0

OAuth Token Rejected

Hi there,

I've been attempting to access Yahoo contact data using 3 leg OAuth but when I attempt to access a protected resource after receiving an access token I get a "token rejected" message.



Details:
** Request **
GET: http://social.yahooapis.com/v1/user/{MY-US...cts?format=json

{
Authorization=OAuth
oauth_consumer_key="dj0yJmk9c01GRDc2SzdtTW1lJmQ9WVdrOU0wOVFTWGxYTkhNbWNHbzlNVFk0TURNM09EYzJNZy0
tJnM9Y29uc3VtZXJzZWNyZXQmeD0zNQ--",
oauth_nonce="f879b467b281f8a52f666f2af6436c1f",
oauth_signature="4bfNxLg9bE5P6mNsqqSsy9BO0OA%3D",
oauth_signature_method="HMAC-SHA1",
oauth_timestamp="1274982101",
oauth_token="A%253DVhhJ0nf6uzkSZ_POO5dYpdo7nXCmP.ahl811N8mbALlpcvBnicXM2XfS.zaHNZBxf1pQAACg2fZ7
PHjz0tvOttWGwEYc09o2OOUwAeBuXCz2fvmQx2bY9iwQ84XDacBDmmISndIJS65SOUHZjOcRV2Q3uYsUT
.g.IfSra5wYFAYsz5TRijXiCnFxjwuimt8WvLsOKSI8NrRbs9yY85e8EkdHw07xZc.KV.O5NvSRsQdVzy
czrKLM4ECP38no2LBsAshLWDst8mkPHj1i8gDLav391_TGcBv59gdOrkalOwlxeP_9HMo4qP5.qXxPQgX
JGpXSTYHYFTxg7d1ETndmAakRQNjxxUAk_hQ2BIkhwG3UsPGcG_UBh_WEVrxA.Zt9G.OZgGjES2d17hiT
C2IAANgtpyBGVcE6x6RGp7WnwZz11r8azJDLtNWslCXTydyPMTp0_SkjhwD.1vpEh2rkeV.FTPAytIihT
pL_bIgYnK4.k2blg4Koek7NEBo5WTo_nlKPJf_l_PSFOF3n6yq2CSqSt4LUWSoVdoVJ7buQH5F43cRvdi
.X9Q7kdkaEBeYcWvBWhBFV8GpT3q2rMPoY3EMRUTpsN7v7uTSmC6AGCDgm7cG7i1DiTlOBjZ7_WJFqRIW
gD3n4Rg1srXDxSzVGCK7jx6TPIxIyGa3BB9X4f8.Kde2HXbJ4RNFd2OvlsRS3id1wnYO6y.8a_glCEZDq
hm2s9.3SmKA8kDTMhsQLeZOyLvw557p5ZRf_E.RvYpQPakM-",
oauth_version="1.0",
realm="yahooapis.com"
}

** Response **
{
null=HTTP/1.1 401 Authorization Required, Age=0,
WWW-Authenticate=OAuth oauth_problem="token_rejected",
realm="yahooapis.com",
Transfer-Encoding=chunked,
Vary=Accept-Encoding,
Date=Thu, 27 May 2010 17:42:04 GMT,
Via=HTTP/1.1 r5.ycpi.uls.yahoo.net (YahooTrafficServer/1.18.5 [cMsSf ]),
Connection=keep-alive,
Content-Type=application/json,
Server=YTS/1.18.5
}

{
"error":{"lang":"en-US","description":"Please provide valid credentials. OAuth oauth_problem=\"token_rejected\", realm=\"yahooapis.com\""}
}


If anyone has any ideas I'd be very grateful. This is a bit of a stumbling block sad.gif

Cheers,
James

by
2 Replies
  • Hi James,

    The oauth_token should take the form of 'A%3D...', not 'A%253D...' It looks like
    you URL-encode it twice.

    Thanks,
    Yu Wang
    Yahoo! Membership Team
    0
  • QUOTE (omiga @ May 27 2010, 11:08 AM) <{POST_SNAPBACK}>
    Hi James,

    The oauth_token should take the form of 'A%3D...', not 'A%253D...' It looks like
    you URL-encode it twice.

    Thanks,
    Yu Wang
    Yahoo! Membership Team


    Thanks Yu Wang!

    Discovered that the oauth token was already encoded when received in the auth response which I wasn't taking account of.
    Unencoded it on receipt now I have it working :)
    0

Recent Posts

in OAuth General Discussion YDN SDKs