OAuth 驗證

昨天搞 OAuth 搞了快半天,才總算正常用 OAuth 登入 plurk api ,然後作個隨筆
網路上找到的許多人都透過 OAuthBase 來連上去,所以我也先去抓 OAuthBase
可是我參數都傳了,他就能沒辦法正常取得 Token ,一直顯示 400 錯誤,我也搞不懂是啥錯誤
最後我找了許多的網頁,然後透過 小朱 的兩篇文章(1, 2)去實作一個 OAuth 的驗證,總算成功登入 Plurk 了,我也不知為啥他的可以, OAuthBase 不行

等實作完整個 Plurk API 後再來釋出吧

想不到才一年多左右沒碰, plurk api 就變到我完全不認識他了=口=!

因為只是隨筆,所以就不附程式碼之類的了!相關的 OAuth 驗證可以參考小朱的兩篇文章來實作(當然是你跟我一樣一直無法用 OAuthBase 的才需要這樣玩(抹汗~))
---
仔細研究了一下,如果透過小朱的文章來使用 OAuth 的話,我資料都得透過 Get 方式作傳遞,如果可以我還是希望能透過 POST 的方式,那似乎得改動 OAuthBase ,以下是 Google 的 OAuth 的驗證程式,留存作研究,看看有沒有辦法將原本的 OAuthBase 改成正常的版本
/* Copyright (c) 2011 Google Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 * 
 * 
*/

using System;
using System.Text;
using System.Globalization;
using System.Net;
using System.IO;
using System.Collections.Generic;

namespace Google.GData.Client {
    /// <summary>
    /// Provides a means to generate an OAuth signature suitable for use
    /// with Google OAuth requests.
    /// </summary>
    public class OAuthUtil {
        // Google OAuth endpoints
        private static String requestTokenUrl = "https://www.google.com/accounts/OAuthGetRequestToken";
        private static String userAuthorizationUrl = "https://www.google.com/accounts/OAuthAuthorizeToken";
        private static String accessTokenUrl = "https://www.google.com/accounts/OAuthGetAccessToken";

        /// <summary>
        /// Generates an OAuth header.
        /// </summary>
        /// <param name="uri">The URI of the request</param>
        /// <param name="consumerKey">The consumer key</param>
        /// <param name="consumerSecret">The consumer secret</param>
        /// <param name="httpMethod">The http method</param>
        /// <returns>The OAuth authorization header</returns>
        public static string GenerateHeader(Uri uri, String consumerKey, String consumerSecret, String httpMethod) {
            return GenerateHeader(uri, consumerKey, consumerSecret, string.Empty, string.Empty, httpMethod);
        }

        /// <summary>
        /// Generates an OAuth header.
        /// </summary>
        /// <param name="uri">The URI of the request</param>
        /// <param name="consumerKey">The consumer key</param>
        /// <param name="consumerSecret">The consumer secret</param>
        /// <param name="token">The OAuth token</param>
        /// <param name="tokenSecret">The OAuth token secret</param>
        /// <param name="httpMethod">The http method</param>
        /// <returns>The OAuth authorization header</returns>
        public static string GenerateHeader(Uri uri, String consumerKey, String consumerSecret, String token,
            String tokenSecret, String httpMethod) {
            OAuthParameters parameters = new OAuthParameters() { 
                ConsumerKey = consumerKey, ConsumerSecret = consumerSecret, Token = token, TokenSecret = tokenSecret, SignatureMethod = OAuthBase.HMACSHA1SignatureType 
            };
            return GenerateHeader(uri, httpMethod, parameters);
        }

        /// <summary>
        /// Generates an OAuth header.
        /// </summary>
        /// <param name="uri">The URI of the request</param>
        /// <param name="httpMethod">The http method</param>
        /// <param name="parameters">The OAuth parameters</param>
        /// <returns>The OAuth authorization header</returns>
        public static string GenerateHeader(Uri uri, string httpMethod, OAuthParameters parameters) {
            parameters.Timestamp = OAuthBase.GenerateTimeStamp();
            parameters.Nonce = OAuthBase.GenerateNonce();

            string signature = OAuthBase.GenerateSignature(uri, httpMethod, parameters);

            StringBuilder sb = new StringBuilder();
            sb.AppendFormat("Authorization: OAuth {0}=\"{1}\",", OAuthBase.OAuthVersionKey, OAuthBase.OAuthVersion);
            sb.AppendFormat("{0}=\"{1}\",", OAuthBase.OAuthNonceKey, OAuthBase.EncodingPerRFC3986(parameters.Nonce));
            sb.AppendFormat("{0}=\"{1}\",", OAuthBase.OAuthTimestampKey, OAuthBase.EncodingPerRFC3986(parameters.Timestamp));
            sb.AppendFormat("{0}=\"{1}\",", OAuthBase.OAuthConsumerKeyKey, OAuthBase.EncodingPerRFC3986(parameters.ConsumerKey));
            if (parameters.BaseProperties.ContainsKey(OAuthBase.OAuthVerifierKey)) {
                sb.AppendFormat("{0}=\"{1}\",", OAuthBase.OAuthVerifierKey, OAuthBase.EncodingPerRFC3986(parameters.BaseProperties[OAuthBase.OAuthVerifierKey]));
            }
            if (!String.IsNullOrEmpty(parameters.Token)) {
                sb.AppendFormat("{0}=\"{1}\",", OAuthBase.OAuthTokenKey, OAuthBase.EncodingPerRFC3986(parameters.Token));
            }
            if (parameters.BaseProperties.ContainsKey(OAuthBase.OAuthCallbackKey)) {
                sb.AppendFormat("{0}=\"{1}\",", OAuthBase.OAuthCallbackKey, OAuthBase.EncodingPerRFC3986(parameters.BaseProperties[OAuthBase.OAuthCallbackKey]));
            }
            sb.AppendFormat("{0}=\"{1}\",", OAuthBase.OAuthSignatureMethodKey, OAuthBase.HMACSHA1SignatureType);
            sb.AppendFormat("{0}=\"{1}\"", OAuthBase.OAuthSignatureKey, OAuthBase.EncodingPerRFC3986(signature));

            return sb.ToString();
        }

        /// <summary>
        /// Contacts Google for a request token, first step of the OAuth authentication process.
        /// When successful, updates the OAuthParameter instance passed as parameter by setting
        /// Token and TokenSecret.
        /// </summary>
        /// <param name="parameters">The OAuth parameters</param>
        public static void GetUnauthorizedRequestToken(OAuthParameters parameters) {
            Uri requestUri = new Uri(string.Format("{0}?scope={1}", requestTokenUrl, OAuthBase.EncodingPerRFC3986(parameters.Scope)));

            // callback is only needed when getting the request token
            bool callbackExists = false;
            if (!string.IsNullOrEmpty(parameters.Callback)) {
                parameters.BaseProperties.Add(OAuthBase.OAuthCallbackKey, parameters.Callback);
                callbackExists = true;
            }

            string headers = GenerateHeader(requestUri, "GET", parameters);
            WebRequest request = WebRequest.Create(requestUri);
            request.Headers.Add(headers);

            WebResponse response = request.GetResponse();
            string result = "";
            if (response != null) {
                Stream responseStream = response.GetResponseStream();
                StreamReader reader = new StreamReader(responseStream);
                result = reader.ReadToEnd();
            }

            if (callbackExists) {
                parameters.BaseProperties.Remove(OAuthBase.OAuthCallbackKey);
            }

            // split results and update parameters
            SortedDictionary<string, string> responseValues = OAuthBase.GetQueryParameters(result);
            parameters.Token = responseValues[OAuthBase.OAuthTokenKey];
            parameters.TokenSecret = responseValues[OAuthBase.OAuthTokenSecretKey];
        }

        /// <summary>
        /// Generates the url which the user should visit in order to authenticate and
        /// authorize with the Service Provider.
        /// When successful, updates the OAuthParameter instance passed as parameter by setting
        /// Token and TokenSecret.
        /// </summary>
        /// <param name="parameters">The OAuth parameters</param>
        /// <returns>The full authorization url the user should visit</returns>
        public static string CreateUserAuthorizationUrl(OAuthParameters parameters) {
            StringBuilder sb = new StringBuilder();
            sb.Append(userAuthorizationUrl);
            sb.AppendFormat("?{0}={1}", OAuthBase.OAuthTokenKey, OAuthBase.EncodingPerRFC3986(parameters.Token));
            if (!string.IsNullOrEmpty(parameters.Callback)) {
                sb.AppendFormat("&{0}={1}", OAuthBase.OAuthCallbackKey, OAuthBase.EncodingPerRFC3986(parameters.Callback));
            }
            return sb.ToString();
        }

        /// <summary>
        /// Helper method which parses a querystring for the OAuth related parameters.
        /// It updates the OAuthParameter instance passed as parameter by setting
        /// Token, TokenSecret and Verifier (if present).
        /// </summary>
        /// <param name="parameters">The OAuth parameters</param>
        public static void UpdateOAuthParametersFromCallback(string queryString, OAuthParameters parameters) {
            //split results and update parameters
            SortedDictionary<string, string> responseValues = OAuthBase.GetQueryParameters(queryString);
            parameters.Token = responseValues[OAuthBase.OAuthTokenKey];
            if (responseValues.ContainsKey(OAuthBase.OAuthTokenSecretKey)) {
                parameters.TokenSecret = responseValues[OAuthBase.OAuthTokenSecretKey];
            }
            if (responseValues.ContainsKey(OAuthBase.OAuthVerifierKey)) {
                parameters.Verifier = responseValues[OAuthBase.OAuthVerifierKey];
            }
        }

        /// <summary>
        /// Exchanges the user-authorized request token for an access token.
        /// When successful, updates the OAuthParameter instance passed as parameter by setting
        /// Token and TokenSecret.
        /// </summary>
        /// <param name="parameters">The OAuth parameters</param>
        public static void GetAccessToken(OAuthParameters parameters) {
            Uri requestUri = new Uri(accessTokenUrl);

            string headers = GenerateHeader(requestUri, "GET", parameters);
            WebRequest request = WebRequest.Create(requestUri);
            request.Headers.Add(headers);

            WebResponse response = request.GetResponse();
            string result = "";
            if (response != null) {
                Stream responseStream = response.GetResponseStream();
                StreamReader reader = new StreamReader(responseStream);
                result = reader.ReadToEnd();
            }

            //split results and update parameters
            SortedDictionary<string, string> responseValues = OAuthBase.GetQueryParameters(result);
            parameters.Token = responseValues[OAuthBase.OAuthTokenKey];
            parameters.TokenSecret = responseValues[OAuthBase.OAuthTokenSecretKey];
        }
    }
}

留言

張貼留言

這個網誌中的熱門文章

DB 資料庫呈現復原中

今天因為資料庫怪怪的,重開後他就呈現復原中,無法使用 那就只好查詢線上文件看該如何處理 首先先透過指令確認倒底狀態為何 SELECT * FROM  sys.master_files 從 state_desc 可以看到目前的狀態,一般正常狀態是 ONLINE ,那我資料庫的狀態為  RECOVERING  這個,依說明是他是個暫時性的狀態,如果還原成功,則資料庫狀態會自動切換成線上 那由於資料庫太過龐大(10幾GB的資料),還原了約半小時才處理好,不過他似乎會還原到上次的備份,至少我今天的資料異動全都被還原了。 Reference: DB一直呈現"復原中"狀態,怎麼解決? - MS SQL - 藍色小舖 判定復原檔案或檔案群組的下一個步驟 - MSDN
閱讀完整內容

Outlook 刪除大量重覆信件

  最近因為公司的 Exchange 系統轉換,因為容量變大,想說把之前因空間因素抓下來後就刪除的信件全匯回去,之後就可以透過線上直接閱覽舊信件,匯入時看到有重覆項目的處理選項,我也勾選了重覆項目不匯入,沒想到還是中了陷阱,雖然一封信頂多重覆一次,但重覆的信件高達上百封,要我手動砍... 也不是砍不完,就不知要花多少時間了,所以上網找解答!
閱讀完整內容

[VB.Net] If vs IIf ,兩者的差異

這次的文章算隨筆 純粹是我之前印象 VB 的單行式判斷式 IIf 在某些狀況下是會有問題的,結果看到了公司的 Code 中有單行式判斷式 - If ,本來以為是類似 Alias 的東西,不過仔細探究才發現兩者的作法並不一樣 這裡稍微講述一下我之前對 IIf 的例外狀況的印象,首先 IIf 的格式是長這樣 IIf(Expression As Boolean, TruePart As Object, FalsePart As Object) As Object 當 Expression 為 True ,則回傳 TruePart ,否則則回傳 FalsePart 的部份 這看起來很直覺,感覺沒什麼問題,那我說的狀況是怎樣呢? 如果 TruePart 或 FalsePart 為一函式的呼叫,而如果 Expression 為 True 時,FalsePart 的函式則不能呼叫的狀況 舉例來說,如果 Expression 判斷某個變數值是否是 Nothing ,而 FalsePart 呼叫的函式會在該變數值為 Nothing 被呼叫的話,就會產生 Exception 至此,應該知道我說的狀況是什麼了?是的,就是其實 IIf 是函式,他是會將 TruePart 及 FalsePart 上的函式先進行評估運算後進行呼叫 實際可以以以下程式碼作測試:     Sub Main()         Dim bln As Boolean = True         Console.WriteLine(IIf(bln, A(), B()))         Console.WriteLine("====================================")         Console.WriteLine(If(bln, A(), B()))     End Sub     Function A() As String         Console.WriteLine("A(...
閱讀完整內容