dqprf0976 2013-07-09 14:26 采纳率: 100%
浏览 102
已采纳

使用2leg oauth令牌调用Bitbucket REST API

I am trying to call bitbucket's api using 2-legged oauth authentication.

I call 

https://bitbucket.org/!api/1.0/oauth/request_token

with my oauth secret and key and get the following:

oauth_token_secret=<token_secret>&oauth_token=<token>&oauth_callback_confirmed=true

How can I use this to call an api function, such as 

https://bitbucket.org/api/1.0/user
  • 写回答

1条回答 默认 最新

  • douchun1900 2013-07-10 01:37
    关注

    After you have received accesstoken & secret, when you send the request add a (Authorization) Header as, 

    Authorization: OAuth oauth_consumer_key="<YourKey>",oauth_signature_method="HMAC-SHA1",oauth_timestamp="<TIMESTAMP>",oauth_nonce="2694561796",oauth_version="1.0",oauth_signature="<Signature>"

    where,

    TIMESTAMP= current epoch (ms) oauth_nonce random number

    Important thing is oauth_signature

    Read through here on how to generate,

    Oauth 1.0 Signature

    Signature has to be precalculated before sending the request. And this will do it.

    To test it you can tryout it here, Apigee Bitbucket API Console

    PS: Its weird that Bit Bucket uses OAuth 1.0, well known for its vulnerabilities.

    Session Fixation Attack

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
编辑
预览

报告相同问题?

手机看
程序员都在用的中文IT技术交流社区

程序员都在用的中文IT技术交流社区

专业的中文 IT 技术社区,与千万技术人共成长

专业的中文 IT 技术社区,与千万技术人共成长

关注【CSDN】视频号,行业资讯、技术分享精彩不断,直播好礼送不停!

关注【CSDN】视频号,行业资讯、技术分享精彩不断,直播好礼送不停!

 客服 返回
顶部