使用java的WooCommerce Api身份验证错误
我在连接WooCommerce API()时遇到问题。我成功地使用java程序生成了签名,并在linked in控制台(如WooCommerce文档中所示)上检查了生成的签名是否有任何差异,但在linked in和java output控制台上生成的签名是相同的 我们的工作过程如下所述: 1.我们使用java程序,借助签名基字符串和密钥生成签名。签名基字符串如下所示:使用java的WooCommerce Api身份验证错误,java,wordpress,api,woocommerce,woothemes,Java,Wordpress,Api,Woocommerce,Woothemes,我在连接WooCommerce API()时遇到问题。我成功地使用java程序生成了签名,并在linked in控制台(如WooCommerce文档中所示)上检查了生成的签名是否有任何差异,但在linked in和java output控制台上生成的签名是相同的 我们的工作过程如下所述: 1.我们使用java程序,借助签名基字符串和密钥生成签名。签名基字符串如下所示: GET&http%3A%2F%2FEndPointURL%2Fwc-api%2Fv2%2Forders&oa
GET&http%3A%2F%2FEndPointURL%2Fwc-api%2Fv2%2Forders&oauth_consumer_key%3D%26oauth_nonce%3D70810941%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1433226349%26oauth_version%3D1.0
{"errors":[{"code":"woocommerce_api_authentication_error","message":"Invalid Signature - provided signature does not match"}]}
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URLEncoder;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.List;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIUtils;
import org.apache.http.client.utils.URLEncodedUtils;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;
public class OAuthForWooCommerce {
private static String key = "consumer_Key";
private static String secret = "consumer_Secret";
private static final String HMAC_SHA1 = "HmacSHA1";
private static final String ENC = "UTF-8";
private static Base64 base64 = new Base64();
private static String getSignature(String url, String params)
throws UnsupportedEncodingException, NoSuchAlgorithmException,
InvalidKeyException {
/**
* base has three parts, they are connected by "&": 1) protocol 2) URL
* (need to be URLEncoded) 3) Parameter List (need to be URLEncoded).
*/
StringBuilder base = new StringBuilder();
base.append("GET&");
base.append(url);
base.append("&");
base.append(params);
System.out.println("String for oauth_signature generation:" + base);
// yea, don't ask me why, it is needed to append a "&" to the end of
// secret key.
byte[] keyBytes = (secret + "&").getBytes(ENC);
SecretKey key = new SecretKeySpec(keyBytes, HMAC_SHA1);
Mac mac = Mac.getInstance(HMAC_SHA1);
mac.init(key);
// encode it, base64 it, change it to string and return.
return new String(base64.encode(mac.doFinal(base.toString().getBytes(
ENC))), ENC).trim();
}
public static void main(String[] args) throws ClientProtocolException,
IOException, URISyntaxException, InvalidKeyException,
NoSuchAlgorithmException {
System.out.println("*** Welcome to WooCommerce Klipfolio integration Wizard ***");
HttpClient httpclient = new DefaultHttpClient();
List<NameValuePair> qparams = new ArrayList<NameValuePair>();
// These params should ordered in key
//qparams.add(new BasicNameValuePair("oauth_callback", "oob"));
qparams.add(new BasicNameValuePair("oauth_consumer_key", key));
String nonce = RandomStringUtils.randomAlphanumeric(32);
//String nonce2 = URLEncoder.encode(nonce1, "UTF-8");
qparams.add(new BasicNameValuePair("oauth_nonce", nonce));
//qparams.add(new BasicNameValuePair("oauth_nonce", ""+ (int) (Math.random() * 100000000)));
qparams.add(new BasicNameValuePair("oauth_signature_method",
"HMAC-SHA1"));
qparams.add(new BasicNameValuePair("oauth_timestamp", ""
+ (System.currentTimeMillis() / 1000)));
qparams.add(new BasicNameValuePair("oauth_version", "1.0"));
// generate the oauth_signature
String signature = getSignature(URLEncoder.encode(
"http://MY_END_URL/wc-api/v2/orders", ENC),
URLEncoder.encode(URLEncodedUtils.format(qparams, ENC), ENC));
System.out.println("Getting Oauth Signature...");
// add it to params list
qparams.add(new BasicNameValuePair("oauth_signature", signature));
// generate URI which lead to access_token and token_secret.
URI uri = URIUtils.createURI("http", "MY_END _URL", -1,
"wc-api/v2/orders",
URLEncodedUtils.format(qparams, ENC), null);
System.out.println("Connecting to the URL : \n"
+ uri.toString());
HttpGet httpget = new HttpGet(uri);
// output the response content.
System.out.println("Getting Response from the server :");
HttpResponse response = httpclient.execute(httpget);
HttpEntity entity = response.getEntity();
if (entity != null) {
InputStream instream = entity.getContent();
int len;
byte[] tmp = new byte[2048];
while ((len = instream.read(tmp)) != -1) {
System.out.println(new String(tmp, 0, len, ENC));
}
}
}
}
{"errors":[{"code":"woocommerce_api_authentication_error","message":"Invalid Signature - provided signature does not match"}]}
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URLEncoder;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.List;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIUtils;
import org.apache.http.client.utils.URLEncodedUtils;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;
public class OAuthForWooCommerce {
private static String key = "consumer_Key";
private static String secret = "consumer_Secret";
private static final String HMAC_SHA1 = "HmacSHA1";
private static final String ENC = "UTF-8";
private static Base64 base64 = new Base64();
private static String getSignature(String url, String params)
throws UnsupportedEncodingException, NoSuchAlgorithmException,
InvalidKeyException {
/**
* base has three parts, they are connected by "&": 1) protocol 2) URL
* (need to be URLEncoded) 3) Parameter List (need to be URLEncoded).
*/
StringBuilder base = new StringBuilder();
base.append("GET&");
base.append(url);
base.append("&");
base.append(params);
System.out.println("String for oauth_signature generation:" + base);
// yea, don't ask me why, it is needed to append a "&" to the end of
// secret key.
byte[] keyBytes = (secret + "&").getBytes(ENC);
SecretKey key = new SecretKeySpec(keyBytes, HMAC_SHA1);
Mac mac = Mac.getInstance(HMAC_SHA1);
mac.init(key);
// encode it, base64 it, change it to string and return.
return new String(base64.encode(mac.doFinal(base.toString().getBytes(
ENC))), ENC).trim();
}
public static void main(String[] args) throws ClientProtocolException,
IOException, URISyntaxException, InvalidKeyException,
NoSuchAlgorithmException {
System.out.println("*** Welcome to WooCommerce Klipfolio integration Wizard ***");
HttpClient httpclient = new DefaultHttpClient();
List<NameValuePair> qparams = new ArrayList<NameValuePair>();
// These params should ordered in key
//qparams.add(new BasicNameValuePair("oauth_callback", "oob"));
qparams.add(new BasicNameValuePair("oauth_consumer_key", key));
String nonce = RandomStringUtils.randomAlphanumeric(32);
//String nonce2 = URLEncoder.encode(nonce1, "UTF-8");
qparams.add(new BasicNameValuePair("oauth_nonce", nonce));
//qparams.add(new BasicNameValuePair("oauth_nonce", ""+ (int) (Math.random() * 100000000)));
qparams.add(new BasicNameValuePair("oauth_signature_method",
"HMAC-SHA1"));
qparams.add(new BasicNameValuePair("oauth_timestamp", ""
+ (System.currentTimeMillis() / 1000)));
qparams.add(new BasicNameValuePair("oauth_version", "1.0"));
// generate the oauth_signature
String signature = getSignature(URLEncoder.encode(
"http://MY_END_URL/wc-api/v2/orders", ENC),
URLEncoder.encode(URLEncodedUtils.format(qparams, ENC), ENC));
System.out.println("Getting Oauth Signature...");
// add it to params list
qparams.add(new BasicNameValuePair("oauth_signature", signature));
// generate URI which lead to access_token and token_secret.
URI uri = URIUtils.createURI("http", "MY_END _URL", -1,
"wc-api/v2/orders",
URLEncodedUtils.format(qparams, ENC), null);
System.out.println("Connecting to the URL : \n"
+ uri.toString());
HttpGet httpget = new HttpGet(uri);
// output the response content.
System.out.println("Getting Response from the server :");
HttpResponse response = httpclient.execute(httpget);
HttpEntity entity = response.getEntity();
if (entity != null) {
InputStream instream = entity.getContent();
int len;
byte[] tmp = new byte[2048];
while ((len = instream.read(tmp)) != -1) {
System.out.println(new String(tmp, 0, len, ENC));
}
}
}
}
import java.io.IOException;
导入java.io.InputStream;
导入java.io.UnsupportedEncodingException;
导入java.net.URI;
导入java.net.URISyntaxException;
导入java.net.urlcoder;
导入java.security.InvalidKeyException;
导入java.security.NoSuchAlgorithmException;
导入java.util.ArrayList;
导入java.util.List;
导入javax.crypto.Mac;
导入javax.crypto.SecretKey;
导入javax.crypto.spec.SecretKeySpec;
导入org.apache.commons.codec.binary.Base64;
导入org.apache.commons.lang3.RandomStringUtils;
导入org.apache.http.HttpEntity;
导入org.apache.http.HttpResponse;
导入org.apache.http.NameValuePair;
导入org.apache.http.client.ClientProtocolException;
导入org.apache.http.client.HttpClient;
导入org.apache.http.client.methods.HttpGet;
导入org.apache.http.client.utils.URIUtils;
导入org.apache.http.client.utils.URLEncodedUtils;
导入org.apache.http.impl.client.DefaultHttpClient;
导入org.apache.http.message.BasicNameValuePair;
公共类OAuthForWooCommerce{
私有静态字符串key=“消费者密钥”;
私有静态字符串secret=“consumer\u secret”;
私有静态最终字符串HMAC_SHA1=“HmacSHA1”;
专用静态最终字符串ENC=“UTF-8”;
私有静态Base64 Base64=新Base64();
私有静态字符串getSignature(字符串url、字符串参数)
抛出不支持的CodingException、NoSuchAlgorithmException、,
InvalidKeyException{
/**
*base有三个部分,它们通过“&”:1)协议2)URL连接
*(需要URL编码)3)参数列表(需要URL编码)。
*/
StringBuilder base=新的StringBuilder();
base.append(“GET&”);
base.append(url);
基数。追加(“&”);
base.append(params);
System.out.println(“用于oauth_签名生成的字符串:“+base”);
//是的,别问我为什么,需要在结尾加一个“&”
//秘密钥匙。
byte[]keyBytes=(secret+“&”).getBytes(ENC);
SecretKey key=newsecretkeyspec(keyBytes,HMAC_SHA1);
Mac Mac=Mac.getInstance(HMAC_SHA1);
mac.init(密钥);
//对其进行编码,base64,将其更改为字符串并返回。
返回新字符串(base64.encode(mac.doFinal)(base.toString().getBytes(
ENC))),ENC.)trim();
}
公共静态void main(字符串[]args)抛出ClientProtocolException,
IOException、URISyntaxException、InvalidKeyException、,
NoSuchAlgorithmException{
System.out.println(“***欢迎使用WooCommerce Klifolio集成向导***”);
HttpClient HttpClient=新的DefaultHttpClient();
List qparams=new ArrayList();
//这些参数应按键排序
//添加(新的BasicNameValuePair(“oauth_回调”,“oob”);
添加(新的BasicNameValuePair(“oauth_consumer_key”,key));
字符串nonce=RandomStringUtils.randomstringalphameric(32);
//字符串nonce2=URLEncoder.encode(nonce1,“UTF-8”);
添加(新的BasicNameValuePair(“oauth_nonce”,nonce));
//add(新的BasicNameValuePair(“oauth_nonce”,”+(int)(Math.random()*100000000));
添加(新的BasicNameValuePair(“oauth\u签名\u方法”),
“HMAC-SHA1”);
添加(新的BasicNameValuePair(“oauth_时间戳”)
+(System.currentTimeMillis()/1000));
添加(新的BasicNameValuePair(“oauth_版本”、“1.0”);
//生成oauth_签名
字符串签名=getSignature(urlcoder.encode(
"http://MY_END_URL/wc-api/v2/orders“,ENC),
encode(URLEncodedUtils.format(qparams,ENC),ENC));
System.out.println(“获取Oauth签名…”);
//将其添加到参数列表中
添加(新的BasicNameValuePair(“oauth_签名”,签名));
//生成导致访问令牌和令牌密钥的URI。
URI=URIUtils.createURI(“http”,“MY\u END\u URL”,-1,
“wc api/v2/orders”,
URLEncodedUtils.format(qparams,ENC),null);
System.out.println(“连接到URL:\n”
+uri.toString());
HttpGet HttpGet=新的HttpGet(uri);
//输出响应内容。
System.out.println(“从服务器获取响应:”);
HttpResponse response=httpclient.execute(httpget);
HttpEntity=response.getEntity();
如果(实体!=null){
InputStream instream=entity.getContent();
内伦;
字节[]tmp=新字节[2048];
而((len=流内读取(tmp))!=-1){
System.out.println(新字符串(tmp,0,len,ENC));
}
}
}
}
谢谢,根据文档,您必须从params中删除版本号。我认为您还应该删除生成签名时添加到密钥中的“&”,因为我在没有它的情况下获得了200个响应 所需参数为:oauth_使用者_密钥、oauth_时间戳、oauth_nonce、oauth_签名和oauth_签名方法。oauth_版本不是必需的,必须省略 在添加参数之前,还应按字节顺序对参数进行排序