问题描述:

I'm following steps outlined by Twitter to create a signature as part of the authorisation process when using the Twitter API v1.1. The steps are online here:

https://dev.twitter.com/docs/auth/creating-signature

I've got to the last bit where I have a signature base string and a signing key. I'm struggling to generate the final signature.

I need to pass the sig base string and the signing key to the HMAC-SHA1 hashing algorithm then use base64 encoding. I'm not sure which order this goes in or exactly what the code would be. Here's what I've tried, which doesn't give me the same result as Twitter's example:

$sigBaseString = '

POST&https%3A%2F%2Fapi.twitter.com%2F1%2Fstatuses%2Fupdate.json&include_entities%3Dtrue%26oauth_consumer_key%3Dxvz1evFS4wEEPTGEFPHBog%26oauth_nonce%3DkYjzVBB8Y0ZFabxSWbWovY3uYSQ2pTgmZeNu2VS4cg%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1318622958%26oauth_token%3D370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb%26oauth_version%3D1.0%26status%3DHello%2520Ladies%2520%252B%2520Gentlemen%252C%2520a%2520signed%2520OAuth%2520request%2521'

$signingKey = 'kAcSOqF21Fu85e7zjz7ZN2U4ZRhfV3WpwPAoE3Z7kBw&LswwdoUaIvS8ltyTt5jkRh4J50vUPVVHtR2YPi5kE';

$sig = hash_hmac('sha1',$sigBaseString,$signingKey);

echo base64_encode($sig);

Am I using hash_hmac wrong? Have I done the base64 encoding at the wrong part? I can't seem to get the same result as Twitter.

网友答案:

Found an answer to my own question:

$sig = base64_encode(hash_hmac('sha1',$sigBaseString,$signingKey,TRUE));
相关阅读:
Top