oauth signature_invalid
191 views
Skip to first unread message
arif setiawan
Aug 10, 2011, 2:51:04 AM8/10/11
to glue-development
This is my wireshark dump
GET /v2/object/get?objectId=movies/slumdog_millionaire/danny_boyle
HTTP/1.1
Authorization: OAuth oauth_signature_method="HMAC-SHA1",
oauth_consumer_key="ab900d9ba1e5d3466a166a3bc1c9f285",
oauth_version="1.0", oauth_timestamp="1312958280",
oauth_nonce="20799",
oauth_token="Hf7FX5WEtQGkGNza7hA4SPeizHrb_j8sUK2pLCT9V795OMR"uMU4NKFpOH19CQol"8NGPQMZ"BWOZfISFx9cetjN2zio9wIIui7z8J3W4LN"RN6SWmbMZQatwQjMVo3uURtGtUc-1134975612",
objectId="movies/slumdog_millionaire/danny_boyle",
oauth_signature="%2Bigzwc5XHQj28nX0fpqmEDB4juA%3D"
Connection: Keep-Alive
Accept-Encoding: gzip
Accept-Language: en-US,*
User-Agent: Mozilla/5.0
Host: api.getglue.com
HTTP/1.0 401 Unauthorized
Date: Wed, 10 Aug 2011 06:38:04 GMT
WWW-Authenticate: OAuth realm="http%3A%2F%2Fapi.getglue.com",
oauth_signature="%2Bigzwc5XHQj28nX0fpqmEDB4juA%3D",
oauth_signature_base_string="GET%26http%253A%252F%252Fapi.getglue.com
%252Fv2%252Fobject%252Fget%26oauth_consumer_key
%253Dab900d9ba1e5d3466a166a3bc1c9f285%2526oauth_nonce
%253D20799%2526oauth_signature_method%253DHMAC-SHA1%2526oauth_timestamp
%253D1312958280%2526oauth_version%253D1.0%2526objectId%253Dmovies
%25252Fslumdog_millionaire%25252Fdanny_boyle%2526objectId%253Dmovies
%25252Fslumdog_millionaire%25252Fdanny_boyle",
oauth_problem="signature_invalid", oauth_signature_method="HMAC-SHA1"
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Content-Length: 530
X-Cache: MISS from Dycode
Connection: keep-alive
oauth_signature=%2Bigzwc5XHQj28nX0fpqmEDB4juA
%3D&oauth_signature_base_string=GET%26http%253A%252F
%252Fapi.getglue.com%252Fv2%252Fobject%252Fget%26oauth_consumer_key
%253Dab900d9ba1e5d3466a166a3bc1c9f285%2526oauth_nonce
%253D20799%2526oauth_signature_method%253DHMAC-SHA1%2526oauth_timestamp
%253D1312958280%2526oauth_version%253D1.0%2526objectId%253Dmovies
%25252Fslumdog_millionaire%25252Fdanny_boyle%2526objectId%253Dmovies
%25252Fslumdog_millionaire
%25252Fdanny_boyle&oauth_problem=signature_invalid&oauth_signature_method=HMAC-
SHA1
Any suggestions ?
Thanks,
Arif
GET /v2/object/get?objectId=movies/slumdog_millionaire/danny_boyle
HTTP/1.1
Authorization: OAuth oauth_signature_method="HMAC-SHA1",
oauth_consumer_key="ab900d9ba1e5d3466a166a3bc1c9f285",
oauth_version="1.0", oauth_timestamp="1312958280",
oauth_nonce="20799",
oauth_token="Hf7FX5WEtQGkGNza7hA4SPeizHrb_j8sUK2pLCT9V795OMR"uMU4NKFpOH19CQol"8NGPQMZ"BWOZfISFx9cetjN2zio9wIIui7z8J3W4LN"RN6SWmbMZQatwQjMVo3uURtGtUc-1134975612",
objectId="movies/slumdog_millionaire/danny_boyle",
oauth_signature="%2Bigzwc5XHQj28nX0fpqmEDB4juA%3D"
Connection: Keep-Alive
Accept-Encoding: gzip
Accept-Language: en-US,*
User-Agent: Mozilla/5.0
Host: api.getglue.com
HTTP/1.0 401 Unauthorized
Date: Wed, 10 Aug 2011 06:38:04 GMT
WWW-Authenticate: OAuth realm="http%3A%2F%2Fapi.getglue.com",
oauth_signature="%2Bigzwc5XHQj28nX0fpqmEDB4juA%3D",
oauth_signature_base_string="GET%26http%253A%252F%252Fapi.getglue.com
%252Fv2%252Fobject%252Fget%26oauth_consumer_key
%253Dab900d9ba1e5d3466a166a3bc1c9f285%2526oauth_nonce
%253D20799%2526oauth_signature_method%253DHMAC-SHA1%2526oauth_timestamp
%253D1312958280%2526oauth_version%253D1.0%2526objectId%253Dmovies
%25252Fslumdog_millionaire%25252Fdanny_boyle%2526objectId%253Dmovies
%25252Fslumdog_millionaire%25252Fdanny_boyle",
oauth_problem="signature_invalid", oauth_signature_method="HMAC-SHA1"
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Content-Length: 530
X-Cache: MISS from Dycode
Connection: keep-alive
oauth_signature=%2Bigzwc5XHQj28nX0fpqmEDB4juA
%3D&oauth_signature_base_string=GET%26http%253A%252F
%252Fapi.getglue.com%252Fv2%252Fobject%252Fget%26oauth_consumer_key
%253Dab900d9ba1e5d3466a166a3bc1c9f285%2526oauth_nonce
%253D20799%2526oauth_signature_method%253DHMAC-SHA1%2526oauth_timestamp
%253D1312958280%2526oauth_version%253D1.0%2526objectId%253Dmovies
%25252Fslumdog_millionaire%25252Fdanny_boyle%2526objectId%253Dmovies
%25252Fslumdog_millionaire
%25252Fdanny_boyle&oauth_problem=signature_invalid&oauth_signature_method=HMAC-
SHA1
Any suggestions ?
Thanks,
Arif
Karen Teng (GetGlue)
Aug 10, 2011, 12:17:25 PM8/10/11
to glue-dev...@googlegroups.com
Hi Arif,
--
Karen Teng
VP of Engineering
http://getglue.com
GetGlue: http://getglue.com/TengFactor
LinkedIn: http://www.linkedin.com/in/karenteng
What library are you suing to sign your requests? Why is oauth_token not encoded but oauth_signature is?
Here is my dump using your consumer key and token.
request url: http://api.getglue.com/v2/object/get?oauth_version=1.0&oauth_nonce=1b8d8156f5b19c0db6c41141f27b1f0c&oauth_timestamp=1312992940&oauth_consumer_key=ab900d9ba1e5d3466a166a3bc1c9f285&objectId=movies%2Fslumdog_millionaire%2Fdanny_boyle&oauth_token=Hf7FX5WEtQGkGNza7hA4SPeizHrb_j8sUK2pLCT9V795OMR%22uMU4NKFpOH19CQol%228NGPQMZ%22BWOZfISFx9cetjN2zio9wIIui7z8J3W4LN%22RN6SWmbMZQatwQjMVo3uURtGtUc-1134975612&oauth_signature_method=HMAC-SHA1&oauth_signature=zpTdSfGJI%2Bkn4w0tmKjYQlzeAqg%3D OAuthRequest Object ( [parameters:OAuthRequest:private] => Array ( [oauth_version] => 1.0 [oauth_nonce] => 1b8d8156f5b19c0db6c41141f27b1f0c [oauth_timestamp] => 1312992940 [oauth_consumer_key] => ab900d9ba1e5d3466a166a3bc1c9f285 [objectId] => movies/slumdog_millionaire/danny_boyle [oauth_token] => Hf7FX5WEtQGkGNza7hA4SPeizHrb_j8sUK2pLCT9V795OMR"uMU4NKFpOH19CQol"8NGPQMZ"BWOZfISFx9cetjN2zio9wIIui7z8J3W4LN"RN6SWmbMZQatwQjMVo3uURtGtUc-1134975612 [oauth_signature_method] => HMAC-SHA1 [oauth_signature] => zpTdSfGJI+kn4w0tmKjYQlzeAqg= ) [http_method:OAuthRequest:private] => GET [http_url:OAuthRequest:private] => http://api.getglue.com/v2/object/get?objectId=movies/slumdog_millionaire/danny_boyle [base_string] => GET&http%3A%2F%2Fapi.getglue.com%2Fv2%2Fobject%2Fget&oauth_consumer_key%3Dab900d9ba1e5d3466a166a3bc1c9f285%26oauth_nonce%3D1b8d8156f5b19c0db6c41141f27b1f0c%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1312992940%26oauth_token%3DHf7FX5WEtQGkGNza7hA4SPeizHrb_j8sUK2pLCT9V795OMR%2522uMU4NKFpOH19CQol%25228NGPQMZ%2522BWOZfISFx9cetjN2zio9wIIui7z8J3W4LN%2522RN6SWmbMZQatwQjMVo3uURtGtUc-1134975612%26oauth_version%3D1.0%26objectId%3Dmovies%252Fslumdog_millionaire%252Fdanny_boyle )
--
You received this message because you are subscribed to the Google Groups "glue-development" group.
To post to this group, send email to glue-dev...@googlegroups.com.
To unsubscribe from this group, send email to glue-developme...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/glue-development?hl=en.
--
Karen Teng
VP of Engineering
http://getglue.com
GetGlue: http://getglue.com/TengFactor
LinkedIn: http://www.linkedin.com/in/karenteng
We are hiring! http://getglue.com/jobs
arif setiawan
Aug 10, 2011, 8:09:13 PM8/10/11
to glue-development
Hi Karen,
I am using kqoauth http://www.d-pointer.com/solutions/kqoauth, I have
using it for twitter API.
I can see that in base_string oauth_token is not included.
Thanks for the pointer, I will investigate this.
Arif
I am using kqoauth http://www.d-pointer.com/solutions/kqoauth, I have
using it for twitter API.
I can see that in base_string oauth_token is not included.
Thanks for the pointer, I will investigate this.
Arif
Demente Tech
Aug 16, 2011, 2:24:15 AM8/16/11
to glue-development
Hi Arif,
I had the same problem, i found the problem in the header
autorization item.
The oAuth_Token have a double quote(") inside. this little thing
corrupt the autorization.
The solution i found for this was encode the token just for the
autorization header.
Hope this solution work for you.
> I am using kqoauthhttp://www.d-pointer.com/solutions/kqoauth, I have
I had the same problem, i found the problem in the header
autorization item.
The oAuth_Token have a double quote(") inside. this little thing
corrupt the autorization.
The solution i found for this was encode the token just for the
autorization header.
Hope this solution work for you.
> I am using kqoauthhttp://www.d-pointer.com/solutions/kqoauth, I have
Reply all
Reply to author
Forward
0 new messages