【发布时间】:2013-12-30 07:45:51
【问题描述】:
您好,我正在尝试按照 tutorial 实施 OAuth1.0 在本教程中有一个标题 OAuthGetRequestToken
为了获取请求令牌,我们必须向 URL 发送一个 post 请求
www.google.com/accounts/OAuthGetRequestToken
我在谷歌应用引擎的代码中发送一个发布请求 我的代码是:
package org.ritesh;
import java.io.BufferedInputStream;
import java.io.BufferedReader;
import java.io.DataInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLEncoder;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.spec.EncodedKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.TreeMap;
import com.google.gdata.client.authn.oauth.*;
import com.google.gdata.util.common.util.Base64;
import com.google.gdata.util.common.util.Base64DecoderException;
import com.sun.org.apache.xerces.internal.util.URI;
import javax.servlet.ServletContext;
import javax.servlet.http.*;
@SuppressWarnings("serial")
public class HelloWorldServlet extends HttpServlet {
@SuppressWarnings({ "unchecked", "unchecked" })
public void doGet(HttpServletRequest req, HttpServletResponse resp)
throws IOException {
String myrsakey= "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBALwVoQ3Ksd9gwZY3"
+"a7Flz5bf1oCiYe8XSn6vlkaPiA0jBcPJAmACjI023/Z+8KgDbyhlRumTtcateXNZ"
+"FVb7q/BKTQWgxK1Fj2XGUkWQz6Nsp/sk54M+R4n3XkTp6W7HhFERE81Iobgy+KtM"
+"vr5f/tJbCtLspKSaq2totveKMvMDAgMBAAECgYBIeTke3FzfyyOtI1vO9oEgDM5V"
+"sLx16Y6d9EC+na36CeW9xGWy4yiPfXadP9qxkukxMp05gd5IWS30QX5UjxN4ER9j"
+"tEDCfDePnrOoi6aUpLXuHoOQbhVIBMTEsFzw9v837a2GOnU0YMgUnGTzC8Ql/3Aw"
+"kFPNFqVEG57ItzZYGQJBAO8K8qXiDfUeMUjGLwqbRk5NgM7GVlPI80f3/V2o7EtP"
+"T6kr6nvob7ZfgQ9R1STuIPjF+0GartfHZ5x+7tdcZ7cCQQDJbUV6Y41zzQ/Pg/cl"
+"VIbZ8Lx9GdtYBaDFeIhGHXDq7Q0I17ztMILJfvx5kKQWGix8ktb0COGX7LxKIwFu"
+"GxcVAkEAhoDWf9humhnfCV/aYFF2geDCNZcMRCCyIzC689R1APsji8EWM5paIXgj"
+"moclM556FwDvm7552xhsiHYz1iI8iQJANcCMRvHkIJ/7dSRBQtwAtI4yrqvExgOS"
+"eMAGlbdrl7W0wcRYrW9Bp6XUmFhKAX/wmTnSVQM9uH47bQlUa16dVQJBAKnnjcgW"
+"AmoCYM+YYmi6+fytPYn9W61RNdl1f9rtccDBhsWomgS6O204qJoLX+U/aCkjpPxK"
+"IyilkfsZBNupdzA=";
resp.setContentType("text/html");
resp.getWriter().println("<html><head> <meta name=\"google-site-verification\" content=\"OBFeK6hFEbTkNdcYc-SQNH9tCTpcht-HkUdj6IgCaLg\" </head>");
resp.getWriter().println("<body>Hello, world");
TreeMap<String,String> tree=new TreeMap<String,String>();
tree.put("oauth_version","1.0");
tree.put("oauth_nonce", System.currentTimeMillis()+"");
tree.put("oauth_timestamp",System.currentTimeMillis()/1000+"");
tree.put("oauth_consumer_key", "imehandirattaritesh.appspot.com");
tree.put("oauth_signature_method", "RSA-SHA1");
tree.put("oauth_signature", myrsakey);
tree.put("oauth_callback", "https://imehandirattaritesh.appspot.com/authsub");
tree.put("scope", "http://www.google.com/calendar/feeds");
Set set = tree.entrySet();
Iterator<Map.Entry<String, String>> i = set.iterator();
String datastring="";
Map.Entry me=(Map.Entry)i.next();
datastring=me.getKey()+"=";
datastring+=me.getValue();
while(i.hasNext()) {
me = (Map.Entry)i.next();
datastring+="&"+me.getKey()+"=";
datastring+=(me.getValue());
}
URL url=new URL("https://www.google.com/accounts/OAuthGetRequestToken?"+datastring);
resp.getWriter().println(""+datastring);
HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection();
urlConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
urlConnection.setRequestProperty("Authorization", "OAuth");
urlConnection.setRequestMethod("POST");
urlConnection.setDoOutput(true);
BufferedReader in = new BufferedReader(new InputStreamReader(urlConnection.getInputStream()));
resp.getWriter().println( urlConnection.getResponseCode());
String xx="";
String xx1="";
while((xx1=in.readLine()) != null)
{
xx+=xx1;
}
resp.getWriter().println(xx);
resp.getWriter().println("</body></html>");
}
}
我在域 imehandirattaritesh.appspot.com 上托管我的应用程序,我想我可能把所有参数都正确了。可能在教程中链接签名是一个非常小的字符串,但在我的情况下它是一个非常大的字符串放置我的 .pk8 文件的内容,它是从证书 .pem 文件生成的。我期待我的输入像这样
oauth_token=ab3cd9j4ks73hf7g&oauth_token_secret=ZXhhbXBsZS5jb20&oauth_callback_confirmed=true
但取而代之的是,我收到了发送帖子请求的响应
signature_invalidbase_string:POST&https%3A%2F%2Fwww.google.com%2Faccounts%2FOAuthGetRequestToken&oauth_callback%3Dhttps%253A%252F%252Fimehandirattaritesh.appspot.com%252Fauthsub%26oauth_consumer_key%3Dimehandirattaritesh.appspot.com%26oauth_nonce%3D1357733037248%26oauth_signature_method%3DRSA-SHA1%26oauth_timestamp%3D1357733037%26oauth_version%3D1.0%26scope%3Dhttp%253A%252F%252Fwww.google.com%252Fcalendar%252Ffeeds
我的 oauth_callback 是 https://imehandirattaritesh.appspot.com/authsub
我正在尝试像地狱一样删除此错误,但每次都失败了,请任何人帮助如何删除此错误或资源或链接,我将从中获得任何帮助。请不要建议我将 java 客户端用于 OAuth1.0。我必须使用谷歌预测 api,然后从我的应用程序和 java 客户端库中调用,没有与调用谷歌预测 api 相关的功能。请帮助我如何消除此错误并获得正确的输出
【问题讨论】:
标签: google-app-engine oauth 2-legged