Using Signpost with OAuth-PHP.
68 views
Skip to first unread message
Ashley Gwinnell
Jul 19, 2009, 10:44:37 AM7/19/09
to Signpost users
I am trying to use Signpost with OAuth-PHP.
My OAuth-PHP client works with both my OAuth-PHP server and the
Twitter API.
My Signpost client works with the Twitter API, but not my OAuth-PHP
API.
I have checked the (oauth-php) code and it checks for the OAuth
details in the Authorization header (the same header that Signpost
sends them in). However, my issue here, presumably, is that that
Authorization header never arrives at the OAuth-PHP service from
Signpost.
My webserver doesn't have PHP installed as an Apache service, but
because it works with the oauth-php client, it should work with
signpost too.
I can zip up and send the code if you wish.
My OAuth-PHP client works with both my OAuth-PHP server and the
Twitter API.
My Signpost client works with the Twitter API, but not my OAuth-PHP
API.
I have checked the (oauth-php) code and it checks for the OAuth
details in the Authorization header (the same header that Signpost
sends them in). However, my issue here, presumably, is that that
Authorization header never arrives at the OAuth-PHP service from
Signpost.
My webserver doesn't have PHP installed as an Apache service, but
because it works with the oauth-php client, it should work with
signpost too.
I can zip up and send the code if you wish.
matthias
Jul 20, 2009, 7:48:52 AM7/20/09
to Signpost users
Hi,
if the Auth header doesn't arrive at your server, than that's probably
a problem with the networking stack. Which Java HTTP library do you
use? Is the request going through any filters? Are there any
intermediate network nodes such as a proxy which could potentially
overwrite or remove the header? You may want to check at which point
in the request chain the header gets removed. Of course it won't work
without the header arriving at the service endpoint in its entirety.
Cheers,
Matthias
On Jul 19, 4:44 pm, Ashley Gwinnell <excalsre...@googlemail.com>
wrote:
if the Auth header doesn't arrive at your server, than that's probably
a problem with the networking stack. Which Java HTTP library do you
use? Is the request going through any filters? Are there any
intermediate network nodes such as a proxy which could potentially
overwrite or remove the header? You may want to check at which point
in the request chain the header gets removed. Of course it won't work
without the header arriving at the service endpoint in its entirety.
Cheers,
Matthias
On Jul 19, 4:44 pm, Ashley Gwinnell <excalsre...@googlemail.com>
wrote:
Ashley Gwinnell
Jul 20, 2009, 1:06:06 PM7/20/09
to Signpost users
Firstly, thank you for such a prompt response. :)
I have been using the Apache Commons libs, and as far as I am aware,
the request is not going through any filters, proxies, or anything
that would or could remove the header.
I'm not sure how to check where the header gets removed, I just
followed the examples on the google code page.
Code:
// create a consumer object and configure it with the access
// token and token secret obtained from the service provider
CommonsHttpOAuthConsumer consumer = new CommonsHttpOAuthConsumer(
Chatbin.API_KEY,
Chatbin.API_SECRET,
SignatureMethod.HMAC_SHA1);
DefaultOAuthProvider provider = new DefaultOAuthProvider
(consumer,
"http://api.netbin.co.uk/oauth/request_token",
"http://api.netbin.co.uk/oauth/access_token",
"http://api.netbin.co.uk/oauth/authorise");
consumer.setTokenWithSecret(key, secret);
// create an HTTP request to a protected resource
HttpGet request = new HttpGet("http://api.netbin.co.uk/
friends/get");
//HttpGet request = new HttpGet("http://twitter.com/statuses/
user_timeline/28089893.json"); // twitter request
// sign the request
consumer.sign(request);
// some debug
System.out.println("Headers!:");
for (int i = 0; i < request.getAllHeaders().length; i++)
{
System.out.println(request.getAllHeaders()[i].getName() +
" : " + request.getAllHeaders()[i].getValue());
}
// DefaultHttpClient httpClient = new DefaultHttpClient
(request.getParams());
DefaultHttpClient httpClient = new DefaultHttpClient();
// send the request
HttpResponse response = httpClient.execute(request);
HttpEntity entity = response.getEntity();
entity.writeTo(System.out);
System.out.print("\n");
Hopefully you'll be able to either tell me how to check the networking
stack, or fix my code if I'm doing something obvious wrong. :)
I have been using the Apache Commons libs, and as far as I am aware,
the request is not going through any filters, proxies, or anything
that would or could remove the header.
I'm not sure how to check where the header gets removed, I just
followed the examples on the google code page.
Code:
// create a consumer object and configure it with the access
// token and token secret obtained from the service provider
CommonsHttpOAuthConsumer consumer = new CommonsHttpOAuthConsumer(
Chatbin.API_KEY,
Chatbin.API_SECRET,
SignatureMethod.HMAC_SHA1);
DefaultOAuthProvider provider = new DefaultOAuthProvider
(consumer,
"http://api.netbin.co.uk/oauth/request_token",
"http://api.netbin.co.uk/oauth/access_token",
"http://api.netbin.co.uk/oauth/authorise");
consumer.setTokenWithSecret(key, secret);
// create an HTTP request to a protected resource
HttpGet request = new HttpGet("http://api.netbin.co.uk/
friends/get");
//HttpGet request = new HttpGet("http://twitter.com/statuses/
user_timeline/28089893.json"); // twitter request
// sign the request
consumer.sign(request);
// some debug
System.out.println("Headers!:");
for (int i = 0; i < request.getAllHeaders().length; i++)
{
System.out.println(request.getAllHeaders()[i].getName() +
" : " + request.getAllHeaders()[i].getValue());
}
// DefaultHttpClient httpClient = new DefaultHttpClient
(request.getParams());
DefaultHttpClient httpClient = new DefaultHttpClient();
// send the request
HttpResponse response = httpClient.execute(request);
HttpEntity entity = response.getEntity();
entity.writeTo(System.out);
System.out.print("\n");
Hopefully you'll be able to either tell me how to check the networking
stack, or fix my code if I'm doing something obvious wrong. :)
Ashley Gwinnell
Jul 20, 2009, 1:30:31 PM7/20/09
to Signpost users
I should probably have included the lines where the keys/secrets are
set and echo'd out in my previous post.
On Jul 20, 6:06 pm, Ashley Gwinnell <excalsre...@googlemail.com>
set and echo'd out in my previous post.
On Jul 20, 6:06 pm, Ashley Gwinnell <excalsre...@googlemail.com>
matthias
Jul 21, 2009, 3:41:34 AM7/21/09
to Signpost users
looks good at the first glance. So those print statements do yield the
expected output? Or does the header not exist at this point already?
Because that would of course mean it's an issue with the library. If
the header is there however, then there is not much I can say or do
about it, because if the header is lost only after sending the
request, then something must be removing it while it's traversing the
network. In that case you may want to use a network analyzer such as
Wireshark to monitor the traffic to find out what's happening there.
Also check the Web server/servlet container logs and see if you can
find any peculiarities.
On Jul 20, 7:30 pm, Ashley Gwinnell <excalsre...@googlemail.com>
expected output? Or does the header not exist at this point already?
Because that would of course mean it's an issue with the library. If
the header is there however, then there is not much I can say or do
about it, because if the header is lost only after sending the
request, then something must be removing it while it's traversing the
network. In that case you may want to use a network analyzer such as
Wireshark to monitor the traffic to find out what's happening there.
Also check the Web server/servlet container logs and see if you can
find any peculiarities.
On Jul 20, 7:30 pm, Ashley Gwinnell <excalsre...@googlemail.com>
Henri Cook
Apr 29, 2015, 1:08:21 PM4/29/15
to signpos...@googlegroups.com
Hi Ashley,
Did you ever solve this? And do you remember how 6 years later? :)
Best Regards,
Henri
1 Neal Street London WC2H 9QL
www.rightster.com | @Rightster | LinkedIn
Rightster Limited (incorporated in England with company number 07634543) has its registered office at 1 Neal Street London WC2H 9QL. Rightster Limited is a subsidiary of Rightster Group plc (incorporated in England and Wales with company number 08754680).
Reply all
Reply to author
Forward
0 new messages