自定义推文给出“32：无法验证您”。错误。知道为啥吗？

Posted 2023-03-24

【中文标题】自定义推文给出“32：无法验证您”。错误。知道为啥吗？

【英文标题】：Custom Tweet gives a "32: Could not authenticate you." error. Any idea why?自定义推文给出“32：无法验证您”。错误。知道为什么吗？

【发布时间】：2017-01-22 08:38:37

【问题描述】：

在 javascript 中发送推文时出现身份验证错误。

我是否正确地执行了“/* post it */”部分？（它位于代码片段的底部。）或者，???

/* determine welcome message */
var textToTweet = "Hi, Reddit";
console.log("textToTweet: "+textToTweet);


/* send a tweet */
/* needs Single-user OAuth */
var twitterApplicationConsumerKey = 'shhhh tis a secret'; // Located in the "Application Settings" section
var twitterApplicationConsumerSecret = 'shhhh tis a secret'; // Located in the "Application Settings" section
var twitterApplicationAccessToken = 'shhhh tis a secret'; // Located in the "Your Access Token" section
var twitterApplicationAccessTokenSecret = 'shhhh tis a secret'; // Located in the "Your Access Token" section


/* OAuthSimple
* A simpler version of OAuth
*
* author:     jr conlin
* mail:       src@anticipatr.com
* copyright:  unitedHeroes.net
* version:    1.0
* url:        http://unitedHeroes.net/OAuthSimple
*
...
*/
/**
* Computes a HMAC-SHA1 code.
*
* @param string k Secret key.
* @param string d Data to be hashed.
* @return string The hashed string.
*/
function b64_hmac_sha1(k,d,_p,_z)
  if(!_p)_p='=';if(!_z)_z=8;function _f(t,b,c,d)if(t<20)return(b&c)|((~b)&d);if(t<40)return b^c^d;if(t<60)return(b&c)|(b&d)|(c&d);return b^c^d;function _k(t)return(t<20)?1518500249:(t<40)?1859775393:(t<60)?-1894007588:-899497514;function _s(x,y)var l=(x&0xFFFF)+(y&0xFFFF),m=(x>>16)+(y>>16)+(l>>16);return(m<<16)|(l&0xFFFF);function _r(n,c)return(n<<c)|(n>>>(32-c));function _c(x,l)x[l>>5]|=0x80<<(24-l%32);x[((l+64>>9)<<4)+15]=l;var w=[80],a=1732584193,b=-271733879,c=-1732584194,d=271733878,e=-1009589776;for(var i=0;i<x.length;i+=16)var o=a,p=b,q=c,r=d,s=e;for(var j=0;j<80;j++)if(j<16)w[j]=x[i+j];elsew[j]=_r(w[j-3]^w[j-8]^w[j-14]^w[j-16],1);var t=_s(_s(_r(a,5),_f(j,b,c,d)),_s(_s(e,w[j]),_k(j)));e=d;d=c;c=_r(b,30);b=a;a=t;a=_s(a,o);b=_s(b,p);c=_s(c,q);d=_s(d,r);e=_s(e,s);return[a,b,c,d,e];function _b(s)var b=[],m=(1<<_z)-1;for(var i=0;i<s.length*_z;i+=_z)b[i>>5]|=(s.charCodeAt(i/8)&m)<<(32-_z-i%32);return b;function _h(k,d)var b=_b(k);if(b.length>16)b=_c(b,k.length*_z);var p=[16],o=[16];for(var i=0;i<16;i++)p[i]=b[i]^0x36363636;o[i]=b[i]^0x5C5C5C5C;var h=_c(p.concat(_b(d)),512+d.length*_z);return _c(o.concat(h),512+160);function _n(b)var t="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",s='';for(var i=0;i<b.length*4;i+=3)var r=(((b[i>>2]>>8*(3-i%4))&0xFF)<<16)|(((b[i+1>>2]>>8*(3-(i+1)%4))&0xFF)<<8)|((b[i+2>>2]>>8*(3-(i+2)%4))&0xFF);for(var j=0;j<4;j++)if(i*8+j*6>b.length*32)s+=_p;elses+=t.charAt((r>>6*(3-j))&0x3F);return s;function _x(k,d)return _n(_h(k,d));return _x(k,d);


//create nonce
function generateRandomString(desiredLengthOfRandomString) 
    var result = '';
    var possibleCharactersForRandomString = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";

    for( var i=0; i < desiredLengthOfRandomString; i++ )
        result += possibleCharactersForRandomString.charAt(Math.floor(Math.random() * possibleCharactersForRandomString.length));

    return result;


var randomString = generateRandomString(32);
var nonce = new Buffer(randomString).toString('base64');


//create timestamp
var timestamp = Math.floor(new Date() / 1000);

//create the signature
var signatureParameterString = 'oauth_consumer_key=' + twitterApplicationConsumerKey + '&oauth_nonce=' + encodeURIComponent(nonce) + '&oauth_signature_method=HMAC-SHA1&oauth_timestamp=' + timestamp + '&oauth_token=' + twitterApplicationAccessToken + '&oauth_version=1.0' + '&status=' + textToTweet;
console.log("signatureParameterString: "+signatureParameterString);

var signatureBaseString = 'POST&https%3A%2F%2Fapi.twitter.com%2F1.1%2Fstatuses%2Fupdate.json&' + encodeURIComponent(signatureParameterString);
console.log("signatureBaseString: "+signatureBaseString);

var signingKey = encodeURIComponent(twitterApplicationConsumerSecret) + '&' + encodeURIComponent(twitterApplicationAccessTokenSecret);

var signature = b64_hmac_sha1(signingKey, signatureBaseString);

// prepare post
var apiUrl = 'https://api.twitter.com/1.1/statuses/update.json?status=' +encodeURIComponent(textToTweet);
console.log("apiUrl: "+apiUrl);


// prepare authentication
var oauthString = 'OAuth oauth_consumer_key="' + twitterApplicationConsumerKey + '", oauth_nonce="' + encodeURIComponent(nonce) + '", oauth_signature="' + encodeURIComponent(signature) + '", oauth_signature_method="HMAC-SHA1", oauth_timestamp="' + timestamp + '", oauth_token="' + twitterApplicationAccessToken + '", oauth_version="1.0"';
console.log("oauthString: "+oauthString);

/* post it */
fetch(apiUrl, 
  method: 'POST',
  headers: 
    'Authorization': oauthString
  
)
.then(function(res) 
  return res.json();
)
.then(function(body) 
  var output = body;
  callback(null, output);
)
.catch(callback);

如果重要的话

这是x-post to Reddit。 这是对my previous post that lacked oath 的改进。

【参考方案1】：

将'&status=' + textToTweet; 更改为'&status=' + encodeURIComponent(textToTweet);

使用http://quonos.nl/oauthTester/ 解决了这个问题