REST API Authentication Error

58 views
Skip to first unread message

Andong

unread,
Jan 15, 2011, 6:28:46 PM1/15/11
to FatSecret Platform API
Hi all,

I am trying to implement an app in Android. I have applied for a REST
API oauth_consumer_key and a shared secret. However, when I use
httpPost to request, an error happens:


<?xml version="1.0" encoding="utf-8" ?>
<error xmlns="http://platform.fatsecret.com/api/1.0/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://platform.fatsecret.com/api/1.0/
http://platform.fatsecret.com/api/1.0/fatsecret.xsd">
<code>8</code>
<message>Invalid signature: oauth_signature
'5WBLIfuQKpkjzl9zNd40eeSNov0='</message>
</error>

My code is listed as follow:

private void searchUSDA() throws ClientProtocolException,
IOException, InvalidKeyException, NoSuchAlgorithmException {
// TODO Auto-generated method stub
HttpClient httpClient = new DefaultHttpClient();
HttpConnectionParams.setConnectionTimeout(httpClient.getParams(),
TIMEOUT_MS);
HttpConnectionParams.setSoTimeout(httpClient.getParams(),
TIMEOUT_MS);
HttpPost httpPost = new HttpPost(url);
List<NameValuePair> nameValuePairs = new
ArrayList<NameValuePair>();

Random ran = new Random();
int ranInt = ran.nextInt();
String nonce = Integer.toString(ranInt);
long ts = System.currentTimeMillis()/1000;


nameValuePairs.add(new BasicNameValuePair("food_id", "33691"));
nameValuePairs.add(new BasicNameValuePair("method",
"food.get")); // Take food.get as an example
nameValuePairs.add(new BasicNameValuePair("oauth_consumer_key",
"xxxxxxxxxxx"));

nameValuePairs.add(new
BasicNameValuePair("oauth_signature_method", "HMAC-SHA1"));
nameValuePairs.add(new BasicNameValuePair("oauth_timestamp",
Long.toString(ts)));
nameValuePairs.add(new BasicNameValuePair("oauth_version",
"1.0"));
nameValuePairs.add(new BasicNameValuePair("oauth_nonce", nonce));

httpPost.setEntity(new
UrlEncodedFormEntity(nameValuePairs,HTTP.UTF_8));


Log.v("method",httpPost.getMethod());
Log.v("url",httpPost.getRequestLine().getUri());

BufferedReader out = new BufferedReader(new
InputStreamReader(httpPost.getEntity().getContent()));
String line,s="";
while((line = out.readLine())!=null){
s = URLEncoder.encode(line, "UTF-8");
Log.v("parameters",s);

}

String base = httpPost.getMethod()
+"&"+URLEncoder.encode(httpPost.getRequestLine().getUri(), "UTF-8")
+"&"+s;

Log.v("base",base);
String key = "xxxxxxxx&xxxxxxxxx"; // customer key & shared
secret
String digest = sha1(base,key);
//SecretKeySpec sha1Key = new
SecretKeySpec(key.getBytes(),"HmacSHA1");
String oauth_signature = URLEncoder.encode(digest,"UTF-8");

nameValuePairs.add(new BasicNameValuePair("oauth_signature",
oauth_signature));
httpPost.setEntity(new
UrlEncodedFormEntity(nameValuePairs,HTTP.UTF_8));

out = new BufferedReader(new
InputStreamReader(httpPost.getEntity().getContent()));
s="";
while((line = out.readLine())!=null){
//s = URLEncoder.encode(line, "UTF-8");
Log.v("parameters",line);

}

ResponseHandler<String> responseHandler=new
BasicResponseHandler();

String responseBody=httpClient.execute(httpPost, responseHandler);

Log.v("test",responseBody);
//HttpResponse response = httpClient.execute(httpPost);
}

private String sha1(String s, String keyString) throws
UnsupportedEncodingException, NoSuchAlgorithmException,
InvalidKeyException {

SecretKeySpec key = new SecretKeySpec((keyString).getBytes(),
"HmacSHA1");
Mac mac = Mac.getInstance("HmacSHA1");
mac.init(key);

byte[] bytes = mac.doFinal(s.getBytes());

return new String( Base64.encode(bytes,0));

}


////////////////////////////////////////////////////
The base string:
POST&http%3A%2F%2Fplatform.fatsecret.com%2Frest%2Fserver.api&food_id
%3D33691%26method%3Dfood.get%26oauth_consumer_key%3Dxxxxxxxxxxxxxxxx
%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp
%3D1295130922%26oauth_version%3D1.0%26oauth_nonce%3D610960513



Could you help me find the error in my code? Thank you very much!
Reply all
Reply to author
Forward
0 new messages