posting with bash+curl, using openssl sha1 -hmac | base64 for signature, but server keeps expecting a different value.
1,581 views
Skip to first unread message
Tony Baldwin
Nov 11, 2012, 3:59:20 PM11/11/12
to tumbl...@googlegroups.com
I'm trying to post with bash+curl
(had a working script for old API http://tonyb.us/tumble, but clearly, not working now that oauth is required).
Using this information to create a signature: https://dev.twitter.com/docs/auth/creating-signature
I get something like:
POST&http%3A%2F%2Fapi.tumblr.com%2Foauth%2Frequest_token%26oauth_consumer_key%3DtRaNOTMYKEYmBLaHbLAhn9QAEMSORRY0DmALTEREDqfof%26oauth_nonce%26s0m3NonsenEaNdBlAhb14h%26oauth_signature_method%3DHMAC-SHAI%26oauth_time_stamp%3D1352666079
then pass it through openssl sha1 -hmac (because I know no other way in bash to get HMAC-SHA1), then base64
ie., take that percent_encoded string and do
$ echo -n "$SIGSTRING" | openssl sha1 -hmac | base64
Str1ngIg3n3r4tedHere=
when I send a request using the signature generated in this fashion, every time the server response is
oauth_signature [Str1ngIg3n3r4tedHere=] does not match expected value [Tumblr3xp3ct3dTh1sStr1ng=]
What am I doing wrong?
Probably not relevant, but I'm using Debian Stable, AMD64, blah blah...
thanks,
tony
(had a working script for old API http://tonyb.us/tumble, but clearly, not working now that oauth is required).
Using this information to create a signature: https://dev.twitter.com/docs/auth/creating-signature
I get something like:
POST&http%3A%2F%2Fapi.tumblr.com%2Foauth%2Frequest_token%26oauth_consumer_key%3DtRaNOTMYKEYmBLaHbLAhn9QAEMSORRY0DmALTEREDqfof%26oauth_nonce%26s0m3NonsenEaNdBlAhb14h%26oauth_signature_method%3DHMAC-SHAI%26oauth_time_stamp%3D1352666079
then pass it through openssl sha1 -hmac (because I know no other way in bash to get HMAC-SHA1), then base64
ie., take that percent_encoded string and do
$ echo -n "$SIGSTRING" | openssl sha1 -hmac | base64
Str1ngIg3n3r4tedHere=
when I send a request using the signature generated in this fashion, every time the server response is
oauth_signature [Str1ngIg3n3r4tedHere=] does not match expected value [Tumblr3xp3ct3dTh1sStr1ng=]
What am I doing wrong?
Probably not relevant, but I'm using Debian Stable, AMD64, blah blah...
thanks,
tony
Tony Baldwin
Nov 11, 2012, 6:17:39 PM11/11/12
to tumbl...@googlegroups.com
On Sunday, November 11, 2012 3:59:20 PM UTC-5, Tony Baldwin wrote:
I'm trying to post with bash+curl
(had a working script for old API http://tonyb.us/tumble, but clearly, not working now that oauth is required).
Using this information to create a signature: https://dev.twitter.com/docs/auth/creating-signature
I get something like:
POST&http%3A%2F%2Fapi.tumblr.com%2Foauth%2Frequest_token%26oauth_consumer_key%3DtRaNOTMYKEYmBLaHbLAhn9QAEMSORRY0DmALTEREDqfof%26oauth_nonce%26s0m3NonsenEaNdBlAhb14h%26oauth_signature_method%3DHMAC-SHAI%26oauth_time_stamp%3D1352666079
then pass it through openssl sha1 -hmac (because I know no other way in bash to get HMAC-SHA1), then base64
ie., take that percent_encoded string and do
$ echo -n "$SIGSTRING" | openssl sha1 -hmac | base64
Str1ngIg3n3r4tedHere=
when I send a request using the signature generated in this fashion, every time the server response is
oauth_signature [Str1ngIg3n3r4tedHere=] does not match expected value [Tumblr3xp3ct3dTh1sStr1ng=]
I see examples with
$ echo -n "$SIGSTRING" | openssl sha1 -hmac "key" | base64
but nowhere do I find any explanation of what this "key" value is or should be or how to find it or generate it.
I can only guess that's the missing "key" here...
./tony
http://www.tonybaldwin.me
Reply all
Reply to author
Forward
0 new messages