signing file uploads

121 views
Skip to first unread message

Simon

unread,
Jul 6, 2011, 10:04:16 AM7/6/11
to OAuth Ruby
Hi,

I am trying to upload a file (image) to my Rails server which is
running the oauth gem. Every time I try I get back a 401, Invalid
Oauth Request. I have other requests working properly (GET, PUT,
POST, and DELETE) when they don't contain any type of file parameter.
My client is a Java application which is creating the request and
signing it. I'm wondering if there are any limitations on the server
side with the oauth gem with regards to file uploads and/or form/
multipart content types.

From what I have read, I belive that the actual Post body (ie, the
file itself) doesn't get included in signing the request, so I have
tried signing it before attaching the file, but this isn't working.
It seems like the env['oauth.strategies'] value isn't getting set
properly in oauth_filter.rb.

Has anybody else got file uploads working, or have any ideas about how
to get it going?

Thanks,

Simon

Vibhor Mahajan

unread,
Jul 6, 2011, 10:43:24 AM7/6/11
to oauth...@googlegroups.com
Can you share some code snippet?




--
You received this message because you are subscribed to the Google Groups "OAuth Ruby" group.
To post to this group, send email to oauth...@googlegroups.com.
To unsubscribe from this group, send email to oauth-ruby+...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/oauth-ruby?hl=en.


Ben

unread,
Jul 6, 2011, 3:28:48 PM7/6/11
to oauth...@googlegroups.com
Is there any work underway to make this gem fail properly? 

People struggle to use it because of the zero feedback errors.

<bb />

Vibhor

unread,
Jul 6, 2011, 10:42:06 PM7/6/11
to OAuth Ruby
This example might help...
http://wiki.openstreetmap.org/wiki/OAuth_ruby_examples

On Jul 7, 12:28 am, Ben <ben.bidding...@gmail.com> wrote:
> Is there any work underway to make this gem fail properly?
>
> People struggle to use it because of the zero feedback errors.
>
> <bb />
>
> On 7/07/2011, at 2:43, Vibhor Mahajan <vibhor.maha...@gmail.com> wrote:
>
>
>
>
>
>
>
> > Can you share some code snippet?
>
> > On Wed, Jul 6, 2011 at 7:34 PM, Simon <simon.wilkin...@gmail.com> wrote:
> > Hi,
>
> > I am trying to upload a file (image) to my Rails server which is
> > running the oauth gem.  Every time I try I get back a 401, Invalid
> > Oauth Request.  I have other requests working properly (GET, PUT,
> > POST, and DELETE) when they don't contain any type of file parameter.
> > My client is a Java application which is creating the request and
> > signing it.  I'm wondering if there are any limitations on the server
> > side with the oauth gem with regards to file uploads and/or form/
> > multipart content types.
>
> > From what I have read, I belive that the actual Post body (ie, the
> > file itself) doesn't get included in signing the request, so I have
> > tried signing it before attaching the file, but this isn't working.
> > It seems like the env['oauth.strategies'] value isn't getting set
> > properly in oauth_filter.rb.
>
> > Has anybody else got file uploads working, or have any ideas about how
> > to get it going?
>
> > Thanks,
>
> > Simon
>
> > --
> > You received this message because you are subscribed to the Google Groups "OAuth Ruby" group.
> > To post to this group, send email to oauth...@googlegroups.com.
> > To unsubscribe from this group, send email to oauth-ruby+...@googlegroups.com.
> > For more options, visit this group athttp://groups.google.com/group/oauth-ruby?hl=en.

Simon

unread,
Jul 7, 2011, 8:11:31 PM7/7/11
to OAuth Ruby
So I've been doing more digging, and it appears as though the OAuth
client library I'm using is calculating the signature properly
according to the OAuth specs. I've also found that where I'm having
issues when trying to post a request with multipart body is on the
signature.verify call in the oauth1_verify method in oauth_filter.rb.
Does anybody have any insight into this .verify method, or could
anybody point me in the right direction to try and determine exactly
what the oauth gem is using/doing to calculate the signature of a
request?

Thanks again,

Simon

On Jul 6, 10:42 pm, Vibhor <vibhor.maha...@gmail.com> wrote:
> This example might help...http://wiki.openstreetmap.org/wiki/OAuth_ruby_examples

matthew hawthorne

unread,
Jul 8, 2011, 3:04:24 AM7/8/11
to oauth...@googlegroups.com
hi simon,

it might help if you could provide the full url of the failing
request, including the oauth params.

a few thoughts related to signature verification issues I've had in the past:

1) are you terminating SSL before the request gets to your server?
(client signs with https URL, server signs with http URL)

2) do you have a cache in front of your server? (client signs URL with
port 80, server signs URL with port 8080, for example)

-matt

Reply all
Reply to author
Forward
0 new messages