I've got access token using the plaintext method and trying to use it the API requests. And I'm getting invalid_signature error. The code that I'm using for generating the signature seems correct, because I tested it using the data from the example provided here http://oauth.net/core/1.0/#sig_base_example and resulting base strings and signatures were equal. I'm fighting several days already with this problem and actually have no more ideas.
This part is very poorly documented, and seems yahoo is not going to change anything here. This problem exists about three years as I see from the similar posts, but still nothing was clarified.
Hi Kelvin. I'm using erlang mostly, but in some cases (when I need to try something having it as a web content) php.
As for this problem, I managed to get request_token and then access token using hmac-sha1, that means that my code generates signature correctly, but still no success with messaging API using hmac-sha1. So, at the moment I use plaintext.
Try "PLAINTEXT" instead of "plaintext", that was the confusing part for me, because while getting tokens it works with lowercase "plaintext", but in case of creating session and messaging it requires uppercase.