C# 在C中生成OAuth1签名#
我有个大问题。我在C#中使用UWP Windows 10应用程序,我想使用OAuth 1 一切都差不多,但签名是错的。但是,我在MicrosoftGithub上找到了示例代码。显然,我做了一些修改 我的代码:C# 在C中生成OAuth1签名#,c#,windows,oauth,signature,C#,Windows,Oauth,Signature,我有个大问题。我在C#中使用UWP Windows 10应用程序,我想使用OAuth 1 一切都差不多,但签名是错的。但是,我在MicrosoftGithub上找到了示例代码。显然,我做了一些修改 我的代码: private async Task GoCo() { String LifeInvaderUrl = "http://stage.api.lolilolz.be/v8/login"; string timeStamp = GetTimeStamp();
private async Task GoCo()
{
String LifeInvaderUrl = "http://stage.api.lolilolz.be/v8/login";
string timeStamp = GetTimeStamp();
string nonce = GetNonce();
string consumerKey = "noob-stage";
string consumerSecret = "TOPSECRETxxXXxx";
string SigBaseStringParams = "oauth_consumer_key=" + consumerKey;
SigBaseStringParams += "&" + "oauth_signature_method=HMAC-SHA1";
SigBaseStringParams += "&" + "oauth_timestamp=" + timeStamp;
SigBaseStringParams += "&" + "oauth_nonce=" + nonce;
SigBaseStringParams += "&" + "oauth_version=1.0";
string SigBaseString = "POST&";
SigBaseString += Uri.EscapeDataString(LifeInvaderUrl) + "&" + Uri.EscapeDataString(SigBaseStringParams);
String Signature = GetSignature(SigBaseString, consumerSecret);
string authorizationHeaderParams = "oauth_consumer_key=\"" + consumerKey + "\", oauth_signature_method=\"HMAC-SHA1\", oauth_timestamp=\"" + timeStamp + "\", oauth_nonce=\"" + nonce + "\", oauth_vesrion=\"1.0\", oauth_signature=\"" + Uri.EscapeDataString(Signature)+ "\"";
HttpClient httpClient = new HttpClient();
//...
}
string GetSignature(string sigBaseString, string consumerSecretKey)
{
IBuffer KeyMaterial = CryptographicBuffer.ConvertStringToBinary(consumerSecretKey + "&", BinaryStringEncoding.Utf8);
MacAlgorithmProvider HmacSha1Provider = MacAlgorithmProvider.OpenAlgorithm("HMAC_SHA1");
CryptographicKey MacKey = HmacSha1Provider.CreateKey(KeyMaterial);
IBuffer DataToBeSigned = CryptographicBuffer.ConvertStringToBinary(sigBaseString, BinaryStringEncoding.Utf8);
IBuffer SignatureBuffer = CryptographicEngine.Sign(MacKey, DataToBeSigned);
string Signature = CryptographicBuffer.EncodeToBase64String(SignatureBuffer);
return Signature;
}
提前感谢:)有一种类型oauth\u vesrion应该是oauth\u版本您的签名基础参数出现故障。这些值按其编码名称排序,如果相等,则按其编码值排序。因此,您的SigBaseStringParams应该如下所示:
string SigBaseStringParams = "oauth_consumer_key=" + consumerKey;
SigBaseStringParams += "&" + "oauth_nonce=" + nonce;
SigBaseStringParams += "&" + "oauth_signature_method=HMAC-SHA1";
SigBaseStringParams += "&" + "oauth_timestamp=" + timeStamp;
SigBaseStringParams += "&" + "oauth_version=1.0";
基本字符串参数的顺序不正确。对于OAuth 1.0,需要对其进行排序。我已经创建了用于创建基字符串的通用函数。你可以用这个
` private static string GetSignatureBaseString(string strUrl, string TimeStamp,
string Nonce, string strConsumer, string strOauthToken, SortedDictionary<string, string> data)
{
//1.Convert the HTTP Method to uppercase and set the output string equal to this value.
string Signature_Base_String = "POST";
Signature_Base_String = Signature_Base_String.ToUpper();
//2.Append the ‘&’ character to the output string.
Signature_Base_String = Signature_Base_String + "&";
//3.Percent encode the URL and append it to the output string.
string PercentEncodedURL = Uri.EscapeDataString(strUrl);
Signature_Base_String = Signature_Base_String + PercentEncodedURL;
//4.Append the ‘&’ character to the output string.
Signature_Base_String = Signature_Base_String + "&";
//5.append OAuth parameter string to the output string.
var parameters = new SortedDictionary<string, string>
{
{"oauth_consumer_key", strConsumer},
{ "oauth_token", strOauthToken },
{"oauth_signature_method", "HMAC-SHA1"},
{"oauth_timestamp", TimeStamp},
{"oauth_nonce", Nonce},
{"oauth_version", "1.0"}
};
//6.append parameter string to the output string.
foreach (KeyValuePair<string, string> elt in data)
{
parameters.Add(elt.Key, elt.Value);
}
bool first = true;
foreach (KeyValuePair<string, string> elt in parameters)
{
if (first)
{
Signature_Base_String = Signature_Base_String + Uri.EscapeDataString(elt.Key + "=" + elt.Value);
first = false;
}
else
{
Signature_Base_String = Signature_Base_String + Uri.EscapeDataString("&" + elt.Key + "=" + elt.Value);
}
}
return Signature_Base_String;
}
公共静态字典ParseQueryString(字符串queryString)
{
var nvc=HttpUtility.ParseQueryString(queryString);
返回nvc.AllKeys.ToDictionary(k=>k,k=>nvc[k]);
}
公共静态字符串CreateQueryString(字典参数)
{
返回string.Join(“&”,parameters.Select(kvp=>
string.Format(“{0}={1}”,kvp.Key,HttpUtility.UrlEncode(kvp.Value));
}
私有字符串CreateOauthSignature(字符串资源URL、CustomMethod方法、字符串oauthNonce、字符串oauthTimestamp)
{
//首先,我们需要将标准oauth参数添加到排序列表中
SortedDictionary requestParameters=新的SortedDictionary();
添加(“oauth_consumer_key”,ConsumerKey);
Add(“oauth_nonce”,oauthNonce);
添加(“oauth\u签名\u方法”,OauthSignatureMethod);
Add(“oauth_timestamp”,oauthTimestamp);
Add(“oauth_令牌”,AccessToken);
添加(“oauth_版本”,OauthVersion);
stringurl=string.Empty;
if(resourceUrl.Contains(“?”)
{
var queryParam=resourceUrl.Substring((resourceUrl.IndexOf(“?”)+1));
var list=ParseQueryString(queryParam);
var queryString=CreateQueryString(列表);
url=resourceUrl.Replace(resourceUrl.Substring(resourceUrl.IndexOf(“?”),”);
foreach(列表中的变量项)
requestParameters.Add(item.Key,item.Value);
}
var sigBaseString=requestParameters.towerbstring();
var signatureBaseString=string.Concat
(method.ToString(),“&”,Uri.EscapeDataString(url),“&”,
EscapeDataString(sigBaseString.ToString());
//方法是指请求类型,例如GET、POST
//使用这个基本字符串,然后使用
//密钥和HMAC-SHA1算法。
var compositeKey=string.Concat(Uri.EscapeDataString(ConsumerKeySecret),“&”,
EscapeDataString(AccessTokenSecret));
字符串签名;
使用(var hasher=new HMACSHA1(Encoding.ASCII.GetBytes(compositeKey)))
{
oauthSignature=Convert.tobase64字符串(
ComputeHash(Encoding.ASCII.GetBytes(SignatureBasString));
}
返回签名;
}
private static string GetSha1Hash(string key, string base)
{
var encoding = new System.Text.ASCIIEncoding();
byte[] keyBytes = encoding.GetBytes(key);
byte[] messageBytes = encoding.GetBytes(base);
string strSignature = string.Empty;
using (HMACSHA1 SHA1 = new HMACSHA1(keyBytes))
{
var Hashed = SHA1.ComputeHash(messageBytes);
strSignature = Convert.ToBase64String(Hashed);
}
return strSignature;
}
public static Dictionary<string, string> ParseQueryString(string queryString)
{
var nvc = HttpUtility.ParseQueryString(queryString);
return nvc.AllKeys.ToDictionary(k => k, k => nvc[k]);
}
public static string CreateQueryString(Dictionary<string, string> parameters)
{
return string.Join("&", parameters.Select(kvp =>
string.Format("{0}={1}", kvp.Key, HttpUtility.UrlEncode(kvp.Value))));
}
private string CreateOauthSignature(string resourceUrl, CustomMethod method, string oauthNonce, string oauthTimestamp)
{
//firstly we need to add the standard oauth parameters to the sorted list
SortedDictionary<string, string> requestParameters = new SortedDictionary<string, string>();
requestParameters.Add("oauth_consumer_key", ConsumerKey);
requestParameters.Add("oauth_nonce", oauthNonce);
requestParameters.Add("oauth_signature_method", OauthSignatureMethod);
requestParameters.Add("oauth_timestamp", oauthTimestamp);
requestParameters.Add("oauth_token", AccessToken);
requestParameters.Add("oauth_version", OauthVersion);
string url = string.Empty;
if (resourceUrl.Contains("?"))
{
var queryParam = resourceUrl.Substring((resourceUrl.IndexOf("?") + 1));
var list = ParseQueryString(queryParam);
var queryString = CreateQueryString(list);
url = resourceUrl.Replace(resourceUrl.Substring(resourceUrl.IndexOf("?")), "");
foreach (var item in list)
requestParameters.Add(item.Key, item.Value);
}
var sigBaseString = requestParameters.ToWebString();
var signatureBaseString = string.Concat
(method.ToString(), "&", Uri.EscapeDataString(url), "&",
Uri.EscapeDataString(sigBaseString.ToString()));
// method refers to request type e.g. GET,POST
//Using this base string, we then encrypt the data using a composite of the
//secret keys and the HMAC-SHA1 algorithm.
var compositeKey = string.Concat(Uri.EscapeDataString(ConsumerKeySecret), "&",
Uri.EscapeDataString(AccessTokenSecret));
string oauthSignature;
using (var hasher = new HMACSHA1(Encoding.ASCII.GetBytes(compositeKey)))
{
oauthSignature = Convert.ToBase64String(
hasher.ComputeHash(Encoding.ASCII.GetBytes(signatureBaseString)));
}
return oauthSignature;
}