Fatal编程技术网
  • python/
  • Python 如何将OAuth1.0授权头值添加到HTTP POST

Python 如何将OAuth1.0授权头值添加到HTTP POST

python http post oauth

Python 如何将OAuth1.0授权头值添加到HTTP POST,python,http,post,oauth,Python,Http,Post,Oauth,我正在尝试使用OAuth1.0和Python2.7向Netsuite发送POST请求。oauth2库没有通过pip安装到我的机器上,所以我决定放弃它,因为我花了两天的时间试图弄清楚它,自己做了所有的事情。这是我的密码: import random import hmac import hashlib import base64 from urllib import urlencode # source: https://stackoverflow.com/questions/559017

我正在尝试使用OAuth1.0和Python2.7向Netsuite发送POST请求。
oauth2
库没有通过
pip
安装到我的机器上,所以我决定放弃它,因为我花了两天的时间试图弄清楚它,自己做了所有的事情。这是我的密码:

import random 
import hmac 
import hashlib 
import base64
from urllib import urlencode

# source: https://stackoverflow.com/questions/5590170/what-is-the-standard-method-for-generating-a-nonce-in-python 
def generate_nonce(length=8):     
    """Generate pseudorandom number."""     
    return ''.join([str(random.randint(0, 9)) for i in range(length)])  
    
URL = "<my_url>"

# ///// VARIABLES ///// 
ACCT_ID = "<acct>" 
CONSUMER_KEY = "<correct_consumer_key>" 
CONSUMER_SECRET = "<consumer_secret>" 
TOKEN_ID = "<token_id>" 
TOKEN_SECRET = "<token_secret>" 
NONCE = generate_nonce(length=10) 
CURRENT_TIME = functionToGetTime()
# /////    END    /////  

base = '&'.join([ACCT_ID, CONSUMER_KEY, TOKEN_ID, NONCE, CURRENT_TIME])
key = '&'.join([CONSUMER_SECRET, TOKEN_SECRET]) 

oauth_digest = hmac.new(str.encode(key), msg=str.encode(base), digestmod=hashlib.sha256).digest() 
oauth_signature = base64.b64encode(digest).decode()

oauth_authorization = 'OAuth realm="' + ACCT_ID + '",oauth_consumer_key="' + CONSUMER_KEY + '",oauth_token="' + TOKEN_ID + '",oauth_signature_method="HMAC-SHA256",oauth_timestamp="' + CURRENT_TIME + '",oauth_nonce="' + generate_nonce(length=10) + '",oauth_version="1.0",oauth_signature="' + oauth_signature + '"',

# tried to use urlencode(authorization), not being used currently
authorization = {
    "realm": ACCT_ID,
    "oauth_consumer_key": "OAuth " + CONSUMER_KEY,
    "oauth_token": TOKEN_ID,
    "oauth_signature_method": "HMAC-SHA256",
    "oauth_timestamp": CURRENT_TIME[:10],
    "oauth_nonce": generate_nonce(length=10),
    "oauth_version": "1.0",
    "oauth_signature": oauth_signature
}
 
headers = {
    "Authorization": oauth_authorization,
    "Content-Type": "application/json",
    "Accept": "*/*",
    "Accept-Encoding": "gzip, deflate, br",
    "Prefer": "transient"
}

body = {
    "q": "SELECT c.email AS email, c.companyName AS company, t.tranId AS document, t.tranDate AS date FROM customer c, transaction t WHERE t.entity = c.id AND t.type = 'SalesOrd'"
}

client = system.net.httpClient()

res = client.post(url=URL, data=body,headers=headers)

print res.json
我几乎可以肯定这与我如何发送
授权
标题有关。我知道令牌和密钥是正确的,因为我可以使用Postman使用相同的设置成功发送请求

如何将我指定的
oauth
设置编码/附加到HTTP头?我还做错了什么?可能是签名不正确吗

{
    'type': u'https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2', 
    'title': u'Unauthorized', 
    'o:errorDetails': [
       {
           'o:errorCode': u'INVALID_LOGIN_ATTEMPT', 
           'detail': u'Invalid login attempt.'
       }
     ], 
     'status': 401L
}