I've been banging my head against this problem for nearly two days now, and I'm hoping someone on this site can help me.

我已经对这个问题进行了近两天的打击，我希望这个网站上有人可以帮助我。

I live in China and have a server (shared hosting) located in *. I've set up a PHP Twitter proxy on the server, and I connect to the proxy using Twitter for iPhone (AKA Tweetie). It's worked beautifully for the past year or so.

我住在中国，在香港有一台服务器（共享主机）。我在服务器上设置了一个PHP Twitter代理，然后使用Twitter for iPhone（AKA Tweetie）连接到代理。它在过去一年左右的工作非常精彩。

Twitter for iPhone was updated yesterday and now requires XAuth authorization to connect to twitter.com (previously, it used Basic Auth). Since the update, I haven't been able to authenticate myself using my proxy, in spite of making (what I believe to be) the appropriate changes to my proxy.

Twitter for iPhone昨天更新，现在要求XAuth授权连接到twitter.com（以前使用Basic Auth）。自更新以来，我无法使用我的代理对自己进行身份验证，尽管我（我相信）对我的代理进行了适当的更改。

Conceptually, this isn't a very difficult problem to crack. In order to authenticate with twitter.com using XAuth, an app must send a POST request to https://api.twitter.com/oauth/access_token. The POST body must be of the form:

从概念上讲，这不是一个非常难以破解的问题。要使用XAuth通过twitter.com进行身份验证，应用程序必须向https://api.twitter.com/oauth/access_token发送POST请求。 POST正文必须是以下形式：

x_auth_username=aUserName&x_auth_mode=client_auth&x_auth_password=aPassword

Additionally, the POST request must have an Authorization header in the form:

此外，POST请求必须在表单中具有Authorization标头：

OAuth oauth_signature_method="HMAC-SHA1", oauth_consumer_key="IQKbtAYlXsomeLGkey0HUA", oauth_nonce="8B265865-3F57-44FF-BCD6-E009EA7D4615", oauth_signature="sbwblaho64blahr934mZQ+23DYQ=", oauth_timestamp="1277356846", oauth_version="1.0"

So, what I've done is used .htaccess to copy the Auth header to a $_REQUEST variable using this code:

所以，我所做的是使用.htaccess使用以下代码将Auth标头复制到$ _REQUEST变量：

RewriteCond %{HTTP:Authorization} ^OAuth.*
RewriteRule (.*) index.php?OAuth=%{HTTP:Authorization} [QSA,L]

My proxy copies the contents of that $_REQUEST variable to an instance variable called $self->oauthHeader. Then, I make add it as a header to my cURL request using the following code:

我的代理将该$ _REQUEST变量的内容复制到名为$ self-> oauthHeader的实例变量中。然后，我使用以下代码将其添加为我的cURL请求的标头：

if (isset($this->oauthHeader)) {    
    $headers[] = 'Authorization: '.$this->oauthHeader;
    $headers[] = 'Content-Type: application/x-www-form-urlencoded';
    $curl_options[CURLOPT_HTTPHEADER] = $headers;
}

I also add the original request's POST body to the cURL's POST body using:

我还使用以下命令将原始请求的POST主体添加到cURL的POST主体：

$curl_options[CURLOPT_POST] = true;
$curl_options[CURLOPT_POSTFIELDS] = @file_get_contents("php://input");

I send the cURL request to Twitter. Everything seems to work correctly, but I inevitably receive a response of "Failed to validate oauth signature and token."

我将cURL请求发送到Twitter。一切似乎都正常，但我不可避免地收到“无法验证oauth签名和令牌”的回复。

I'm at my wit's end, and I can't for the life of me think what I'm doing wrong. Any help would be much appreciated.

我在我的智慧结束，我不能为我的生活思考我做错了什么。任何帮助将非常感激。

1 个解决方案

#1

---