Back to OAuth General Discussion YDN SDKs Forum
0

Random 401 Unauthorized Errors on get_token()

I am using a .NET HTTPWebRequest to call get_token. Randomly, my call will return a 401 error. But plugging the exact URL into the browser or simply re-issuing the same web request, it works fine. Has anyone experienced random 401s on the initial call to get_token but then re-call it and it works fine? Is this a problem with Yahoo!?

Sample call:
https://api.login.yahoo.com/oauth/v2/get_to...verifier=kz7mxf

by
Report Abuse
8 Replies
  • Hi Eric,

    When the 401 error is returned, the detailed error information is
    shown in both HTTP response headers and body. Can you please log
    the complete request you sent and the response you got and copy
    them over here? So we can check it from our end.

    We would need to know your consumer key. Unless it is a
    signature_invalid error, you can edit the request to remove the
    oauth_signature (which contains the secret).

    Thanks,
    Yu Wang
    Yahoo! Membership Team
    Report Abuse
    0
  • Here's the request:
    https://api.login.yahoo.com/oauth/v2/get_to...verifier=daqeaj

    Here's the 401 response:
    Connection: close
    Transfer-Encoding: chunked
    Content-Type: application/x-www-form-urlencoded
    Date: Thu, 22 Apr 2010 21:56:55 GMT
    P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
    WWW-Authenticate: OAuth oauth_problem=token_rejected

    Gernally, I issue the same request again and it works fine. In this case, issuing it again worked.

    Thanks for your help.

    Eric
    Report Abuse
    0
  • Here's the HTTP get with just the query string (seems the forum munges the link):
    get_token?oauth_nonce=7283231&oauth_timestamp=1271973416&oauth_consumer_key=dj0yJmk9R3R3MjNNQVdlYzI5JmQ9WVdrOWFrdGFTME54TkdzbWNHbzlOe
    kE0TlRRek9UWXkmcz1jb25zdW1lcnNlY3JldCZ4PTQx&oauth_signature_method=plaintext&oauth_signature=MYSECRET%266123aea17af7545976b914f47491bc73fc60df23&oauth_version=1.0&oauth_token=ufgqej4&oauth_verifier=daqeaj
    Report Abuse
    0
  • Hi Eric,

    Can you please keep your site up and running? I can reproduce this
    myself and will ask the relevant team from Yahoo! to do more
    investigation.

    Thanks,
    Yu Wang
    Report Abuse
    0
  • Thanks for your help on this. It is up and running and I will leave it up. As indicated, I actually have the auth.aspx page trying the HTTP get twice -- the second time if the first one fails. The first call only fails randomly, but if you see two identical calls on your end with the same params then this is an indication that it is retrying. I have seen cases where the second call also fails, but this happens less. If both calls fail, it will redirect to an error.aspx page and if you view the details you will see the 401 error (I am not currently outputting the HTTPResponse headers, but can if you need them).

    Thanks again!
    Eric
    Report Abuse
    0
  • Hi Eric,

    We'll also try to reproduce it reliably in our local environments
    then we can debug where it can be wrong more easily.

    Thanks,
    Yu Wang
    Report Abuse
    0
  • Thanks! Please note that it seems to happen more often when multiple users are accessing the system (but will happen with a single user as well). Let me know if there is anything else I can do to assist in tracking this down.

    Thanks,
    Eric
    Report Abuse
    0

  • Sorry for reviving this old topic but were you ever able to resolve this? I am experiencing exactly the same problem with the get_token endpoint.

    Report Abuse
    0
Ask a Question

Recent Posts

in OAuth General Discussion YDN SDKs