我正在使用flutter开发一款健身应用程序。我正在尝试使用Fatsecret API食品和配方数据库。
我是flutter和API的新手(之前是一名初级安卓开发人员,只与firebase合作(。现在我还在为fatsecret API生成OAuth签名。
用于生成签名的Fatsecret文档,但我不理解。
这是我的代码
import 'dart:convert';
import 'package:convert/convert.dart';
import 'package:crypto/crypto.dart';
import 'package:http/http.dart' as http;
import 'package:random_string/random_string.dart';
import 'package:sortedmap/sortedmap.dart';
// FatSecret API
class FsApiService {
/// I used these tuts for reference
// https://blog.dantup.com/2017/01/simplest-dart-code-to-post-a-tweet-
// using-oauth/
// http://platform.fatsecret.com/api/Default.aspx?screen=rapiauth
// https://github.com/EugeneHoran/Android-FatSecret-REST-API
// https://stackoverflow.com/questions/49797558/how-to-make-http-post-
// request-with-url-encoded-body-in-flutter
//https://groups.google.com/a/dartlang.org/forum/#!topic/cloud/Ci1gFhYBSDQ
// https://stackoverflow.com/questions/28910178/calculating-an-oauth-
// signature
static const API_KEY = 'API_KEY_HERE';
static const SHARED_SECRET = 'SHARED_SECRET_HERE';
static const APP_METHOD = 'POST';
static const REQUEST_URL =
'http://platform.fatsecret.com/rest/server.api';
static const SIGNATURE_METHOD = 'HMAC-SHA1';
static const OAUTH_VERSION = '1.0';
var _sigHasher;
FsApiService() {
var bytes = utf8.encode('$SHARED_SECRET&');
_sigHasher = new Hmac(sha1, bytes);
}
/// Fetches all foods from Fatsecret Api
fetchAllFoodsFromApi() async {
Map<String, String> params = {
'oauth_consumer_key': API_KEY,
'oauth_signature_method': SIGNATURE_METHOD,
'oauth_timestamp':
(DateTime.now().millisecondsSinceEpoch).toString(),
'oauth_nonce': nounce(),
'oauth_version': (1.0).toString(),
'format': 'json',
'method': 'foods.search',
'search_expression': 'cheese'
};
var signatureUri = _generateSignature(APP_METHOD, REQUEST_URL, params);
params['oauth_signature'] = signatureUri;
var sortedParams = SortedMap.from(params);
var client = http.Client();
final response = await client.post(
REQUEST_URL,
headers: sortedParams,
);
print(response.statusCode);
print(response.body);
print('$signatureUri');
print('$sortedParams');
print('$params');
}
String nonce() {
return randomString(8);
}
String _generateSignature(
String method, String baseUrl, Map<String, String> params) {
var encodedMethod = Uri.encodeComponent(method);
var encodedUrl = Uri.encodeComponent(baseUrl);
var sortedParams = SortedMap.from(params);
var concatedParams = _toQueryString(sortedParams);
var encodedParams = Uri.encodeComponent(concatedParams);
var finalUrl = '$encodedMethod&${_encode(encodedUrl.toString())}'
+ '&${_encode(encodedParams)}';
var base64converted = base64.encode(_hash(finalUrl));
print('encoded method = $encodedMethod');
print('encoded url = $encodedUrl');
print('encoded params = $encodedParams');
print('final url = $finalUrl');
print('base64converted = $base64converted');
return base64converted;
}
String _toQueryString(Map<String, String> data) {
var items = data.keys.map((k) => "$k=${_encode(data[k])}").toList();
items.sort();
return items.join('&');
}
String _encode(String data) {
return percent.encode(data.codeUnits);
}
List<int> _hash(String data) => _sigHasher.convert(data.codeUnits).bytes;
}
当我运行应用程序时,以下错误消息显示在logcat 中
2018-11-01 19:53:17.681 25882-25907/com.example.ninjaapp I/flutter: 200
2018-11-01 19:53:17.735 25882-25907/com.example.ninjaapp I/flutter: <?xml
version="1.0" encoding="utf-8" ?>
<error xmlns="http://platform.fatsecret.com/api/1.0/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://platform.fatsecret.com/api/1.0/
http://platform.fatsecret.com/api/1.0/fatsecret.xsd">
<code>2</code>
<message>Missing required oauth parameter:
oauth_signature_method</message>
</error>
我是否以错误的方式创建签名?或者有人能看到我哪里错了吗?
谢谢!
API类
import 'dart:async';
import 'dart:convert';
import 'dart:math';
import 'package:http/http.dart' as http;
import 'package:convert/convert.dart';
import 'package:crypto/crypto.dart';
// TwitterApi class adapted from DanTup:
// https://blog.dantup.com/2017/01/simplest-dart-code-to-post-a-tweet-using-oauth/
class FatSecretApi {
final String fatSecretApiBaseUrl = "platform.fatsecret.com";
bool isJson = true;
final String consumerKey, consumerKeySecret, accessToken, accessTokenSecret;
Hmac _sigHasher;
FatSecretApi(this.consumerKey, this.consumerKeySecret, this.accessToken,
this.accessTokenSecret) {
var bytes = utf8.encode("$consumerKeySecret&$accessTokenSecret");
_sigHasher = new Hmac(sha1, bytes);
}
FatSecretApi forceXml() {
this.isJson = false;
return this;
}
/// Sends a tweet with the supplied text and returns the response from the Twitter API.
Future<http.Response> request(Map<String, String> data) {
if (isJson) {
data["format"] = "json";
}
return _callGetApi("rest/server.api", data);
}
Future<http.Response> _callGetApi(String url, Map<String, String> data) {
Uri requestUrl = Uri.https(fatSecretApiBaseUrl, url);
print(data["method"]);
_setAuthParams("GET", requestUrl.toString(), data);
requestUrl = Uri.https(requestUrl.authority, requestUrl.path, data);
String oAuthHeader = _generateOAuthHeader(data);
// Build the OAuth HTTP Header from the data.
// Build the form data (exclude OAuth stuff that's already in the header).
// var formData = _filterMap(data, (k) => !k.startsWith("oauth_"));
return _sendGetRequest(requestUrl, oAuthHeader);
}
void _setAuthParams(String requestMethod, String url, Map<String, String> data) {
// Timestamps are in seconds since 1/1/1970.
// var timestamp = new DateTime.now().toUtc().difference(_epochUtc).inSeconds;
var millisecondsSinceEpoch = new DateTime.now().toUtc().millisecondsSinceEpoch;
var timestamp = (millisecondsSinceEpoch / 100).round();
// Add all the OAuth headers we'll need to use when constructing the hash.
data["oauth_consumer_key"] = consumerKey;
data["oauth_signature_method"] = "HMAC-SHA1";
data["oauth_timestamp"] = timestamp.toString();
data["oauth_nonce"] = _randomString(8); // Required, but Twitter doesn't appear to use it
if (accessToken != null && accessToken.isNotEmpty) data["oauth_token"] = accessToken;
data["oauth_version"] = "1.0";
// Generate the OAuth signature and add it to our payload.
data["oauth_signature"] = _generateSignature(requestMethod, Uri.parse(url), data);
}
/// Generate an OAuth signature from OAuth header values.
String _generateSignature(String requestMethod, Uri url, Map<String, String> data) {
var sigString = _toQueryString(data);
var fullSigData = "$requestMethod&${_encode(url.toString())}&${_encode(sigString)}";
return base64.encode(_hash(fullSigData));
}
/// Generate the raw OAuth HTML header from the values (including signature).
String _generateOAuthHeader(Map<String, String> data) {
var oauthHeaderValues = _filterMap(data, (k) => k.startsWith("oauth_"));
return "OAuth " + _toOAuthHeader(oauthHeaderValues);
}
/// Send HTTP Request and return the response.
Future<http.Response> _sendGetRequest(Uri fullUrl, String oAuthHeader) async {
return await http.get(fullUrl, headers: { });
}
Map<String, String> _filterMap(
Map<String, String> map, bool test(String key)) {
return new Map.fromIterable(map.keys.where(test), value: (k) => map[k]);
}
String _toQueryString(Map<String, String> data) {
var items = data.keys.map((k) => "$k=${_encode(data[k])}").toList();
items.sort();
return items.join("&");
}
String _toOAuthHeader(Map<String, String> data) {
var items = data.keys.map((k) => "$k="${_encode(data[k])}"").toList();
items.sort();
return items.join(", ");
}
List<int> _hash(String data) => _sigHasher.convert(data.codeUnits).bytes;
String _encode(String data) => percent.encode(data.codeUnits);
String _randomString(int length) {
var rand = new Random();
var codeUnits = new List.generate(
length,
(index){
return rand.nextInt(26)+97;
}
);
return new String.fromCharCodes(codeUnits);
}
}
并像使用一样使用它
import 'dart:async';
import 'dart:convert';
import 'package:flutter_test_app/error/FatSecretException.dart';
import 'package:flutter_test_app/model/dayNutrientsEntry.dart';
import 'package:flutter_test_app/network/fatSecretApi.dart';
import 'package:flutter_test_app/model/foodItem.dart';
import 'package:flutter_test_app/model/auth/user_fat_secret_auth_model.dart';
class RestClient {
// if you don't have one, generate from fatSecret API
String consumerKey;
// if you don't have one, generate from fatSecret API
String consumerKeySecret;
// creates a new RestClient instance.
// try to make singleton too avoid multiple instances
// make sure to set AppConfig consumer keys and secrets.
RestClient() {
this.consumerKey = 'CONSUMER_KEY';
this.consumerKeySecret = 'CONSUMER_KEY_SECRET';
}
/*
* Sends an API call to "food.search" method on fatSecret APi
* the method inputs a query string to search in food
* Return Type [SearchFoodItem]
* please refer to model package.
*/
Future<List<SearchFoodItem>> searchFood(String query) async {
List<SearchFoodItem> list = [];
// FatSecretApi be sure that consumer keys are set before you send a call
FatSecretApi foodSearch = FatSecretApi(
this.consumerKey,
this.consumerKeySecret,
"",
"",
);
var result = await foodSearch
.request({"search_expression": query, "method": "foods.search"})
.then((res) => res.body)
.then(json.decode)
.then((json) => json["foods"])
.then((json) => json["food"])
.catchError((err) {
print(err);
});
// Create a POJO class and parse it
result.forEach((foodItem) => list.add(SearchFoodItem.fromJson(foodItem)));
return list;
}
/*
* Sends an API call to "profile.create" method on fatSecret APi
* the method inputs unique user Id
* Return Type [Map]
* please refer to fatSecret return types
*/
Future<Map> createProfile(String userId) async {
// Be sure that consumer keys are set before you send a call
FatSecretApi api = FatSecretApi(this.consumerKey, this.consumerKeySecret, "", "");
var response =
api.request({"method": "profile.create", "user_id": userId});
var jsonBody = await response.then((res) => res.body).then(json.decode);
if (jsonBody["error"] != null) {
var errorMap = jsonBody["error"];
throw FatSecretException(errorMap["code"], errorMap["message"]);
}
var profile = jsonBody["profile"];
return profile;
}
/*
* Sends an API call to "profile.get_auth" method on fatSecret APi
* the method inputs unique user Id
* Return Type [Map]
* please refer to fatSecret return types
*/
Future<Map> getProfileAuth(String userId) async {
//var session = await Preferences().getUserSession();
var api =
new FatSecretApi(this.consumerKey, this.consumerKeySecret, "", "");
var jsonBody = await api
.request({"method": "profile.get_auth", "user_id": userId})
.then((res) => res.body)
.then(json.decode);
// .then((json) => json["profile"]);
if (jsonBody["error"] != null) {
var errorMap = jsonBody["error"];
throw new FatSecretException(errorMap["code"], errorMap["message"]);
}
var profile = jsonBody["profile"];
return profile;
}
/*
* Sends an API call to "food_entries.get_month" method on fatSecret APi
* the method inputs [Date] and [UserFatSecretAuthModel] optional
* if you want to access some other user you can set UserFatSecretAuthModel in parameters
* Return Type [DayNutrientsEntry]
* please refer to model package
*/
Future<List<DayNutrientsEntry>> getMonthFoodEntries(
{String date, UserFatSecretAuthModel user}) async {
if (user == null) {
// set user if you have already stored user in preferences
// var user = await Preferences().getUserSession();
}
List<DayNutrientsEntry> list = [];
var api = new FatSecretApi(this.consumerKey, this.consumerKeySecret,
user?.authToken, user?.authSecret);
Map<String, String> params = {"method": "food_entries.get_month"};
if (date != null && date.isNotEmpty) params["date"] = date;
try {
var r = await api
.request(params)
.then((res) => res.body)
.then(json.decode)
.then((json) => json["month"])
.then((json) => json["day"]);
if (r is List) {
r.forEach((foodItem) => list.add(DayNutrientsEntry.fromJson(foodItem)));
} else {
list.add(DayNutrientsEntry.fromJson(r));
}
} catch (e) {}
return list;
}
}