in reply to Re^2: Net::OAuth and POST data in thread Net::OAuth and POST data
Greetings, So what? Neither Net::OAuth nor Net::OAuth::Simple include POSTDATA in the signing process, as far as I can tell.
Well, https://metacpan.org/source/SIMONW/Net-OAuth-Simple-1.5/examples/twitter appears like it would work, like the author used it and tested it
So the way Net::OAuth::Simple does things doesn't match the way you try to do it
Is it supposed to sign POSTDATA? I don't know, but I do know there is stuff in your code that doesn't make sense, and doesn't do anything, see #!/usr/bin/perl --
use strict;
use warnings;
use Data::Dump qw/ dd /;
use Net::OAuth;
use HTTP::Request;
my $content = '$content';
my $oauth = Net::OAuth->request('protected resource')->new(
consumer_key => '...',
consumer_secret => '...',
token => '...',
token_secret => '...',
protocol_version => Net::OAuth::PROTOCOL_VERSION_1_0A,
signature_method => 'HMAC-SHA1',
timestamp => time,
nonce => int( rand( 2**32 ) ),
request_url => 'https://api.tradeking.com/v1/accounts/3861910
+5/orders.json',
request_method => 'POST',
extra_params => { POSTDATA => $content },
);
dd( $oauth );
$oauth->signature_elements( [ @{ $oauth->signature_elements }, $conten
+t ] );
dd( $oauth );
my $request = HTTP::Request->new(
$oauth->request_method,
$oauth->request_url,
[
'Authorization' => $oauth->to_authorization_header,
'Content-Type' => 'application/x-www-form-urlencoded',
'TKI_TRADEPASS' => 'myPass',
'TKI_OVERRIDE' => 'true',
],
$content,
);
dd( $request->as_string );
print( $request->as_string );
__END__
bless({
consumer_key => "...",
consumer_secret => "...",
extra_params => { POSTDATA => "\$content" },
nonce => 3692298240,
protocol_version => 1.001,
request_method => "POST",
request_url => "https://api.tradeking.com/v1/accounts/38619105/
+orders.json",
signature_method => "HMAC-SHA1",
timestamp => 1429313493.23438,
token => "...",
token_secret => "...",
version => "1.0",
}, "Net::OAuth::ProtectedResourceRequest")
bless({
consumer_key => "...",
consumer_secret => "...",
extra_params => { POSTDATA => "\$content" },
nonce => 3692298240,
protocol_version => 1.001,
request_method => "POST",
request_url => "https://api.tradeking.com/v1/accounts/38619105/
+orders.json",
signature_method => "HMAC-SHA1",
timestamp => 1429313493.23438,
token => "...",
token_secret => "...",
version => "1.0",
}, "Net::OAuth::ProtectedResourceRequest")
"POST https://api.tradeking.com/v1/accounts/38619105/orders.json\nAuth
+orization: OAuth oauth_consumer_key=\"...\",oauth_nonce=\"3692298240\
+",oauth_signature_method=\"HMAC-SHA1\",oauth_timestamp=\"1429313493.2
+3438\",oauth_token=\"...\",oauth_version=\"1.0\"\nContent-Type: appli
+cation/x-www-form-urlencoded\nTKI-OVERRIDE: true\nTKI-TRADEPASS: myPa
+ss\n\n\$content\n"
POST https://api.tradeking.com/v1/accounts/38619105/orders.json
Authorization: OAuth oauth_consumer_key="...",oauth_nonce="3692298240"
+,oauth_signature_method="HMAC-SHA1",oauth_timestamp="1429313493.23438
+",oauth_token="...",oauth_version="1.0"
Content-Type: application/x-www-form-urlencoded
TKI-OVERRIDE: true
TKI-TRADEPASS: myPass
$content
do you see that? before/after is no change in the object
Also, if you try to ->sign just like ::Simple you get an error Can't locate object method "$content" via package "Net::OAuth::ProtectedResourceRequest" at Net/OAuth/Message.pm line 162.
update: removing $oauth->signature_elements( [ @{ $oauth->signature_elements }, $content ] ); no death, and apparently POSTDATA is taken into account somehow (signature is different) #!/usr/bin/perl --
use strict;
use warnings;
use Data::Dump qw/ dd /;
use Net::OAuth;
use HTTP::Request;
my $content = '$content';
my @oargs = (
consumer_key => '...',
consumer_secret => '...',
token => '...',
token_secret => '...',
protocol_version => Net::OAuth::PROTOCOL_VERSION_1_0A,
signature_method => 'HMAC-SHA1',
#~ timestamp => time,
#~ nonce => int( rand( 2**32 ) ),
timestamp => '1429313655.625',
nonce => '2009333760',
request_url => 'https://api.tradeking.com/v1/accounts/3861910
+5/orders.json',
request_method => 'POST',
);
my $oauth = Net::OAuth->request('protected resource')->new(
@oargs,
);
my $oauthPOST = Net::OAuth->request('protected resource')->new(
@oargs,
extra_params => { POSTDATA => $content },
);
dd( $oauth );
$_->sign, $_->verify for $oauth, $oauthPOST;
dd( $oauth , $oauthPOST );
my $request = HTTP::Request->new(
$oauthPOST->request_method,
$oauthPOST->request_url,
[
'Authorization' => $oauthPOST->to_authorization_header,
'Content-Type' => 'application/x-www-form-urlencoded',
'TKI_TRADEPASS' => 'myPass',
'TKI_OVERRIDE' => 'true',
],
$content,
);
dd( $request->as_string );
print( $request->as_string );
__END__
bless({
consumer_key => "...",
consumer_secret => "...",
extra_params => {},
nonce => 2009333760,
protocol_version => 1.001,
request_method => "POST",
request_url => "https://api.tradeking.com/v1/accounts/38619105/
+orders.json",
signature_method => "HMAC-SHA1",
timestamp => 1429313655.625,
token => "...",
token_secret => "...",
version => "1.0",
}, "Net::OAuth::ProtectedResourceRequest")
(
bless({
consumer_key => "...",
consumer_secret => "...",
extra_params => {},
nonce => 2009333760,
protocol_version => 1.001,
request_method => "POST",
request_url => "https://api.tradeking.com/v1/accounts/3861910
+5/orders.json",
signature => "VtlaK9KL6t5I5tWfRPo+lFz/VJU=",
signature_method => "HMAC-SHA1",
timestamp => 1429313655.625,
token => "...",
token_secret => "...",
version => "1.0",
}, "Net::OAuth::ProtectedResourceRequest"),
bless({
consumer_key => "...",
consumer_secret => "...",
extra_params => { POSTDATA => "\$content" },
nonce => 2009333760,
protocol_version => 1.001,
request_method => "POST",
request_url => "https://api.tradeking.com/v1/accounts/3861910
+5/orders.json",
signature => "IH21VXqfWRaRFeR+vYC2/kMQtyk=",
signature_method => "HMAC-SHA1",
timestamp => 1429313655.625,
token => "...",
token_secret => "...",
version => "1.0",
}, "Net::OAuth::ProtectedResourceRequest"),
)
"POST https://api.tradeking.com/v1/accounts/38619105/orders.json\nAuth
+orization: OAuth oauth_consumer_key=\"...\",oauth_nonce=\"2009333760\
+",oauth_signature=\"IH21VXqfWRaRFeR%2BvYC2%2FkMQtyk%3D\",oauth_signat
+ure_method=\"HMAC-SHA1\",oauth_timestamp=\"1429313655.625\",oauth_tok
+en=\"...\",oauth_version=\"1.0\"\nContent-Type: application/x-www-for
+m-urlencoded\nTKI-OVERRIDE: true\nTKI-TRADEPASS: myPass\n\n\$content\
+n"
POST https://api.tradeking.com/v1/accounts/38619105/orders.json
Authorization: OAuth oauth_consumer_key="...",oauth_nonce="2009333760"
+,oauth_signature="IH21VXqfWRaRFeR%2BvYC2%2FkMQtyk%3D",oauth_signature
+_method="HMAC-SHA1",oauth_timestamp="1429313655.625",oauth_token="...
+",oauth_version="1.0"
Content-Type: application/x-www-form-urlencoded
TKI-OVERRIDE: true
TKI-TRADEPASS: myPass
$content
So what next? I dont know :)
|
|