401 Unauthorized access with get_request_token

I'm having a helluva time requesting a token. When I make this request (replacing MY_KEY_HERE and MY_SIG_HERE with correct values)

wget -S -d https://api.login.yahoo.com/oauth/v2/get_request_token --post-data= "oauth_nonce=23309551&oauth_timestamp=1278110021&oauth_consumer_key=MY_KEY_HERE&oauth_signature_method=HMAC-SHA1&oauth_signature=MY_SIG_HERE oauth_version=1.0&xoauth_lang_pref=en-us&oauth_callback=oob" -O out.txt

I get a response of:

Setting --post-data (postdata) to oauth_nonce=23309551&oauth_timestamp=1278110021&oauth_consumer_key=MY_KEY_HERE&oauth_signature_method=HMAC-SHA1&oauth_signature=MY_SIG_HERE&oauth_version=1.0&xoauth_lang_pref=en-us&oauth_callback=oob DEBUG output created by Wget 1.13.4 on cygwin.

URI encoding = UTF-8' --2013-04-03 14:00:48-- https://api.login.yahoo.com/oauth/v2/get_request_token Resolving api.login.yahoo.com (api.login.yahoo.com)... Caching api.login.yahoo.com => Connecting to api.login.yahoo.com (api.login.yahoo.com)||:443... connected. Created socket 3. Releasing 0x80043fb0 (new refcount 1). ERROR: The certificate ofapi.login.yahoo.com' is not trusted. ERROR: The certificate of `api.login.yahoo.com' hasn't got a known issuer.

The out.txt is empty. This seems to be an error...a 401 when I test it in the browser.

Help!! Any ideas? I see that there are MANY folks having a similar problem.

2 Replies
  • OK, I found a workaround. I was never able to get the Request Token without getting a 401.... But I didn't need one at all! I used just the consumerKey and ConsumerSecret.

     static void Main(string[] args)
            var oAuth = new OAuthBase();
            var consumerKey = ConfigurationManager.AppSettings["oauth_consumer_key"];
            var consumerSecret = ConfigurationManager.AppSettings["oauth_consumer_secret"];
            var nonce = oAuth.GenerateNonce();
            var timeStamp = oAuth.GenerateTimeStamp();
            string root = "http://yboss.yahooapis.com/geo/placefinder?callback=json2";
            string query = "&q=701+first+avenue+sunnnyvale";
            var uri = new Uri(root + query);
            string signed_url, param;
            var signature = oAuth.GenerateSignature(uri, consumerKey,
                            consumerSecret, string.Empty, string.Empty, "GET", timeStamp, nonce,
                            OAuthBase.SignatureTypes.HMACSHA1, out signed_url, out param);
            var request = WebRequest.Create(string.Format("{0}?{1}&oauth_signature={2}",
                                            signed_url, param, signature));
            var resultString = "";
            using (StreamReader read = new StreamReader(request.GetResponse().GetResponseStream(), true))
                resultString = read.ReadToEnd();
            Console.WriteLine("Press any key to stop...");

    And...we have data!

    87 37.416599 -122.026009 [...]

    Struggling in vain to get that dang Request Token cost me half a day of wasted effort. I don't understand why you guys aren't advocating this simpler method.

    Hopefully, this helps someone else.

  • This only seems to work with public data not any data that is considered private...


Recent Posts

in OAuth General Discussion YDN SDKs