Home > Others

Oauth protocol analysis 1

Source: Internet
Author: User
Tags hmac oauth urlencode
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Time: Author: shaoyun

These analyses are based on the oauth protocol and Sina development documentation. Refer to the PHP, C # SDK, submit the test with Fiddler.

Part 1: Obtain the unauthorized request token and the corresponding request token secret

Submission address:

Http://api.t.sina.com.cn/oauth/request_token

Submission method: Get

Parameter List:

Oauth_consumer_key the apikey we applied
Oauth_nonce random value. A 32-bit MD5 value is randomly generated based on the time.
Oauth_signature parameter Signature
Oauth_signature_method Signature Algorithm
The integer value of the current timestamp obtained by oauth_timestamp
Oauth_version oauth Protocol version

The string to be signed is as follows:
Get & HTTP % 3A % 2f % signature % 2 foauth % signature & signature % 3d8888888% 26oauth_nonce % signature % 3dhmac-sha1% 26oauth_timestamp % 3d1288149739% 26oauth_version % 3d1. 0a

The parameter is decomposed as % 3d =, % 26 is &

Get
Http://api.t.sina.com.cn/oauth/request_token
Oauth_consumer_key = 888888888
Oauth_nonce = 08e59bdb879d2f4b96eb20158d7a5b47
Oauth_signature_method = HMAC-SHA1
Oauth_timestamp = 1288149739
Oauth_version = 1.0a

Between the first parameter and the second parameter, use & to connect between the second parameter and the third parameter, and urlencode for the third parameter. This is the string to be signed.

Signature Algorithm, here we use HMAC-SHA1, key for app secret, the applied

$ Key = 'e547036cd665c647f4561ede6820fde0 &';
Base64_encode (hash_hmac ('sha1', $ base_string, $ key, true ));

Signature generated
Oauth_signature = urlencode ('5qkdzysrnlaseeoccxtm7hspdyi = ');

The final get address is
Http://api.t.sina.com.cn/oauth/request_token? Oauth_consumer_key = 888888888 & oauth_nonce = signature & oauth_signature = signature % 3d & oauth_signature_method = HMAC-SHA1 & oauth_timestamp = 1288149739 & oauth_version = 1.0a

The string returned by the server after successful submission is as follows:
Oauth_token = 78ad5974c2b5c3a9de0fca3d1698470f & oauth_token_secret = 7e3c4cce0585101bc4b931136ba7ed90

This is the obtained unauthorized request token and the corresponding request token secret.

 

This is only an analysis. It has nothing to do with the platform language. The specific implementation is based on the situation. This is the first step of authentication. Later, it is similar to this, and there is time to write it again.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
oauth 1 tutorial oauth 1 0 php from rfc 2068 hypertext transfer protocol http 1 1 pecl oauth oauth documentation oauth getaccesstoken oauth install

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More