0

Accessing Resources Failure (401)

Hi, I've tried every variation here.

I have successfully established an access token per the standard OAuth flow. However, when I attempt to access a resource, with a well-formed Authorization header, parameters, and signature (HMAC), I receive an error, 401 / "Please provide valid credentials".

What, specifically, does this mean? I understand that you guys support the Sessions extension, but does that play into the normal flow?

Not sure where to take it from here - any help is appreciated. Happy to provide whatever information I can.

by
5 Replies
  • Okay, so the issue is that I am trying to access resources from a different server than the one from which I established the session. Apparently the domain requires a sub-domain, so I can't create a general application for our service. If that's not going to work, I don't think we're going to be able to use Y! apis... Regardless, when I try to access any resource from the original authorizing server, I get (502) "Server Hangup" for any request, which, I assume, is all on Yahoo!'s end.
    0
  • Please provide more details by sending an email to oauth-feedback@yahoo-inc.com and someone from engineering will assist you with the issue.

    Thanks,
    Aanchal Gupta

    Yahoo! Membership Team
    0
  • you have to make signature properly
    also pass the encoded token the parameters you are adding.
    and use encoded token value while generating the signature.
    0
  • Hi,

    I have the same problem, every time I make a request for private user data I get the following response:

    response: Response: 502 Server Hangup responsebody: <HEAD><TITLE>Server Hangup</TITLE></HEAD><BODY BGCOLOR="white" FGCOLOR="black"><FONT FACE="Helvetica,Arial"><B> Server Hangup</B></FONT><!-- default "Server Hangup" response (502) --></BODY>

    And yes, I made sure that my request contains the proper oauth values:

    POST /v1/yql?q=select%20*%20from%20social.profile%20where%20guid%3Dme&format=json HTTP/1.1

    Authorization: OAuth oauth_token="A%3DfqtZJXXMuVvaq3X8ykgh855FJxwwskRE37MLD7KDoFz0LjtNOS2nBB7Q9JBD5AyYZAG50gnEzBoEwN
    .PZK_20Tz.0Q_KGYJsYzTquTO19WGpwJPPupoB7tlshN9doxEcnYNisDpVKChmRsfPxOsREVxoGh8nyMP
    0aQB8NQr0AKPy9XKHs7t4NhhPQ.R6aV3tD.UbS4xYFK9C56nB_MDDeRPt0m.sdYV1CYZTYFQeyQ5_Xgjh
    jSBdkjHT5Z52Udkg1XBTKaFHlBE7y8Sysit38KJMbhCOS6hSy355T7QeZJZvGkIUYHEd846rHDzqM4C4E
    cmNDKCRgR8jTmW342bRt_yoLGNfRGXMSCv6.nVrZw_MjWIjsIgIEan0OjEn4lDuicri.kT62fUePm3xtN
    FpKMF3kDxtsE_fN4Mo7tOt_fceJdP8w2YeGWHu9AjgWe0P6kmR4D8Jz5HDWa1gDwDbNn_eDGpYkLSDawX
    ODza4aFID6TQE6SEOIwLkOGSrN9TAjjLJcxLsySDh8iP0lHa2_Vj9pnmEbHxscEJmbZEs7PLix3TE_MI9
    EitmQEXC.NS1UIuLEuAG5mtnWotGldTIpg8vZmOvF1d6597qXPk.Twpmc3h96B5CV7hzmtldL3swTmF7r
    Dwxr8ldbmLaGc4obAhg4Lh6Znni3Xe0hBeabOdhOO_WADQWM8ltz0XK8Izl2QfV4QUZZF2uYcQ_o56i5C
    5Ai4duGK.YOLTTFWda3vLjK8OD2A4WoBBTk4uHNglBrfJ835h4cDmoaqha.LvjUJfW.T9tW5QBJC.dj6U
    XyKrpPMkG9onKOGH5LrAnuOya4KzmBOuzkr_xxx--", oauth_verifier="paxphu", oauth_consumer_key="dj0yJmk9UnlWaDk2TWFxdTQyJmQ9WVdrOVJqTlFRVWw0TjJjbWNHbzlNVEUwTXpJMk1EQTJNZy0
    tJnM9Y29uc3VtZXJzZWNyZXQmeD1jMg--", oauth_version="1.0", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1274182073", oauth_nonce="2030112002062743781", oauth_signature="iTm%2FQ3QC2WG%2FHk%2Bl%2BH3YgNYOOtU%3D"

    Content-Length: 0

    Host: query.yahooapis.com

    Connection: Keep-Alive

    User-Agent: Apache-HttpClient/4.0.1 (java 1.5)


    Here is the source code I use:

    CODE
      @Override
    protected ModelAndView showForm(final HttpServletRequest originalrequest, final HttpServletResponse response, final BindException errors) throws Exception {

    OAuthConsumer consumer = new CommonsHttpOAuthConsumer(CONSUMER_KEY, CONSUMER_SECRET);
    OAuthProvider provider = new DefaultOAuthProvider("https://api.login.yahoo.com/oauth/v2/get_request_token", "https://api.login.yahoo.com/oauth/v2/get_token",
    "https://api.login.yahoo.com/oauth/v2/request_auth");
    provider.setOAuth10a(true);

    final Map<String, Object> model = new HashMap<String, Object>();
    String parameterTok = originalrequest.getParameter("oauth_token");
    String parameterVer = originalrequest.getParameter("oauth_verifier");

    if (parameterTok == null || parameterVer == null) {
    // /STEP 1 ///
    String authUrl = provider.retrieveRequestToken(consumer, "http://mydomain.com:8080/yahooauthorization/yahooinfo.html");

    requestParameters = consumer.getRequestParameters();
    this.tokenSecret = consumer.getTokenSecret();

    model.put("text", authUrl);
    model.put("yahooTan", "");

    final ModelAndView showForm = super.showForm(originalrequest, response, errors, model);
    return showForm;
    } else {
    // STEP 3, user has to be authenticated //
    consumer.setTokenWithSecret(parameterTok, tokenSecret);
    provider.retrieveAccessToken(consumer, parameterVer);

    // make 3-legged user info request
    HttpPost request = new HttpPost("http://query.yahooapis.com/v1/yql?q=select%20*%20from%20social.profile%20where%20guid%3Dme&format=json");
    // sign the request
    consumer.sign(request);

    HttpClient httpClient = new DefaultHttpClient();
    HttpResponse response2 = httpClient.execute(request);

    String res = "Response: " + response2.getStatusLine().getStatusCode() + " " + response2.getStatusLine().getReasonPhrase();
    StringBuilder responsebody = readBody(response2.getEntity().getContent());

    model.put("parameter", "token:" + parameterTok + ", verifier:" + parameterVer);
    model.put("response", res + " responsebody: " + responsebody);

    return new ModelAndView("signpost", model);
    }
    }

    private StringBuilder readBody(InputStream is) throws IOException {
    BufferedReader in = new BufferedReader(new InputStreamReader(is));
    String inputLine;

    StringBuilder builder = new StringBuilder();
    while ((inputLine = in.readLine()) != null)
    builder.append(inputLine);
    in.close();
    return builder;
    }



    Can somebody help me?
    Thank you !!
    0
  • Hi,

    HTTP error code 502 means server error. It has something to do
    with the YQL server. This is different from 401 which is mostly
    OAuth error. I don't think there is any problem with your OAuth
    request per se. Can you please check with the YQL forum?
    http://developer.yahoo.net/forum/index.php?showforum=41

    I am closing this topic since it is really old and the problem
    you see is different from the original post.

    Thanks,
    Yu Wang
    Yahoo! Membership Team
    0

Recent Posts

in OAuth General Discussion YDN SDKs