Issue retrieving access token - 401 (unauthorized)?

[thatpatrickguy]

Hi everyone!

I'm currently developing a Spotify app for GetGlue and am working on getting authentication working over oAuth. Here's what is working:

• The first step works, I can retrieve an oauth_token and oauth_secret successfully using a call to https://api.getglue.com/oauth/request_token
• The second step works, I can bring up the authentication page using the oauth_token and setting a callback URL http://getglue.com/oauth/authorize/?oauth_token=MYTOKEN&oauth_callback=http://www.theurl.com/mypage
• It successfully identifies my app is the one they are looking to log into.
• I can successfully enter in my login details and it will open the callback URL.

What doesn't appear to work is retrieving the access token:

https://api.getglue.com/oauth/access_token?oauth_token=(OAUTHTOKEN)&oauth_token_secret=(OAUTHSECRET)

It returns:

GET https://api.getglue.com/oauth/access_token?oauth_token=(OAUTHTOKEN)&oauth_token_secret=(OAUTHSECRET) 401 (Unauthorized) 

The oauth_token and oauth_token_secret are being passed in successfully from my earlier calls. The authorisation function appears to run successfully too... am I missing something in my implementation?

The only area I'm considering it might be is that the oauth_callback isn't the same as the app url. As it is a Spotify app, the app url is a local path of sp://getglue. Spotify redirects the callback from the URL I provide to this local url (this seems to work successfully, it brings me back to the app once the authorisation is complete). However, I'm wondering - does the GetGlue authorisation only allow access to the access token through calls from the callback URL/domain? Or is it solely granting access to the oauth_token and oauth_token_secret combo?

Any help is greatly appreciated! This has me stumped...

Thanks,

Patrick