Hi there,
I'm having a hell of a time getting a successful request token, and
after spending a couple days trying everything, I thought I'd post it
here to see if someone can guide me in the right direction.
I am sending the following url via GET:
https://www.car2go.com/api/reqtoken?oauth_callback=oob&oauth_consumer_key=MyKey&oauth_nonce=6201190&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1330364789&oauth_version=1.0&oauth_signature=MyEncodedSignature
I keep getting 401, signature_invalid errors.
What I'm doing to calculate the signature is:
I take the following string:
GET&encodedUri&encodedParams
(where encodedUri is the encoded version of:
https://www.car2go.com/api/reqtoken
and encodedParams is the encoded version of:
oauth_callback=oob&oauth_consumer_key=MyKey&oauth_nonce=6201190&oauth_signature_method=HMAC-
SHA1&oauth_timestamp=1330364789&oauth_version=1.0 (not including the
oauth_signature param).
I then sign the above string using my shared secret key as the HMAC-
SHA1 key.
Can someone provide some insight into what is going wrong here?
I've basically had to piece together information from various sources,
none of them being particularly helpful, and so it's likely that one
or more of the above assumptions is wrong.
Thanks.