0
我無法找到谷歌對Oauth 1.0的支持,因爲它已被棄用。 但是,因爲我想要訪問Gmail數據,我必然會使用Oauth 1.0oauth 1.0 - Google無效簽名GetRequestToken
所以我一直試圖從2天得到RequestToken爲我的Google應用程序,我收到無效簽名錯誤。 我的基礎字符串與google返回的調試字符串匹配。
我試過使用HMAC-SHA1和RSA-SHA1,我的密鑰是正確的。 (我甚至試圖使用令牌和祕密作爲匿名,Google建議用於未註冊的應用程序。) 它可能是由於錯誤的nonce或由於某些百分比編碼問題導致的。 同樣的方法適用於Twitter。
我也在下面粘貼我的代碼,如果有人能夠幫助我或指向正確的論壇,我會很高興。
$('#GMAIL_BUTTON').click(function() {
//oauth1 approach similar to twitter
var requestUrl = "https://www.google.com/accounts/OAuthGetRequestToken";
var scope = "https://mail.google.com/";
var clientID = "anonymous";
var clientSecret = "anonymous";
var rsakey = "MIICblahblahblah";
var timestamp = Math.round(new Date().getTime()/1000.0);
var nonce = Math.random();
var sigBaseStringParams = "oauth_consumer_key=" + clientID;
sigBaseStringParams += "&" + "oauth_nonce=" + nonce;
sigBaseStringParams += "&" + "oauth_signature_method=HMAC-SHA1";
sigBaseStringParams += "&" + "oauth_timestamp=" + timestamp;
sigBaseStringParams += "&" + "scope=" + encodeURIComponent(scope);
var sigBaseString = "GET&";
sigBaseString += encodeURIComponent(requestUrl) + "&" + encodeURIComponent(sigBaseStringParams) + "\n" + "\n";
requestUrl += "?scope=https://mail.google.com/";
var keyText = encodeURIComponent(clientSecret) + "&";
//var keyText = rsakey;
var keyMaterial = Windows.Security.Cryptography.CryptographicBuffer.convertStringToBinary(keyText, Windows.Security.Cryptography.BinaryStringEncoding.Utf8);
var macAlgorithmProvider = Windows.Security.Cryptography.Core.MacAlgorithmProvider.openAlgorithm("HMAC_SHA1");
var key = macAlgorithmProvider.createKey(keyMaterial);
//var keyMaterial = Windows.Security.Cryptography.CryptographicBuffer.decodeFromBase64String(rsakey);
//var macAlgorithmProvider = Windows.Security.Cryptography.Core.AsymmetricKeyAlgorithmProvider.openAlgorithm("RSASIGN_PKCS1_SHA1");
//var key = macAlgorithmProvider.importKeyPair(keyMaterial);
var tbs = Windows.Security.Cryptography.CryptographicBuffer.convertStringToBinary(sigBaseString, Windows.Security.Cryptography.BinaryStringEncoding.Utf8);
var signatureBuffer = Windows.Security.Cryptography.Core.CryptographicEngine.sign(key, tbs);
var signature = Windows.Security.Cryptography.CryptographicBuffer.encodeToBase64String(signatureBuffer);
var dataToPost = "OAuth oauth_consumer_key=\"" + clientID + "\", oauth_nonce=\"" + nonce + "\", oauth_signature_method=\"HMAC-SHA1\", oauth_timestamp=\"" + timestamp + "\", oauth_signature=\"" + encodeURIComponent(signature) + "\", oauth_version=\"1.0\"";
var response = sendGetRequest(requestUrl, dataToPost, null);
});
而且SendGetRequest方法 -
function sendGetRequest(url, authzheader, params) {
try {
var request = new XMLHttpRequest();
request.open("GET", url, false);
request.setRequestHeader("Authorization", authzheader);
request.send(params);
return request.responseText;
} catch (err) {
WinJS.log("Error sending request: " + err, "Web Authentication SDK Sample", "error");
}
}
OP可能希望通過OAuth(https://developers.google.com/google-apps/gmail/oauth_overview)訪問[通過IMAP/SMTP發送GMail],而不是未讀郵件原子提要。這僅在OAuth 1上可用。 – 2012-07-18 10:04:11
thanks.i解決了這個問題。這個問題涉及到一些URL編碼問題。 – 2012-07-18 20:01:57
@gauravkejriwal然後發佈你如何解決它作爲答案。 – Foreever 2014-01-09 09:20:20