Tumblr API Photo Post返回401（未授权）

I'm attempting to use the Tumblr API in an Android app to authorize users and make text and photo posts. I'm using the Scribe library. So for, I can successfully obtain an access token and use it to get user info. I can also make text posts without any issues. This tells me that I'm signing requests correctly.

我正在尝试在Android应用中使用Tumblr API来授权用户并制作文字和照片帖子。我正在使用Scribe库。因此,我可以成功获取访问令牌并使用它来获取用户信息。我也可以毫无问题地发帖。这告诉我,我正确签署请求。

However, I've spent the last week and a half attempting to make photo posts without success. I continuously receive 401 errors (Not Authorized) I've read through many posts on the Tumblr support forum as well as here on Stack Overflow, but was unable to find a solution.

但是,我花了最后一周半的时间试图制作照片,但没有成功。我不断收到401错误(未经授权)我已阅读Tumblr支持论坛以及Stack Overflow上的许多帖子,但无法找到解决方案。

I'm reluctant to include the Jumblr library because I'm trying to keep my app as lean as possible. That said, I reviewed the Jumblr code and decided to mimic how photo posts are sent (https://github.com/tumblr/jumblr/blob/master/src/main/java/com/tumblr/jumblr/request/MultipartConverter.java). I'm still receiving the exact same error.

我不愿意包含Jumblr库,因为我试图让我的应用程序尽可能精简。也就是说,我查看了Jumblr代码并决定模仿照片帖子的发送方式(https://github.com/tumblr/jumblr/blob/master/src/main/java/com/tumblr/jumblr/request/MultipartConverter。 JAVA)。我仍然收到完全相同的错误。

Below is an example my multipart POST request and the response I receive. I've replace the blog name, and OAuth signature, consumer key, and token variables, and have removed the binary image data for brevity sake. Everything else is untouched. I have a few questions...

下面是我的多部分POST请求和我收到的响应的示例。我已经替换了博客名称,OAuth签名,消费者密钥和令牌变量,并且为了简洁起见已删除了二进制图像数据。其他一切都没有动过。我有几个问题...

Are there any other variables that should be included in the multipart section? A Stack Overflow user stated that placing the "oauth_" signature variables in there fixed his problem. I didn't have success with this, but maybe there was something I was missing.
是否应该在multipart部分中包含任何其他变量? Stack Overflow用户表示将“oauth_”签名变量放在那里可以解决他的问题。我没有成功,但也许有一些我想念的东西。
The Jumblr app doesn't appear to do any encoding of the image data, although the Tumblr documentation states that it should be URL encoded. Right now I'm sending it as the Jumblr app appears to (raw binary). Is this correct?
Jumblr应用程序似乎没有对图像数据进行任何编码,尽管Tumblr文档指出它应该是URL编码的。现在我正在发送它,因为Jumblr应用程序似乎(原始二进制)。它是否正确?
Does anything else in my request look incorrect?
我的请求中的其他内容看起来不正确吗?

REQUEST:

NOTE: I learned that the OAuth signature should be generated WITHOUT the multipart form. My code takes that into account when building this request!

注意:我了解到应该在没有多部分表单的情况下生成OAuth签名。我的代码在构建此请求时会考虑到这一点!

POST http://api.tumblr.com/v2/blog/**REMOVED**.tumblr.com/post HTTP/1.1
Content-Type: multipart/form-data, boundary=cbe6b79db1b3cbe6b79e104e
Authorization: OAuth oauth_signature="**REMOVED**", oauth_version="1.0", oauth_nonce="3181201716", oauth_signature_method="HMAC-SHA1", oauth_consumer_key="**REMOVED**", oauth_timestamp="1388791537", oauth_token="**REMOVED**"
Content-Length: 1001
User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.3; SM-N900T Build/JSS15J)
Host: api.tumblr.com
Connection: Keep-Alive
Accept-Encoding: gzip

--cbe6b79db1b3cbe6b79e104e
Content-Disposition: form-data; name="type"

photo
--cbe6b79db1b3cbe6b79e104e
Content-Disposition: form-data; name="caption"

Another pic test...
--cbe6b79db1b3cbe6b79e104e
Content-Disposition: form-data; name="data[0]"; filename="postr_media_file_1388791537-1709648435.jpg"
Content-Type: image/jpeg

---- BINARY DATA REMOVED FOR BREVITY ----

RESPONSE:

HTTP/1.1 401 Not Authorized
Server: nginx
Date: Fri, 03 Jan 2014 23:25:39 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: tmgioct=52c746f34266840643527780; expires=Mon, 01-Jan-2024 23:25:39 GMT; path=/; httponly
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"

3c
{"meta":{"status":401,"msg":"Not Authorized"},"response":[]}

1 个解决方案

#1

I posted the answer in the "Tumblr API Discussion" Google Group. This is what I did:

我在谷歌集团的“Tumblr API讨论”中发布了答案。这就是我做的:

The key to doing it correctly is NOT just signing without the multipart form!!! Here are the steps...

正确地做到这一点的关键不仅仅是在没有多部分表格的情况下进行签名!这是步骤......

Add all fields EXCEPT the data field as regular url encoded POST body variables

添加除数据字段之外的所有字段作为常规url编码的POST正文变量

Sign the request

签署请求

Remove ALL off the post variables you just added from the request

从请求中添加的post变量中删除ALL

Add the multipart form, including the data field this time

添加多部分表单,包括此次的数据字段

Some things to consider...

有些事要考虑......

The Content-Type in the header should be "multipart/form-data"

标题中的Content-Type应为“multipart / form-data”

The Content-Disposition of all form parts should be "form-data" and, of course, include a valid "name" attribute (ie. type, caption, etc...)

所有表单部分的内容处理应该是“表单数据”,当然还包括有效的“名称”属性(即类型,标题等...)

The Content-Disposition of the data part should also include a "filename" attribute

数据部分的Content-Disposition还应包含“filename”属性

The only form part that should contain a Content-Type is data, and it should be set to the mime type of the file you are uploading (ie. "image/jpeg")

应该包含Content-Type的唯一表单部分是数据,它应该设置为要上载的文件的mime类型(即“image / jpeg”)

I used "data[0]" as the name of the data field. I haven't tested this with just "data", but according to everything I've read it should work that way as well. If you are creating a photo set, I believe you simple add additional parts (ie. data1. data[2], etc...). Again, I haven't tested anything except "data[0]", so do your due diligence!!!

我使用“data [0]”作为数据字段的名称。我没有用“数据”来测试它,但根据我读过的所有内容,它也应该以这种方式工作。如果您正在创建照片集,我相信您可以简单地添加其他部分(即data1.data [2]等...)。同样,除了“data [0]”之外,我还没有测试过任何东西,所以你的尽职调查!

I did NOT encode the binary image data!!! I saw people spending considerable amount of time on this in other posts when adding the image as a POST body variable. If doing this as a multipart form, you can skip the encoding and send raw binary data! ;-)

我没有编码二进制图像数据!在将图像添加为POST主体变量时,我看到人们在其他帖子中花费了相当多的时间。如果以多部分形式执行此操作,则可以跳过编码并发送原始二进制数据! ;-)

I hope this helps someone! I've spent two weeks banging my head on random solid objects trying to figure this out. The implementation is very easy to do, but there is zero documentation available on how exactly to build POST requests for photos properly. The official docs really should include that. If I had know what I just posted above I could have completed this in minutes instead of weeks!!!

我希望这可以帮助别人!我花了两个星期的时间把头砸在随机的固体物体上试图解决这个问题。实现非常简单,但没有关于如何正确构建POST请求的文档。官方文档真的应该包括那个。如果我知道上面刚刚发布的内容,我可以在几分钟而不是几周内完成!

The last request I posted earlier is still valid, but here it is again. Just remember what I mentioned about the signature!!!

我之前发布的最后一个请求仍然有效,但现在又是。记住我提到的关于签名的内容!

REQUEST:

POST http://api.tumblr.com/v2/blog/REMOVED.tumblr.com/post HTTP/1.1
Content-Type: multipart/form-data, boundary=c60f7c041c02c60f7c046e9b
Authorization: OAuth oauth_signature="***REMOVED***", oauth_version="1.0", oauth_nonce="315351812", oauth_signature_method="HMAC-SHA1", oauth_consumer_key="***REMOVED***", oauth_timestamp="1388785116", oauth_token="***REMOVED***"
Content-Length: 1001
User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.3; SM-N900T Build/JSS15J)
Host: api.tumblr.com
Connection: Keep-Alive
Accept-Encoding: gzip

--c60f7c041c02c60f7c046e9b
Content-Disposition: form-data; name="type"

photo
--c60f7c041c02c60f7c046e9b
Content-Disposition: form-data; name="caption"

Another pic test...
--c60f7c041c02c60f7c046e9b
Content-Disposition: form-data; name="data[0]"; filename="postr_media_file_1388785116-1709648435.jpg"
Content-Type: image/jpeg

***** BINARY DATA REMOVED FOR BREVITY *****
--c60f7c041c02c60f7c046e9b--

1 个解决方案

#1

更多相关文章

随机推荐