我正在尝试使用OAuth连接Bricklink REST API(http://apidev.bricklink.com/redmine/projects/bricklink-api/wiki/Authorization)。
理论上应该很简单,但是我当前遇到了困难,一直收到SIGNATURE_INVALID错误。下面是我的尝试方法,请问有什么建议吗?
const string consumerKey = "";
const string consumerSecret = "";
const string tokenSecret = "";
const string tokenValue = "";
const string url = "https://api.bricklink.com/api/store/v1/items/part/3001";
var httpWebRequest = (HttpWebRequest) WebRequest.Create(url);
httpWebRequest.Method = "GET";
var timeStamp = ((int) (DateTime.UtcNow - new DateTime(1970, 1, 1)).TotalSeconds).ToString();
var nonce = Convert.ToBase64String(Encoding.UTF8.GetBytes(timeStamp));
var signatureBaseString = httpWebRequest.Method.ToUpper() + "&";
signatureBaseString = signatureBaseString + url.ToLower() + "&";
signatureBaseString = signatureBaseString + "oauth_consumer_key=" + consumerKey + "&";
signatureBaseString = signatureBaseString + "oauth_nonce=" + nonce + "&";
signatureBaseString = signatureBaseString + "oauth_signature_method=" + "HMAC-SHA1" + "&";
signatureBaseString = signatureBaseString + "oauth_timestamp=" + timeStamp + "&";
signatureBaseString = signatureBaseString + "oauth_token=" + tokenValue + "&";
signatureBaseString = signatureBaseString + "oauth_version=" + "1.0";
signatureBaseString = Uri.EscapeDataString(signatureBaseString);
Console.WriteLine(signatureBaseString);
var signatureEncoding = new ASCIIEncoding();
var keyBytes = signatureEncoding.GetBytes(consumerSecret + "&" + tokenSecret);
var signatureBaseBytes = signatureEncoding.GetBytes(signatureBaseString);
string signatureString;
using (var hmacsha1 = new HMACSHA1(keyBytes))
{
var hashBytes = hmacsha1.ComputeHash(signatureBaseBytes);
signatureString = Convert.ToBase64String(hashBytes);
}
signatureString = Uri.EscapeDataString(signatureString);
Console.WriteLine(signatureString);
string SimpleQuote(string x) => '"' + x + '"';
var header =
"OAuth realm=" + SimpleQuote("") + "," +
"oauth_consumer_key=" + SimpleQuote(consumerKey) + "," +
"oauth_nonce=" + SimpleQuote(nonce) + "," +
"oauth_signature_method=" + SimpleQuote("HMAC-SHA1") + "," +
"oauth_timestamp=" + SimpleQuote(timeStamp) + "," +
"oauth_token=" + SimpleQuote(tokenValue) + "," +
"oauth_version=" + SimpleQuote("1.0") + "," +
"oauth_signature= " + SimpleQuote(signatureString);
Console.WriteLine(header);
httpWebRequest.Headers.Add(HttpRequestHeader.Authorization, header);
var response = httpWebRequest.GetResponse();
var characterSet = ((HttpWebResponse) response).CharacterSet;
var responseEncoding = characterSet == ""
? Encoding.UTF8
: Encoding.GetEncoding(characterSet ?? "utf-8");
var responsestream = response.GetResponseStream();
if (responsestream == null)
{
throw new ArgumentNullException(nameof(characterSet));
}
using (responsestream)
{
var reader = new StreamReader(responsestream, responseEncoding);
var result = reader.ReadToEnd();
Console.WriteLine(result);
}
我知道consumerKey、consumerSecret、tokenSecret和tokenValue是正确的,因为我可以使用JavaScript连接bricklink-api(https://www.npmjs.com/package/bricklink-api)。