Get contacts using Yahoo Contacts API

问题

I followed these steps "http://developer.yahoo.com/oauth/guide/oauth-auth-flow.html" and I got oauth token and GUID from authenticated user. Now I am trying retrieve all contacts through GUID as I have seen on searchs for web using this url "http://social.yahooapis.com/v1/user/GUID_HERE/contacts" and passing authorization data via headers but I just get this response:

<?xml version='1.0' encoding='UTF-8'?><yahoo:errorxmlns:yahoo='http://yahooapis.com/v1/base.rng' xml:lang='en-US'><yahoo:description>Please provide valid credentials. OAuth oauth_problem="signature_invalid", realm="yahooapis.com"</yahoo:description></yahoo:error><!-- ws129.socdir.sp2.yahoo.com uncompressed/chunked Tue Aug 28 06:22:40 PDT 2012 -->

I am performing the request using cURL (PHP) like is written here "http://developer.yahoo.com/oauth/guide/oauth-make-request.html" (I have checked and I am using my consumer secret as ouath_signature):

$header = array(
'GET http://social.yahooapis.com/v1/user/' . $guid[1] . '/contacts',
'Authorization: OAuth realm="yahooapis.com", '.
                                     'oauth_consumer_key="'.$yahoo_consumer_key.'", '.
                                     'oauth_nonce="'.uniqid().'", '.
                                     'oauth_signature_method="HMAC-SHA1", '.
                                     'oauth_timestamp="'.time().'", '.
                                     'oauth_token="'.$ouathToken[1].'", '.
                                     'oauth_version="1.0", '.
                                     'oauth_signature="'.$yahoo_consumer_secret.'"');
curl_setopt_array($ch, array(
    CURLOPT_RETURNTRANSFER => true,
              CURLOPT_FOLLOWLOCATION => TRUE,
              CURLOPT_SSL_VERIFYPEER => false,
              CURLOPT_SSL_VERIFYHOST => 0,
              //CURLOPT_HTTPGET => true,
              CURLOPT_URL => 'http://social.yahooapis.com/v1/user/' . $guid[1] . '/contacts',
              CURLOPT_HTTPHEADER => $header
    ));

Anyone can help?

回答1:

The OAuth Signature isn't just the consumer secret. Yahoo has some documentation on how sign the request and that's what goes in the oauth_signature field.

回答2:

Seems the signature created is wrong.For create signature first create base string which is created by normalizing your url.

For more details about base string visit http://developer.yahoo.com/oauth/guide/oauth-signing.html. http://oauth.net/core/1.0/#anchor16

After creating a base string create a signature key which is developed by concatenating COSUMER SECRET and token secret with &.Like this,

$signatureKey = CONSUMER_SECRET."&".{yourtokensecret};

Then for create signature try this code: $signature = urlencode(base64_encode(hash_hmac('sha1',{baseString}, $signatureKey, true)));

回答3:

There is an excellent signing function available here.

来源：https://stackoverflow.com/questions/12179189/get-contacts-using-yahoo-contacts-api