 注意:我参考了SignPost的一些逻辑。 生成签名真的很棘手……好的。 这只是生成“oauth_signature”的一个示例 

 package oauthflickr; import java.io.IOException; import java.io.InputStream; import java.io.UnsupportedEncodingException; import java.net.URI; import java.net.URISyntaxException; import java.net.URLEncoder; import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.util.ArrayList; import java.util.List; import javax.crypto.Mac; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; import org.apache.commons.codec.binary.Base64; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; import org.apache.http.NameValuePair; import org.apache.http.client.ClientProtocolException; import org.apache.http.client.HttpClient; import org.apache.http.client.methods.HttpGet; import org.apache.http.client.utils.URIUtils; import org.apache.http.client.utils.URLEncodedUtils; import org.apache.http.impl.client.DefaultHttpClient; import org.apache.http.message.BasicNameValuePair; /** * a simple program to get flickr token and token secret. * * @author Mark Zang * */ public class OAuthForFlickr { private static String key = "_________________________"; private static String secret = "___________"; private static final String HMAC_SHA1 = "HmacSHA1"; private static final String ENC = "UTF-8"; private static Base64 base64 = new Base64(); /** * * @param url * the url for "request_token" URLEncoded. * @param params * parameters string, URLEncoded. * @return * @throws UnsupportedEncodingException * @throws NoSuchAlgorithmException * @throws InvalidKeyException */ private static String getSignature(String url, String params) throws UnsupportedEncodingException, NoSuchAlgorithmException, InvalidKeyException { /** * base has three parts, they are connected by "&": 1) protocol 2) URL * (need to be URLEncoded) 3) Parameter List (need to be URLEncoded). */ StringBuilder base = new StringBuilder(); base.append("GET&"); base.append(url); base.append("&"); base.append(params); System.out.println("Stirng for oauth_signature generation:" + base); // yea, don't ask me why, it is needed to append a "&" to the end of // secret key. byte[] keyBytes = (secret + "&").getBytes(ENC); SecretKey key = new SecretKeySpec(keyBytes, HMAC_SHA1); Mac mac = Mac.getInstance(HMAC_SHA1); mac.init(key); // encode it, base64 it, change it to string and return. return new String(base64.encode(mac.doFinal(base.toString().getBytes( ENC))), ENC).trim(); } /** * @param args * @throws IOException * @throws ClientProtocolException * @throws URISyntaxException * @throws NoSuchAlgorithmException * @throws InvalidKeyException */ public static void main(String[] args) throws ClientProtocolException, IOException, URISyntaxException, InvalidKeyException, NoSuchAlgorithmException { HttpClient httpclient = new DefaultHttpClient(); List qparams = new ArrayList(); // These params should ordered in key qparams.add(new BasicNameValuePair("oauth_callback", "oob")); qparams.add(new BasicNameValuePair("oauth_consumer_key", key)); qparams.add(new BasicNameValuePair("oauth_nonce", "" + (int) (Math.random() * 100000000))); qparams.add(new BasicNameValuePair("oauth_signature_method", "HMAC-SHA1")); qparams.add(new BasicNameValuePair("oauth_timestamp", "" + (System.currentTimeMillis() / 1000))); qparams.add(new BasicNameValuePair("oauth_version", "1.0")); // generate the oauth_signature String signature = getSignature(URLEncoder.encode( "http://www.flickr.com/services/oauth/request_token", ENC), URLEncoder.encode(URLEncodedUtils.format(qparams, ENC), ENC)); // add it to params list qparams.add(new BasicNameValuePair("oauth_signature", signature)); // generate URI which lead to access_token and token_secret. URI uri = URIUtils.createURI("http", "www.flickr.com", -1, "/services/oauth/request_token", URLEncodedUtils.format(qparams, ENC), null); System.out.println("Get Token and Token Secrect from:" + uri.toString()); HttpGet httpget = new HttpGet(uri); // output the response content. System.out.println("oken and Token Secrect:"); HttpResponse response = httpclient.execute(httpget); HttpEntity entity = response.getEntity(); if (entity != null) { InputStream instream = entity.getContent(); int len; byte[] tmp = new byte[2048]; while ((len = instream.read(tmp)) != -1) { System.out.println(new String(tmp, 0, len, ENC)); } } } }
Interesting Posts

如何在Java或Groovy中获取许多语言的数字的序数后缀

有没有办法编译隐藏源代码?

如何在Java / Groovy中将InputStream转换为BufferedImage?

在运行时从Java编译和使用Groovy类?

Gradle – Groovy和Java类依赖 – 编译

使用Groovy解压缩存档

如何在Groovy中设置final字段

部署Grails应用程序时出错 – 初学者

Maven Groovy和Java + Lombok

groovy(grails)会像java一样给你编译时检查吗?