Hello again, I am unable to generate oauth_signature correctly.
My explanation: I do a main class with only POST oath/request_token functionality for reproduce de same oath_signature in this example https://dev.twitter.com/docs/auth/implementing-sign-twitter.
Following the steps in https://dev.twitter.com/docs/auth/creating-signature I do this methods in java to generate oath_signature parameter:
--------------START JAVA CODE----------------
package test;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.net.URLEncoder;
import java.security.SignatureException;
import java.util.Iterator;
import java.util.SortedMap;
import java.util.TreeMap;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.http.Header;
import org.apache.http.HeaderElement;
import org.apache.http.HttpEntity;
import org.apache.http.HttpHost;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.DefaultHttpClient;
public class TestLauncher {
public static void main(String[] args) {
String response=TestLauncher.executeURL("https://api.twitter.com/oauth/request_token", "http://localhost/sign-in-with-twitter/");
System.out.println("response="+response);
}
public static String executeURL(String url,String oauth_callback){
if(url==null||url.isEmpty()||oauth_callback==null||oauth_callback.isEmpty()) return null;
String page="";
try{
HttpHost targetHost = new HttpHost("api.twitter.com", 443, "https");
DefaultHttpClient httpclient = new DefaultHttpClient();
try {
// Create request
// You can also use the full URI http://www.google.com/
HttpPost httppost = TestLauncher.OAuthConnection(url,oauth_callback);
// Execute request
HttpResponse response = httpclient.execute(targetHost, httppost);
HttpEntity entity = response.getEntity();
Header header=entity.getContentType();
HeaderElement[] he=header.getElements();
for(int i=0;i<he.length;i++) page+=" ["+he[i].getName()+"<"+he[i].getParameterCount()+">"+he[i].getValue()+"]";
String line="";BufferedReader in=null;
try{in=new BufferedReader(new InputStreamReader(entity.getContent()));}catch(Exception ex){
try{Thread.sleep(10000);in=new BufferedReader(new InputStreamReader(entity.getContent()));}catch(Exception ex2){}
}
while(in!=null&&((line=in.readLine())!=null)){
page+=line + "\\n";
}
} finally {
httpclient.getConnectionManager().shutdown();
}
}catch(Exception e){e.printStackTrace();}
return page;
}
private static HttpPost OAuthConnection(String url,String url_callback) throws IOException{
HttpPost httppost = new HttpPost(url);
String oauth_consumer_key="cChZNFj6T5R0TigYB9yd1w";
String oauth_nonce="ea9ec8429b68d6b77cd5600adbbb0456";
String oauth_callback=url_callback;
String oauth_signature_method="HMAC-SHA1";
String oauth_timestamp="1318467427";
String oauth_version="1.0";
SortedMap<String,String> map=new TreeMap<String,String>();
map.put("oauth_consumer_key",URLEncoder.encode(oauth_consumer_key,"UTF-8"));
map.put("oauth_callback",URLEncoder.encode(oauth_callback,"UTF-8"));
map.put("oauth_nonce",URLEncoder.encode(oauth_nonce,"UTF-8"));
map.put("oauth_signature_method",URLEncoder.encode(oauth_signature_method,"UTF-8"));
map.put("oauth_timestamp",URLEncoder.encode(oauth_timestamp,"UTF-8"));
map.put("oauth_version",URLEncoder.encode(oauth_version,"UTF-8"));
URL url_object = new URL(url);
if(url_object.getQuery()!=null&&!url_object.getQuery().isEmpty()){
String[] params=url_object.getQuery().split("&");
for(int i=0;i<params.length;i++) map.put(URLEncoder.encode(params[i].split("=")[0],"UTF-8"),URLEncoder.encode(params[i].split("=")[1],"UTF-8"));
}
String url_base=URLEncoder.encode(url_object.getProtocol()+"://"+url_object.getHost()+url_object.getPath(),"UTF-8");
String oauth_signature=TestLauncher.generateSignature(map,"POST",url_base);
String auth_values="OAuth oauth_callback=\""+URLEncoder.encode(oauth_callback,"UTF-8")+"\", ";
auth_values+="oauth_consumer_key=\""+URLEncoder.encode(oauth_consumer_key,"UTF-8")+"\", ";
auth_values+="oauth_nonce=\""+URLEncoder.encode(oauth_nonce,"UTF-8")+"\", ";
auth_values+="oauth_signature=\""+URLEncoder.encode(oauth_signature,"UTF-8")+"\", ";
auth_values+="oauth_signature_method=\""+URLEncoder.encode(oauth_signature_method,"UTF-8")+"\", ";
auth_values+="oauth_timestamp=\""+URLEncoder.encode(oauth_timestamp,"UTF-8")+"\", ";
auth_values+="oauth_version=\""+URLEncoder.encode(oauth_version,"UTF-8")+"\"";
httppost.setHeader("Authorization",auth_values);
System.out.println("auth_values="+auth_values);
return httppost;
}
private static String generateSignature(SortedMap<String,String> map,String httpMethod,String url_base) throws UnsupportedEncodingException{
String params="";
Iterator<String> keys=map.keySet().iterator();
Iterator<String> values=map.values().iterator();
while(keys.hasNext()){
params+=keys.next()+"="+values.next();
if(keys.hasNext()) params+="&";
}
String data=httpMethod+"&"+url_base+"&"+URLEncoder.encode(params, "UTF-8");
System.out.println("generateSignature() data="+data);
String consumer_secret="XXXXX";
String key=URLEncoder.encode(consumer_secret, "UTF-8");
String output=null;
try {
output=TestLauncher.calculateHMAC_SHA1(data, key);
} catch (SignatureException e) {
System.out.println("ERROR HMAC-SHA1: KEY["+key+"] - DATA["+data+"]");
e.printStackTrace();
}
return output;
}
private static String calculateHMAC_SHA1(String data, String key) throws java.security.SignatureException{
String result=null;
try{
SecretKeySpec signingKey = new SecretKeySpec(key.getBytes(), "HmacSHA1");
Mac mac = Mac.getInstance("HmacSHA1");
mac.init(signingKey);
byte[] rawHmac = mac.doFinal(data.getBytes());
result = new String(Base64.encodeBase64(rawHmac)).trim();
}catch(Exception e){
throw new SignatureException("Failed to generate HMAC : " + e.getMessage());
}
return result;
}
}
----------------END JAVA CODE-----------------
Executing this code I see that the generated oath_signature parameter is oauth_signature=“JhNSoG1nhY6%2F0IIpP22lRaOng40%3D” and in twitter’s example is oauth_signature=“F1Li3tvehgcraF8DMJ7OyxO4w9Y%3D”. This is my problem, I am wrong or I have an error generating the oauth_signature parameter.
Please can anybody help me?
Thanks and Best Regards!!
