Google Groups

Re: [Fitbit API] Re: Invalid/Expired User Token


Steve Mason Apr 5, 2012 9:41 AM
Posted in group: Fitbit API
Here is a request/response that failed (401):

- Http: Request, GET /1/user/22ZPL5/activities/date/2012-04-05.json , Using OAuth Authorization
    Command: GET
    Location: /1/user/22ZPL5/activities/date/2012-04-05.json 
    ProtocolVersion: HTTP/1.1
    Authorization:  OAuth oauth_consumer_key="9649b00534874e3f85da695c9d842627", oauth_nonce="5097986", oauth_signature="1AglMNZwmvuf+hwZ8pmnpU4Xtj0=", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1333643302", oauth_token="ba888fa03dbf4469fe4b0b07c585be43
    Host:  api.fitbit.com
    HeaderEnd: CRLF

- Http: Response, HTTP/1.1, Status: Unauthorized, URL: /1/user/22ZPL5/activities/date/2012-04-05.json , Using OAuth realm="http%3A%2F%2Fapp3.fitbit.com" Authentication
    ProtocolVersion: HTTP/1.1
    StatusCode: 401, Unauthorized
    Reason: Unauthorized
    Server:  Apache-Coyote/1.1
    Set-Cookie:  JSESSIONID=634D1814B384AF65C131EA01873EDC63.fitbit1; Path=/
  - WWWAuthenticate: OAuth realm="http%3A%2F%2Fapp3.fitbit.com"
  - ContentType:  application/x-www-form-urlencoded;charset=UTF-8
   - MediaType:  application/x-www-form-urlencoded;charset=UTF-8
      MainType:  application/x-www-form-urlencoded
      charset: UTF-8
    Content-Language:  en
    ContentLength:  140
    Date:  Thu, 05 Apr 2012 16:28:30 GMT
    HeaderEnd: CRLF
    payload: HttpContentType =  application/x-www-form-urlencoded;charset=UTF-8

7B 22 65 72 72 6F 72 73 22 3A 5B 7B 22 65 72 72 6F 72 54 79 70 65 22 3A 22 6F 61 75 74 68 22 2C 22 66 69 65 6C 64 4E 61 6D 65 22 3A 22 6F 61 75 74 68 5F 61 63 63 65 73 73 5F 74 6F 6B 65 6E 22 2C 22 6D 65 73 73 61 67 65 22 3A 22 49 6E 76 61 6C 69 64 2F 65 78 70 69 72 65 64 20 75 73 65 72 20 74 6F 6B 65 6E 3A 20 62 61 38 38 38 66 61 30 33 64 62 66 34 34 36 39 66 65 34 62 30 62 30 37 63 35 38 35 62 65 34 33 22 7D 5D 7D 
{"errors":[{"errorType":"oauth","fieldName":"oauth_access_token","message":"Invalid/expired user token: ba888fa03dbf4469fe4b0b07c585be43"}]}

And here is a request/response a few minutes later for the same user/tokens that was successful:

- Http: Request, GET /1/user/22ZPL5/activities/date/2012-04-05.json , Using OAuth Authorization
    Command: GET
  - URI: /1/user/22ZPL5/activities/date/2012-04-05.json
     Location: /1/user/22ZPL5/activities/date/2012-04-05.json 
    ProtocolVersion: HTTP/1.1
  - Authorization: OAuth
   - Authorization:  OAuth oauth_consumer_key="9649b00534874e3f85da695c9d842627", oauth_nonce="7777961", oauth_signature="gZ62vP7EONq2BxI4HRkBPG0K9L0=", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1333643439", oauth_token="ba888fa03dbf4469fe4b0b07c585be43
    Host:  api.fitbit.com
    Connection:  Keep-Alive
    HeaderEnd: CRLF

- Http: Request, GET /1/user/22ZPL5/activities/date/2012-04-05.json , Using OAuth Authorization
    Command: GET
  - URI: /1/user/22ZPL5/activities/date/2012-04-05.json
     Location: /1/user/22ZPL5/activities/date/2012-04-05.json 
    ProtocolVersion: HTTP/1.1
  - Authorization: OAuth
   - Authorization:  OAuth oauth_consumer_key="9649b00534874e3f85da695c9d842627", oauth_nonce="7777961", oauth_signature="gZ62vP7EONq2BxI4HRkBPG0K9L0=", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1333643439", oauth_token="ba888fa03dbf4469fe4b0b07c585be43
    Host:  api.fitbit.com
    Connection:  Keep-Alive
    HeaderEnd: CRLF

- Http: Response, HTTP/1.1, Status: Ok, URL: /1/user/22ZPL5/activities/date/2012-04-05.json 
    ProtocolVersion: HTTP/1.1
    StatusCode: 200, Ok
    Reason: OK
    Server:  Apache-Coyote/1.1
    Set-Cookie:  lcl=en_US; Expires=Fri, 05-Apr-2013 16:30:43 GMT; Path=/
    Expires:  Thu, 01 Jan 1970 00:00:00 GMT
    Cache-control:  no-store, no-cache, must-revalidate
    Pragma:  no-cache
    Set-Cookie:  JSESSIONID=B8A2D16356967CA81E90157FFAE65A3C.fitbit1; Path=/
  - ContentType:  application/json;charset=UTF-8
   - MediaType:  application/json;charset=UTF-8
      MainType:  application/json
      charset: UTF-8

    Content-Language:  en
    ContentLength:  586
    Date:  Thu, 05 Apr 2012 16:30:42 GMT
    HeaderEnd: CRLF
  - payload: HttpContentType =  application/json;charset=UTF-8
     HTTPPayloadLine: {"activities":[],"goals":{"activeScore":1000,"caloriesOut":2184,"distance":8.05,"steps":10000},"summary":{"activeScore":0,"activityCalories":0,"caloriesOut":597,"distances":[{"activity":"total","distance":0},{"activity":"tracker","distance":0