Re: Signing works in emulator, not on phone

[Matthias]

don't use DefaultOAuthConsumer on Android

http://code.google.com/p/oauth-signpost/wiki/GettingStarted

On Monday, June 11, 2012 6:37:22 PM UTC+2, Warren McAllister wrote:

Hello everyone, I'm trying to get Oauth signing to work, as the title suggests I works fine using the emulator, but I get a 401 back when using an actual phone. It's as though the header is being stripped?

Any help or debugging tips much appreciated - code snippet follows:

OAuthConsumer consumer = new DefaultOAuthConsumer(CONSUMER_KEY, CONSUMER_SECRET);

consumer.setTokenWithSecret("", "");

        

connection = (HttpURLConnection)url.openConnection();

connection.setRequestMethod("GET");

connection.setDoOutput(true);

connection.setDoInput(true);

connection.setUseCaches(false);

connection.setAllowUserInteraction(false);

connection.setRequestProperty("Content-Type", "application/json");

try {

consumer.sign(connection);

}

catch (Exception e) {

}

connection.connect();

responseCode = connection.getResponseCode();

[Warren McAllister]

Thanks - a further update, it works over WiFi, but not over 3G!

DefaultOauthConsumer advice still holds?

Warren

[Warren McAllister]

Thanks - update - it appears to work over WiFi, but not on 3G...

Can you point me to a concrete example of using  CommonsHttpOAuth?

Thanks!

Warren

On Monday, 11 June 2012 19:12:35 UTC+1, Matthias wrote:

[Matthias Käppler]

I doubt this would be related to the library. The lib is not concerned
with networking. It takes an HTTP request and adds header fields or
query parameters. What could happen in this case is that in one
configuration you're going through a proxy that rewrites or drops
header fields?

I don't know, could be many things. We use the library on all versions
of Android and a boat load of devices since 2009 without problems, so
I'm fairly confident it's not a bug in the lib :-)

> --
> You received this message because you are subscribed to the Google Groups
> "Signpost users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/signpost-users/-/EeQBRQfXf_IJ.
>
> To post to this group, send email to signpos...@googlegroups.com.
> To unsubscribe from this group, send email to
> signpost-user...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/signpost-users?hl=en.



--
-Matthias

[Paddy Foran]

I've used the library for years in a rather popular application, and it has proven its mettle on pretty much every device and OS level.

If I had to take a guess, based on personal experience, I would bet that the token is expiring. Check and make sure the device's time and date (and timezone--this is usually an issue on Samsung devices) are set correctly.

[Matthias Käppler]

One other thing that I can think of, since that actually affects our
own app too (need to finally fix this...), is retrying requests.
Commons HTTP has a built-in request-retry logic, which will resend
"safe" HTTP requests (i.e. idempotent requests such as GET or PUT).
This does NOT work with OAuth, since the server will treat this as a
replay attack (nonce and timestamp will be the same) and drop the
request with a 401.

You said you're not using Apache Commons HTTP, but double check your
code for this potential problem, since it's a rather subtle one.

--
-Matthias

[Warren McAllister]

Thanks for all your help - I'll update this thread when I make progress!

Warren

>> > To post to this group, send email to signpost-users@googlegroups.com.

>> > To unsubscribe from this group, send email to

>> > signpost-users+unsubscribe@googlegroups.com.

>> > For more options, visit this group at
>> > http://groups.google.com/group/signpost-users?hl=en.
>>
>>
>>
>> --
>> -Matthias
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Signpost users" group.

>> To post to this group, send email to signpost-users@googlegroups.com.

>> To unsubscribe from this group, send email to

>> signpost-users+unsubscribe@googlegroups.com.

>> For more options, visit this group at
>> http://groups.google.com/group/signpost-users?hl=en.
>>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Signpost users" group.

> To post to this group, send email to signpost-users@googlegroups.com.

> To unsubscribe from this group, send email to

> signpost-users+unsubscribe@googlegroups.com.

[Warren McAllister]

Turns out that the Operator's network was stripping the headers - problem solved (for now) by switching to an HTTPS connection.

[Matthias Käppler]

good to hear it's working now!

-Matthias
(sent from my mobile. through a series of tubes.)

To view this discussion on the web visit https://groups.google.com/d/msg/signpost-users/-/5fqYd6XoAMoJ.
To post to this group, send email to signpos...@googlegroups.com.
To unsubscribe from this group, send email to signpost-user...@googlegroups.com.