为last.fm应用编程接口ruby创建authToken

Question

我正在尝试使用auth.getMobileSession方法对使用last.fm REST api构建的last.fm应用程序的用户进行身份验证。

Last.fm说，对于移动应用程序，我们需要发送AuthToken

authToken (Required) : A 32-byte ASCII hexadecimal MD5 hash of the last.fm username and       the user's password hash. i.e. md5(username + md5(password)), where '+' represents a concatenation. The username supplied should match the string used to generate the authToken. 

这就是我在ruby中尝试做的事情：

password = Digest::MD5.hexdigest("my_password")
auth_token = Digest::MD5.hexdigest("#{user_name}#{password}")
url_with_params = URI.parse("#{url}?method=auth.getmobilesession&api_key=#{api_key}&username=#{user_name}&authtoken=#{auth_token}&api_sig=#{api_sig}&format=json")
resp = Net::HTTP.get_response(url_with_params)
puts JSON.parse(resp.body)

我得到的输出是：

{"error"=>4, "message"=>"Invalid authentication token. Please check username/password supplied"}

谁能告诉我我做错了什么？

Answer 1

我已经这样做了，让我为你拿到我的代码。

token = Digest::MD5.hexdigest("#{params[:lfmuser]}#{params[:pass]}") ## given md5 hashed password
#token = Digest::MD5.hexdigest("#{params[:lfmuser]}#{Digest::MD5.hexdigest(params[:pass])}") ## given plaintext password

## api_sig is all calls to the api put in alphabetical order, then the apisecret stuck on the end, then md5 hash it all.
apisig = Digest::MD5.hexdigest("api_key#{@bot.config['lastfm.api_key']}authToken#{token}methodauth.getmobilesessionusername#{params[:lfmuser]}#{@bot.config['lastfm.secret']}")
opts = {:cache => false}
xml = @bot.httputil.get_response("#{lastfm_api_url}method=auth.getmobilesession&username=#{CGI.escape params[:lfmuser]}&authToken=#{token}&api_sig=#{apisig}", opts)
response = Document.new xml.body
unless response
  m.reply "could not parse xml from last.fm - omg"
  return
end
if xml.class == Net::HTTPBadRequest
  m.reply "error from last.fm: #{response.root.elements["error"].text}"
  return
end
## skey is used to do things that need authorization on last.fm, store this however you want
skey = response.root.elements[1].elements["key"].text

这是您需要做的基本操作。