请教服务器迁移到国内后 twitter oauth 的 proxy 问题
如题,过去网站在linode上,现准备迁移到国内的UCloud,网站支持twitter oauth方式登录并且需要使用一些api,所以为了保证迁回国内后这部分功能可用,需要架设twitter api proxy 环境:debian 7 + ruby 1.9.3 + openssl 1.0.1e,已关闭防火墙 我尝试过了两个
如题,过去网站在linode上,现准备迁移到国内的UCloud,网站支持twitter oauth方式登录并且需要使用一些api,所以为了保证迁回国内后这部分功能可用,需要架设twitter api proxy
环境:debian 7 + ruby 1.9.3 + openssl 1.0.1e,已关闭防火墙
我尝试过了两个方案
1 利用GoAgent 3.0.1,然后设置omniauth的proxy到GoAgent端口,开发机osx 10.8正常,但是在ucloud上GoAgent日志
INFO - [Jun 28 02:48:04] 127.0.0.1:45539 "AGENT CONNECT api.twitter.com:443 HTTP/1.1" - - ERROR - [Jun 28 02:48:04] ssl.wrap_socket(self.connection=) failed: [Errno 1] _ssl.c:504: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
rails日志
(twitter) Request phase initiated. (twitter) Authentication failure! service_unavailable: OpenSSL::SSL::SSLError, SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
GoAgent开启关闭https mode结果均一样
使用curl测试curl https://api.twitter.com -x 127.0.0.1:8087测试,同样得到unknown ca的错误
但是curl https://api.twitter.com -x 127.0.0.1:8087 --cacert /usr/local/goagent/local/CA.crt 则能获取到html
但是配置GoAgent的时候本身就会自动导入ca,经检查确实已经导入了证书到/etc/ssl/certs,并且开发机不需要指定ca也能正常得到结果
测试数次,结果比较稳定
2 在linode的机器上用nginx来转发api实现proxy,nginx配置文件如下
server {
listen 80;
server_name kexue.knewone.com;
access_log /var/log/nginx/twitter.access_log;
location / {
proxy_pass https://api.twitter.com/;
proxy_redirect off;
proxy_buffering off;
proxy_cache off;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header cookie $http_cookie;
proxy_pass_header User-Agent;
proxy_pass_header Authorization;
proxy_pass_header Content-Type;
proxy_pass_header WWW-Authenticate;
proxy_pass_header Host;
}
}
可以确定的是,请求内容完整的发送到proxy上了,但返回401 unauthorized
rails日志
Started GET "/users/auth/twitter" for 127.0.0.1 at 2013-06-28 03:17:32 +0800 OAuth::Unauthorized (401 Unauthorized): oauth (0.4.7) lib/oauth/consumer.rb:216:in `token_request' oauth (0.4.7) lib/oauth/consumer.rb:136:in `get_request_token' omniauth-oauth (1.0.1) lib/omniauth/strategies/oauth.rb:29:in `request_phase' omniauth-twitter (1.0.0) lib/omniauth/strategies/twitter.rb:63:in `request_phase' omniauth (1.1.4) lib/omniauth/strategy.rb:214:in `request_call' omniauth (1.1.4) lib/omniauth/strategy.rb:181:in `call!' omniauth (1.1.4) lib/omniauth/strategy.rb:164:in `call' omniauth (1.1.4) lib/omniauth/strategy.rb:184:in `call!' omniauth (1.1.4) lib/omniauth/strategy.rb:164:in `call' newrelic_rpm (3.6.4.122) lib/new_relic/rack/error_collector.rb:12:in `call' newrelic_rpm (3.6.4.122) lib/new_relic/rack/agent_hooks.rb:22:in `call' newrelic_rpm (3.6.4.122) lib/new_relic/rack/browser_monitoring.rb:16:in `call' newrelic_rpm (3.6.4.122) lib/new_relic/rack/developer_mode.rb:28:in `call' mongoid (3.1.4) lib/rack/mongoid/middleware/identity_map.rb:34:in `block in call' mongoid (3.1.4) lib/mongoid/unit_of_work.rb:39:in `unit_of_work' mongoid (3.1.4) lib/rack/mongoid/middleware/identity_map.rb:34:in `call' warden (1.2.1) lib/warden/manager.rb:35:in `block in call' warden (1.2.1) lib/warden/manager.rb:34:in `catch' warden (1.2.1) lib/warden/manager.rb:34:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/best_standards_support.rb:17:in `call' rack (1.4.5) lib/rack/etag.rb:23:in `call' rack (1.4.5) lib/rack/conditionalget.rb:25:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/head.rb:14:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/params_parser.rb:21:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/flash.rb:242:in `call' rack (1.4.5) lib/rack/session/abstract/id.rb:210:in `context' rack (1.4.5) lib/rack/session/abstract/id.rb:205:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/cookies.rb:341:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/callbacks.rb:28:in `block in call' activesupport (3.2.13) lib/active_support/callbacks.rb:405:in `_run__53745951561906208__call__2319728286447542957__callbacks' activesupport (3.2.13) lib/active_support/callbacks.rb:405:in `__run_callback' activesupport (3.2.13) lib/active_support/callbacks.rb:385:in `_run_call_callbacks' activesupport (3.2.13) lib/active_support/callbacks.rb:81:in `run_callbacks' actionpack (3.2.13) lib/action_dispatch/middleware/callbacks.rb:27:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/reloader.rb:65:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/remote_ip.rb:31:in `call' airbrake (3.1.12) lib/airbrake/rails/middleware.rb:13:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/debug_exceptions.rb:16:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/show_exceptions.rb:56:in `call' railties (3.2.13) lib/rails/rack/logger.rb:32:in `call_app' railties (3.2.13) lib/rails/rack/logger.rb:16:in `block in call' activesupport (3.2.13) lib/active_support/tagged_logging.rb:22:in `tagged' railties (3.2.13) lib/rails/rack/logger.rb:16:in `call' quiet_assets (1.0.2) lib/quiet_assets.rb:18:in `call_with_quiet_assets' actionpack (3.2.13) lib/action_dispatch/middleware/request_id.rb:22:in `call' rack (1.4.5) lib/rack/methodoverride.rb:21:in `call' rack (1.4.5) lib/rack/runtime.rb:17:in `call' activesupport (3.2.13) lib/active_support/cache/strategy/local_cache.rb:72:in `call' rack (1.4.5) lib/rack/lock.rb:15:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/static.rb:63:in `call' airbrake (3.1.12) lib/airbrake/user_informer.rb:16:in `_call' airbrake (3.1.12) lib/airbrake/user_informer.rb:12:in `call' railties (3.2.13) lib/rails/engine.rb:479:in `call' railties (3.2.13) lib/rails/application.rb:223:in `call' railties (3.2.13) lib/rails/railtie/configurable.rb:30:in `method_missing' /Users/jasl/Library/Application Support/Pow/Versions/0.4.1/node_modules/nack/lib/nack/server.rb:145:in `handle' /Users/jasl/Library/Application Support/Pow/Versions/0.4.1/node_modules/nack/lib/nack/server.rb:99:in `rescue in block (2 levels) in start' /Users/jasl/Library/Application Support/Pow/Versions/0.4.1/node_modules/nack/lib/nack/server.rb:96:in `block (2 levels) in start' /Users/jasl/Library/Application Support/Pow/Versions/0.4.1/node_modules/nack/lib/nack/server.rb:86:in `each' /Users/jasl/Library/Application Support/Pow/Versions/0.4.1/node_modules/nack/lib/nack/server.rb:86:in `block in start' /Users/jasl/Library/Application Support/Pow/Versions/0.4.1/node_modules/nack/lib/nack/server.rb:66:in `loop' /Users/jasl/Library/Application Support/Pow/Versions/0.4.1/node_modules/nack/lib/nack/server.rb:66:in `start' /Users/jasl/Library/Application Support/Pow/Versions/0.4.1/node_modules/nack/lib/nack/server.rb:13:in `run' /Users/jasl/Library/Application Support/Pow/Versions/0.4.1/node_modules/nack/bin/nack_worker:4:in `'
另外有篇 文章 里的提示尝试使用OAuth 2方式认证,nginx配置如下
server {
access_log /var/log/nginx/proxy.access_log;
# If your want to secure your proxy with SSL, replace with the appropriate SSL configuration.
listen 80;
# Replace this with the name of the domain you wish to run your proxy on.
server_name kexue.knewone.com;
# The Twitter proxy code!
location / {
proxy_buffering off;
proxy_cache off;
proxy_ignore_headers X-Accel-Expires Expires Cache-Control Set-Cookie;
# Hide Twitter's own caching headers - we're applying our own.
proxy_hide_header X-Accel-Expires;
proxy_hide_header Expires;
proxy_hide_header Cache-Control;
proxy_hide_header pragma;
proxy_hide_header set-cookie;
proxy_pass_header Content-type;
proxy_pass_header WWW-Authenticate;
# Set the correct host name to connect to the Twitter API.
proxy_set_header Host api.twitter.com;
# Add authentication headers - edit and add in your own bearer token.
proxy_set_header Authorization "Bearer 哔~~~";
# Actually proxy the request to Twitter API!
proxy_pass https://api.twitter.com;
}
返回403 Forbidden
rails日志
Started GET "/users/auth/twitter" for 127.0.0.1 at 2013-06-28 03:14:45 +0800 OAuth::Unauthorized (403 Forbidden): oauth (0.4.7) lib/oauth/consumer.rb:216:in `token_request' oauth (0.4.7) lib/oauth/consumer.rb:136:in `get_request_token' omniauth-oauth (1.0.1) lib/omniauth/strategies/oauth.rb:29:in `request_phase' omniauth-twitter (1.0.0) lib/omniauth/strategies/twitter.rb:63:in `request_phase' omniauth (1.1.4) lib/omniauth/strategy.rb:214:in `request_call' omniauth (1.1.4) lib/omniauth/strategy.rb:181:in `call!' omniauth (1.1.4) lib/omniauth/strategy.rb:164:in `call' omniauth (1.1.4) lib/omniauth/strategy.rb:184:in `call!' omniauth (1.1.4) lib/omniauth/strategy.rb:164:in `call' newrelic_rpm (3.6.4.122) lib/new_relic/rack/error_collector.rb:12:in `call' newrelic_rpm (3.6.4.122) lib/new_relic/rack/agent_hooks.rb:22:in `call' newrelic_rpm (3.6.4.122) lib/new_relic/rack/browser_monitoring.rb:16:in `call' newrelic_rpm (3.6.4.122) lib/new_relic/rack/developer_mode.rb:28:in `call' mongoid (3.1.4) lib/rack/mongoid/middleware/identity_map.rb:34:in `block in call' mongoid (3.1.4) lib/mongoid/unit_of_work.rb:39:in `unit_of_work' mongoid (3.1.4) lib/rack/mongoid/middleware/identity_map.rb:34:in `call' warden (1.2.1) lib/warden/manager.rb:35:in `block in call' warden (1.2.1) lib/warden/manager.rb:34:in `catch' warden (1.2.1) lib/warden/manager.rb:34:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/best_standards_support.rb:17:in `call' rack (1.4.5) lib/rack/etag.rb:23:in `call' rack (1.4.5) lib/rack/conditionalget.rb:25:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/head.rb:14:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/params_parser.rb:21:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/flash.rb:242:in `call' rack (1.4.5) lib/rack/session/abstract/id.rb:210:in `context' rack (1.4.5) lib/rack/session/abstract/id.rb:205:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/cookies.rb:341:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/callbacks.rb:28:in `block in call' activesupport (3.2.13) lib/active_support/callbacks.rb:405:in `_run__53745951561906208__call__2319728286447542957__callbacks' activesupport (3.2.13) lib/active_support/callbacks.rb:405:in `__run_callback' activesupport (3.2.13) lib/active_support/callbacks.rb:385:in `_run_call_callbacks' activesupport (3.2.13) lib/active_support/callbacks.rb:81:in `run_callbacks' actionpack (3.2.13) lib/action_dispatch/middleware/callbacks.rb:27:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/reloader.rb:65:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/remote_ip.rb:31:in `call' airbrake (3.1.12) lib/airbrake/rails/middleware.rb:13:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/debug_exceptions.rb:16:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/show_exceptions.rb:56:in `call' railties (3.2.13) lib/rails/rack/logger.rb:32:in `call_app' railties (3.2.13) lib/rails/rack/logger.rb:16:in `block in call' activesupport (3.2.13) lib/active_support/tagged_logging.rb:22:in `tagged' railties (3.2.13) lib/rails/rack/logger.rb:16:in `call' quiet_assets (1.0.2) lib/quiet_assets.rb:18:in `call_with_quiet_assets' actionpack (3.2.13) lib/action_dispatch/middleware/request_id.rb:22:in `call' rack (1.4.5) lib/rack/methodoverride.rb:21:in `call' rack (1.4.5) lib/rack/runtime.rb:17:in `call' activesupport (3.2.13) lib/active_support/cache/strategy/local_cache.rb:72:in `call' rack (1.4.5) lib/rack/lock.rb:15:in `call' actionpack (3.2.13) lib/action_dispatch/middleware/static.rb:63:in `call' airbrake (3.1.12) lib/airbrake/user_informer.rb:16:in `_call' airbrake (3.1.12) lib/airbrake/user_informer.rb:12:in `call' railties (3.2.13) lib/rails/engine.rb:479:in `call' railties (3.2.13) lib/rails/application.rb:223:in `call' railties (3.2.13) lib/rails/railtie/configurable.rb:30:in `method_missing' /Users/jasl/Library/Application Support/Pow/Versions/0.4.1/node_modules/nack/lib/nack/server.rb:145:in `handle' /Users/jasl/Library/Application Support/Pow/Versions/0.4.1/node_modules/nack/lib/nack/server.rb:99:in `rescue in block (2 levels) in start' /Users/jasl/Library/Application Support/Pow/Versions/0.4.1/node_modules/nack/lib/nack/server.rb:96:in `block (2 levels) in start' /Users/jasl/Library/Application Support/Pow/Versions/0.4.1/node_modules/nack/lib/nack/server.rb:86:in `each' /Users/jasl/Library/Application Support/Pow/Versions/0.4.1/node_modules/nack/lib/nack/server.rb:86:in `block in start' /Users/jasl/Library/Application Support/Pow/Versions/0.4.1/node_modules/nack/lib/nack/server.rb:66:in `loop' /Users/jasl/Library/Application Support/Pow/Versions/0.4.1/node_modules/nack/lib/nack/server.rb:66:in `start' /Users/jasl/Library/Application Support/Pow/Versions/0.4.1/node_modules/nack/lib/nack/server.rb:13:in `run' /Users/jasl/Library/Application Support/Pow/Versions/0.4.1/node_modules/nack/bin/nack_worker:4:in `'
另外,我大概看过一些twiiter api proxy工具,都比较老,还在使用即将作废的1.0版api,所以就不考虑了
请教:
- 有什么好的国内主机使用twitter oauth api的方案?
- 我感觉我想到的两个方案理论上都是可行的,但哪里出问题或者我没考虑到导致失败呢?
- 有什么办法截取代理服务器出去的包?tcpdump nc都是针对socket的,对于只想观察request来说 非常重,而且难用。。。
感谢!
@luikore @hooopo @yedingding @quakewang @bhuztez @lgn21st
原文地址:请教服务器迁移到国内后 twitter oauth 的 proxy 问题, 感谢原作者分享。
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1670
14
1428
52
1329
25
1274
29
1256
24
What are the blockchain data analysis tools?
Feb 21, 2025 pm 10:24 PM
The rapid development of blockchain technology has brought about the need for reliable and efficient analytical tools. These tools are essential to extract valuable insights from blockchain transactions in order to better understand and capitalize on their potential. This article will explore some of the leading blockchain data analysis tools on the market, including their capabilities, advantages and limitations. By understanding these tools, users can gain the necessary insights to maximize the possibilities of blockchain technology.
Where is the official entrance to DeepSeek? Latest visit guide in 2025
Feb 19, 2025 pm 05:03 PM
DeepSeek, a comprehensive search engine that provides a wide range of results from academic databases, news websites and social media. Visit DeepSeek's official website https://www.deepseek.com/, register an account and log in, and then you can start searching. Use specific keywords, precise phrases, or advanced search options to narrow your search and get the most relevant results.
Bitget Exchange official website login latest entrance
Feb 18, 2025 pm 02:54 PM
The Bitget Exchange offers a variety of login methods, including email, mobile phone number and social media accounts. This article details the latest entrances and steps for each login method, including accessing the official website, selecting the login method, entering the login credentials, and completing the login. Users should pay attention to using the official website when logging in and properly keep the login credentials.
How much is the price of MRI coins? The latest price trend of MRI coin
Mar 03, 2025 pm 11:48 PM
This cryptocurrency does not really have monetary value, and its value depends entirely on community support. Investors must carefully investigate before investing, because it lacks practical uses and attractive token economic models. Since the token was issued last month, investors can currently only purchase through decentralized exchanges. The real-time price of MRI coin is $0.000045≈¥0.00033MRI coin historical price As of 13:51 on February 24, 2025, the price of MRI coin is $0.000045. The following figure shows the price trend of the token from February 2022 to June 2024. MRI Coin Investment Risk Assessment Currently, MRI Coin has not been listed on any exchange and its price has been reset to zero and cannot be purchased again. Even if the project
How to learn Laravel How to learn Laravel for free
Apr 18, 2025 pm 12:51 PM
Want to learn the Laravel framework, but suffer from no resources or economic pressure? This article provides you with free learning of Laravel, teaching you how to use resources such as online platforms, documents and community forums to lay a solid foundation for your PHP development journey from getting started to master.
gateio official website entrance
Mar 05, 2025 pm 08:09 PM
The official Gate.io website is accessible through the official application. Fake websites may contain misspelled, design differences, or suspicious security certificates. Protections include avoiding clicking on suspicious links, using two-factor authentication, and reporting fraudulent activity to the official team. Frequently asked questions cover registration, transactions, withdrawals, customer service and fees, while security measures include cold storage, multi-signatures, and KYC compliance. Users should be aware of common fraudulent means of impersonating employees, giving tokens, or asking for personal information.
Binance free airdrop entrance
Mar 04, 2025 pm 05:39 PM
Binance's free airdrop entrance is not fixed, and the official rarely directly organizes free collection activities. Obtaining Binance Airdrop is closely related to users participating in ecosystem activities, such as becoming an active user, holding a specific currency, participating in community activities, completing KYC certification, etc. It is emphasized that we must actively participate in the ecosystem when obtaining airdrops, pay attention to official and project information, and do not believe in the channels to ensure airdrops, beware of fraud, and increasing activity is an effective way to increase opportunities.
Dogecoin growth analysis and return on investment details
Mar 20, 2025 pm 06:12 PM
Dogecoin (DOGE) has experienced explosive growth due to its unique community culture and social media hype, and has experienced a sharp pullback. This article deeply analyzes the growth of Dogecoin at different stages and provides historical return on investment details (for reference only and does not constitute investment advice), helping investors understand its coexistence of high returns and high risks. From slow growth in the early stage to the explosive rise in the celebrity effect and retail craze in 2021, to the subsequent volatility pullback, Dogecoin price is affected by various factors such as social media, celebrity effect, market sentiment and speculative behavior. Investors should carefully evaluate risks, formulate reasonable investment strategies, and never blindly follow the trend.
