0

OAuth consumer key getting rejected

I posted this message to a Yahoo groups(http://tech.groups.yahoo.com/group/ydn-auth/message/703 ) on Auth but it looks like that group is not active and hence posting it here. Apologies in advance if members here read pots from that Yahoo group as well.


I am trying to connect to Yahoo's OAuth server using App Engine and i keep getting an error msg:

(I got this by redirecting the request to my our server and dumping the header/contents)
HEADER

CODE
{'date': 'Tue, 21 Apr 2009 05:00:17 GMT', 'transfer-encoding': 'chunked', 
'cache-control': 'no-cache', 'content-type': 'text/html; charset=utf-8', 'server': 'Google Frontend'}


CONTENT
CODE
oauth_nonce=87287779&oauth_timestamp=1240290017&oauth_consumer_key=MYCONSUMERKEY&
oauth_signature_method=plaintext&oauth_version=1.0&oauth_signature=MYSECRETCODE%26
&xoauth_lang_pref=en-us

When I connect to the auth server using the above data, I get this msg:
CODE
{'Via': 'HTTP/1.1 GWA', 'X-Google-Cache-Control': 'remote-fetch', 'Connection': 'close', '
Date': 'Tue, 21 Apr 2009 05:12:19 GMT', 'P3P': 'policyref="http://info.yahoo.com/w3c/p3p.xml",
CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi
OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"',
'Content-Type': 'application/x-www-form-urlencoded',
'WWW-Authenticate': 'OAuth oauth_problem=consumer_key_rejected'}oauth_problem=consumer_key_rejected


OAuth error codes suggest that consumer_key_rejected means the app is disabled. So I regenerate the key and I still have the same issue.

I tried this from my app engine (production) account (verified domain) and also from my test server. Same issue....

Could you please let me know what I am doing wrong? I am posting the basic code below. I changed the code a bit here (from my original post) to use GET instead of POST. No change in result.

CODE
class Yahoo(webapp.RequestHandler):
def generate_timestamp(self):
return int(time.time())

def generate_nonce(self,length=8):
return ''.join([str(random.randint(0, 9)) for i in range(length)])

def get(self):

# added & at the end of sig as i am using plaintext
req_token = {
'oauth_nonce': self.generate_nonce(),
'oauth_timestamp': self.generate_timestamp(),
'oauth_consumer_key': 'MYCONSUMERKEY',
'oauth_signature_method':'plaintext',
'oauth_signature':'MYSECRET&',
'oauth_version':'1.0'
}

req_token_enc = urllib.urlencode(req_token).strip()
url = "https://api.login.yahoo.com/oauth/v2/get_request_token?" + req_token_enc

# Just to verify if the url construction is correct
self.response.out.write(url)

# App engine API to get URL. I tried using urllib2 with no luck as well...
result = urlfetch.fetch(url=url,method=urlfetch.GET)

self.response.headers['Content-Type'] = 'text/plain'

if (result.status_code == 200):
self.response.out.write("\nSucess\n")
else:
self.response.out.write("\nERROR\n")

self.response.out.write(result.headers)
self.response.out.write(result.content)

by
6 Replies
  • i get the same problem,how did you deal with it?
    it's very strange for me to post this prarmgrame
    0
  • i get the same problem,how did you deal with it?
    it's very strange for me to post this prarmgrame
    my email is: zhenwenlew@yahoo.cn
    if you deal with it ,please tell me thankyou
    0
  • Assuming that this consumer_key is getting rejected when you make the call for the request_token (https://api.login.yahoo.com/oauth/v2/get_request_token)...

    When generating the token, did you ask for access to user private data (3-legged OAuth) or user public data (2-legged OAuth)? If the latter, then you do not need to go through the 3-legged OAuth dance ... your key will be rejected.

    Ran into the same problem myself.
    0
  • Hello all. I have some problems with rejected key . Anybody know how provide a correct work ? Thank.
    0
  • Just to confirm what Arnab said ... I was also getting consumer_key_rejected, and it was because I'd accidentally marked my API as only needing public data, not private. Once I properly configured things here, the consumer key was accepted.
    0
  • Hi Thomas,

    Thanks for the information.

    For anyone who gets consumer_key_rejected error, they should first
    check whether their consumer key is registered as requiring access
    to user data or not. If not, they should create a new one that requires
    such access before they attempt the OAuth flow.

    Thanks,
    Yu Wang
    Yahoo! Membership Team
    0

Recent Posts

in OAuth General Discussion YDN SDKs