I was testing my app today, starting from scratch with getting the initial authorization. However, Yahoo! is returning an HTTP 401 error with received ASCII data = "oauth_problem=signature_invalid".
The name of this error implies that my data content may be OK, but the my signature was not generated correctly. So I tested my request-generation code using the OAuth tester available from these guys, and it says that my signature is correct. Also, I tried it with an older, release version of my app which of course was tested several months ago and worked. But it does not work any more!
Is everything working OK at Delicious today? (I'm in California).
What are the possible causes of oauth_problem=signature_invalid? According to my notes, the last time I saw this was when I was developing my code, and found that I got this result if the key/value pairs in the request body were not sorted alphabetically by key.
I checked on my YDN account and my app is still there.
I remember reading some months back that Yahoo! promised to improve their developer support. I am definitely impressed.
Requested data has been sent privately to Yu. Yes, I know that either the consumer key or the consumer secret is supposed to be never published, but I always forget which one, so I keep them both hidden :PThank you!
We don't support non-HTTP/HTTPS oauth_callback URLs as per our security policy, so you have to use "oauth_callback=oob" and then users have to type the authorized request token in your application manually.
There is an issue in our code that fails to return the correct error code if HMAC-SHA1 signature method is used. Before it is fixed, if you find the oauth_signature_invalid error, then the actual error may be that the oauth_callback URL doesn't confirm to our current security policy. Please try with the PLAINTEXT signature and it should throw the correct error.
We'll fix this one in our next available OAuth release.