Incorrect Signature

[Jon Sharratt]

Hi All,

Just need a little bit of help in regards to getting an access token.
For the life of me I cannot get the signature right here is an example
of the GET call I am making to get an access token:

http://www.rummble.com/oauth/access_token
?oauth_consumer_key=API KEY
&oauth_token=7d891de0fbe5f9bc019c146ef8035431
&oauth_verifier=0000
&oauth_signature=596208c6a98aae073bddbb69549bdb63

Are there any parameters I am missing in regards to getting an access
token that would cause an invalid signature the format I expected from
the documentation is as folllows:

"The application should then obtain an access token by passing along
their api key, the passed request token and the OAuth verifier, and
signed with their shared secret. The response then includes an access
token and a token secret for use in future API calls."

http://www.rummble.com/oauth/access_token?oauth_consumer_key={APIKEY}&auth_token={REQUESTTOKEN}
&oauth_verifier={VERIFIER}&oauth_signature={SIGNATURE}

Thanks in advance.
Jon Sharratt

[Clive Cox]

Jon,

What signature method are you using?

Also how are you doing the OAuth? There are a couple of example Java
implementations using Signpost and Scribe which are referenced at the
bottom of http://developer.rummble.com/docs
It might be a good idea to download one of them and see if you can
get it working using them.

Clive

[Jon Sharratt]

Just to add I am using Hammock for REST http://hammock.codeplex.com/
in C#. The above is myself manually doing the work to apply an MD5
hash and adding url parameters. I have also tried using HmacSha1 and
still get a reported incorrect signature. I would have thought this
would work but still no joy....

var credentials = new OAuthCredentials
{
Type = OAuthType.AccessToken,
SignatureMethod = OAuthSignatureMethod.HmacSha1,
ParameterHandling =
OAuthParameterHandling.HttpAuthorizationHeader,
Token = "RequestToken",
ConsumerKey = "API_KEY",
ConsumerSecret = "API_SECRET",
Verifier = "AuthenticationVerifier",
Version = "1.0",
};

Resulting with the following call as an example:

oauth_consumer_key=APIKEY
oauth_token=REQUESTTOKEN
oauth_nonce=svs9ajxikwwre5uo
oauth_timestamp=1291633602
oauth_signature_method=HMAC-SHA1
oauth_signature=Avm1pg7kFOAsWEpieyfxOSa2/F4=
oauth_version=1.0
oauth_verifier=0000

Still the end result is incorrect signature.... I have double checked
my api key and secret key and they are correct.

On Dec 6, 9:46 am, Jon Sharratt <jonathan.sharr...@emc.com> wrote:

[Sharratt, Jonathan]

Hi Clive,

Thanks for your prompt response, firstly I tried MD5 and manually adding parameters and signature based on the guidelines.

I am using the Hammock for REST library http://hammock.codeplex.com/ it's interesting that the standard setup call using HmacSha1 of this library still reports an incorrect signature.

Based on this post (http://byatool.com/c/connect-your-web-app-to-twitter-using-hammock-csharp/) for twitter access via Hammock and Open Auth they return a token secret after a request_token call has been done whereas with Rummble I only have a response that includes request token and verifier data.

Is there something I am not understanding with the OAuth process ?

Jon,

Clive

--
You received this message because you are subscribed to the Google Groups "Rummble API" group.
To post to this group, send email to rummb...@googlegroups.com To unsubscribe from this group, send email to
rummble-api...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/rummble-api?hl=en
For API Documentation, visit http://developer.rummble.com/docs