Oauth signature_invalid

131 views
Skip to first unread message

Marcus16

unread,
Aug 18, 2010, 11:21:30 PM8/18/10
to OAuth PHP
I can't wrap my brain around why this isn't work... I really think it
should be. Please help.

I'm trying to use OAuth to connect to Google Accounts for use in an
API.

Here is the error I get:

signature_invalid base_string:GET&https%3A%2F%2Fwww.google.com
%2Faccounts%2FOAuthGetRequestToken&oauth_callback%3Dhttp%253A%252F
%252Fnoveis.net%252Fauthsub%252Findex.php%26oauth_consumer_key
%CONSUMER KEY HERE%26oauth_nonce
%3D3bafa031c03f6d1590f2539091245270%26oauth_signature_method%3DHMAC-
SHA1%26oauth_timestamp%3D1282159845%26oauth_version%3D1.0%26scope
%3Dhttps%253A%252F%252Fwww.googleapis.com%252Fauth%252Flatitude

Here is my code:

<?php
$consumer = ''; // Would be consumer key
$secret = ''; // Would be secret
$callback = ''; // Would be callback URL

$mt = microtime();
$rand = mt_rand();
$nonce = md5($mt . $rand);
$time = time();

$url = 'https://www.google.com/accounts/OAuthGetRequestToken';
$path = '/accounts/OAuthGetRequestToken';

$scope = 'https://www.googleapis.com/auth/latitude';

$post = array(
'oauth_callback' => $callback,
'oauth_consumer_key' => $consumer,
'oauth_nonce' => $nonce,
'oauth_signature_method' => 'HMAC-SHA1',
'oauth_timestamp' => $time,
'oauth_version' => '1.0'
);

$post_string = '';
foreach($post as $key => $value)
{
$post_string .= $key.'='.urlencode($value).'&';
}
$post_string = rtrim($post_string, '&');

$key_parts = array($consumer, $secret);

$key_parts = array_map('urlencode', $key_parts);
$key = implode('&', $key_parts);

$base_string = 'GET&'.urlencode($scope).'&'.$post_string;
$signature = base64_encode(hash_hmac('sha1', $base_string, $key,
true));
$post['oauth_signature'] = $signature;
$header_string = '';
foreach($post as $key => $value)
{
$header_string .= $key.'="'.urlencode($value).'", ';
}
$header_string = trim($header_string);
$header_string = rtrim($header_string, ',');

$header[] = 'GET '.$path.'?scope='.urlencode($scope).' HTTP/1.1';
$header[] = 'Host: www.google.com';
$header[] = 'Accept: */*';
//$header[] = 'Content-Type: application/x-www-form-urlencoded';
$header[] = 'Authorization: OAuth '.$header_string;
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt($ch, CURLOPT_URL, $url.'?scope='.$scope);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
$result = curl_exec($ch);
curl_close($ch);
print_r($result);
?>

Morten Fangel

unread,
Aug 19, 2010, 3:51:19 PM8/19/10
to oaut...@googlegroups.com
Hi Marcus

Don't reinvent the wheel. Use one of the many existing php libraries for generating valid OAuth requests.

Your mistake is likely to be in missing sorting, wrong encoding, or other similar issues - all which is dealt with correctly in one of the many (good) libraries..

Here would be the equiv. code to perform the request using the PHP library hosted at oauth.net:

----------------------
<?php
require 'OAuth.php';

// setup consumer and callback
$consumer = new OAuthConsumer('consumer-key', 'consumer-secret');
$callback = 'http://your-callback.com/callback';

// setup the request
$request = OAuthRequest::from_consumer_and_token(
$consumer,
null,
'GET',
'https://www.google.com/accounts/OAuthGetRequestToken'
);
$req->set_parameter('oauth_callback', $callback);
$req->sign_request(new OAuthSignatureMethod_HMAC_SHA1(), $consumer, null);

// perform the request
$curl = curl_init();
$params = $req->get_parameters();
foreach( array_keys($params) AS $i )
if( substr($i, 0, 6) == 'oauth_' )
unset($params[$i]);

$url = $req->get_normalized_http_url() . '?' . http_build_query($params);
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_HTTPHEADER, array(
$req->to_header()
));

$response = curl_exec($curl);

?>
----------------------

(I just wrote / adjusted existing code in my email-app, so no guarantees it'll work. But you'll get the idea..)

The other libraries (like oauth-php, the pecl-extension etc) will have similar functionalites. So please use a library instead of trying to reinvent the wheel. It should save yourself a lot of trouble.

Regards

-Morten

> --
> You received this message because you are subscribed to the Google Groups "OAuth PHP" group.
> To post to this group, send email to oaut...@googlegroups.com.
> To unsubscribe from this group, send email to oauth-php+...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/oauth-php?hl=en.
>
>

Reply all
Reply to author
Forward
0 new messages