Php 从crontab运行时未授权Twitter API
我已经设置了OAuth,我正在使用CURL来获取最新的tweet,当我从浏览器运行它时,它可以完美地工作Php 从crontab运行时未授权Twitter API,php,curl,twitter-oauth,crontab,lynx,Php,Curl,Twitter Oauth,Crontab,Lynx,我已经设置了OAuth,我正在使用CURL来获取最新的tweet,当我从浏览器运行它时,它可以完美地工作 http://mydomain.com/getstatus.php 脚本将状态写入文件: $xTIME = time(); $oauth = array( 'oauth_consumer_key' => $consumer_key, 'oauth_nonce' => $xTIME, 'oauth_signature_method' =&
http://mydomain.com/getstatus.php
$xTIME = time();
$oauth = array(
'oauth_consumer_key' => $consumer_key,
'oauth_nonce' => $xTIME,
'oauth_signature_method' => 'HMAC-SHA1',
'oauth_token' => $oauth_access_token,
'oauth_timestamp' => $xTIME,
'oauth_version' => '1.0'
);
$base_info = buildBaseString($url, 'GET', $oauth);
$composite_key = rawurlencode($consumer_secret) . '&' . rawurlencode($oauth_access_token_secret);
$oauth_signature = base64_encode(hash_hmac('sha1', $base_info, $composite_key, true));
$oauth['oauth_signature'] = $oauth_signature;
$header = array(buildAuthorizationHeader($oauth), 'Expect:');
$options = array(
CURLOPT_HTTPHEADER => $header,
CURLOPT_HEADER => false,
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYPEER => false
);
$feed = curl_init();
curl_setopt_array($feed, $options);
$json = curl_exec($feed);
curl_close($feed);
$twitter_data = json_decode($json);
if(isset($twitter_data[0]->text))
{
$fp = fopen('/var/www/mydomain.com/feeds/twitter.feed', 'w');
fwrite($fp, $twitter_data[0]->text);
fclose($fp);
}
0 * * * * lynx -accept_all_cookies http://mydomain.com/getstatus.php
[request] => /1/statuses/user_timeline.json?count=1&screen_name=twitter
[error] => Rate limit exceeded. Clients may not make more than 150 requests per hour.
function buildBaseString($baseURI, $method, $params)
{
$r = array();
ksort($params);
foreach($params as $key=>$value){
$r[] = "$key=" . rawurlencode($value);
}
return $method."&" . rawurlencode($baseURI) . '&' . rawurlencode(implode('&', $r));
}
function buildAuthorizationHeader($oauth)
{
$r = 'Authorization: OAuth ';
$values = array();
foreach($oauth as $key=>$value)
$values[] = "$key=\"" . rawurlencode($value) . "\"";
$r .= implode(', ', $values);
return $r;
}
function loadTW($twID)
{
$url = "https://api.twitter.com/1/statuses/user_timeline.json&count=1&screen_name=" .$twID;
$oauth_access_token = "68161130-X4HRZje9wB3lpyeOPYDJPsqG1JfJxxxxxxxx";
$oauth_access_token_secret = "zN98CUldHN4eiVeGahZIvpNeUGljRTxxxxxxxx";
$consumer_key = "PeVEz2Z0QSKtxxxxxxx";
$consumer_secret = "An9Xh3qHHTEiTQzW5wKLFMHOrbzwFtwxxxxxxxx";
$xTIME = time();
$oauth = array( 'oauth_consumer_key' => $consumer_key,
'oauth_nonce' => $xTIME,
'oauth_signature_method' => 'HMAC-SHA1',
'oauth_token' => $oauth_access_token,
'oauth_timestamp' => $xTIME,
'oauth_version' => '1.0');
$base_info = buildBaseString($url, 'GET', $oauth);
$composite_key = rawurlencode($consumer_secret) . '&' . rawurlencode($oauth_access_token_secret);
$oauth_signature = base64_encode(hash_hmac('sha1', $base_info, $composite_key, true));
$oauth['oauth_signature'] = $oauth_signature;
$header = array(buildAuthorizationHeader($oauth), 'Expect:');
$options = array( CURLOPT_HTTPHEADER => $header,
CURLOPT_HEADER => false,
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYPEER => false);
$feed = curl_init();
curl_setopt_array($feed, $options);
$json = curl_exec($feed);
curl_close($feed);
$twitter_data = json_decode($json);
if(isset($twitter_data[0]->text))
{
$fp = fopen('/var/www/carlandalexfishing.co.uk/feeds/twitter.feed', 'w');
fwrite($fp, $twitter_data[0]->text);
fclose($fp);
}
}
很难知道代码中发生了什么,因为它不是完整的代码。无论如何:
- OAuth代码只对OAuth_*头进行签名,而不是对任何查询参数进行签名
- 根据错误消息判断,
变量似乎也包含查询参数$url
错误说明(故意省略url编码并添加空格): URL的查询部分不应该放在OAuth基字符串的第二部分。更好:
GET & https://api.twitter.com/1/endpoint.json & count=1&oauth_abc=def&oauth_ghi=jkl&screen_name=twitter
我们可以看看
buildBaseStringbuildAuthorizationHeader$url$oauth=array()GET & https://api.twitter.com/1/endpoint.json & count=1&oauth_abc=def&oauth_ghi=jkl&screen_name=twitter