0

OAuth oauth_problem=signature_invalid

I have a Consumer Key and Consumer Secret key and use the url https://api.login.yahoo.com/oauth/v2/get_request_token? with other additional parameters to get the request token .
when i tried to use url in IE i encountered error like "IE cannot download get request rom api.login.yahoo.com" .
Next i tried in curl , with the API again error like "WWW-Authenticate: OAuth oauth_problem=signature_invalid".

Can anyone tell me what is the mistake i have done?

Thanks
Melvin

by
6 Replies
  • Hi Melvin,

    Can you please provide the detailed HTTP request and response headers
    so we can help check where it can go wrong?

    Thanks,
    Yu Wang
    Yahoo! Membership Team
    0
  • Hi

    Thanks for you reply.

    Let me give a overall view about my project

    I like import user yahoo contacts using Yahoo Contact API. I understand that to get the yahoo contact the following request URL (API ) http://social.yahooapis.com/v1/user/{guid}/contacts has to use .But it needs guid .

    I tired to get the guid by following steps
    1.Get an API Key
    2.Sign Up and Get a Consumer Key
    3.Get a Request Token

    upto step 3 i got revelant response. but to proceed further step 4 (https://api.login.yahoo.com/oauth/v2/request_auth

    ). I am not able to get response for the step 4 (Get User Authorization (request_auth) )

    step 1 output:

    Consumer Key:
    Consumer Secret:
    dj0yJmk9UXdMajF3ektjaWJnJmQ9WVdrOVJuVlhPWHA2TXpZbWNHbzlNakkwTWpFd05EWXkmcz1jb25z
    dW1lcnNlY3JldCZ4PTVh 946899c696ca46a36dd2b939f8e5a986d6520609

    step 2 request and response

    curl -v -k https://api.login.yahoo.com/oauth/v2/get_request_token? -d oauth_nonce=ce2130523f788f313f76314ed3965ea6 -d oauth_timestamp=1202956957 -d oauth_consumer_key=dj0yJmk9UXdMajF3ektjaWJnJmQ9WVdrOVJuVlhPWHA2TXpZbWNHbzlNakkwT
    WpFd05EWXkmcz1jb25zdW1lcnNlY3JldCZ4PTVh -d oauth_signature_method=plaintext -d oauth_signature=946899c696ca46a36dd2b939f8e5a986d6520609%26 -d oauth_version=1.0 -d xoauth_lang_pref="en-us" -d oauth_callback="http://localhost" -o n1.txt

    oauth_token=gsnjqvf&oauth_token_secret=8d093835f1fe9d6cee1f435409f6beeb590de1de&oauth_expires_in=3600&xoauth_request_auth_url=https%3A%2F%2Fapi.login.yahoo.com%2Foauth%2Fv2%2Frequest_auth%3Foauth_token%3Dgsnjqvf&oauth_callback_confirmed=true

    step 3 request
    curl -k -v https://api.login.yahoo.com/oauth/v2/reques...h_token=gsnjqvf -o n2.txt

    response
    <!-- oauth02.member.sg1.yahoo.com uncompressed/chunked Sun Dec 12 09:23:52 PST 2010 -->


    I am getting message in the putput response file , instead of oauth token and oauth verifier.

    Kindly help me to fix this issue .

    FYI : in the oauth callback pacrameter , i tried with oauth_callback=oob .For this case also , i am getting the above step3


    Thanks
    melvin
    0
  • Hi Melvin,

    The step 3 is not a server-to-server backend call: You should redirect
    user's browser to it.

    https://api.login.yahoo.com/oauth/v2/reques...h_token=gsnjqvf

    so the oauth_token can be authorized. Only after that can you do
    a https://api.login.yahoo.com/oauth/v2/get_token call to get user's
    access token.

    You can check the following document for the step-by-step guide:
    http://developer.yahoo.com/oauth/guide/ope...auth-guide.html

    Thanks,
    Yu Wang
    Yahoo! Membership Team
    0
  • Hi

    Thanks for your reply.

    Here are my other questions:

    1. My applciation is not browser based it is device based application. Any way whether it is browser or non browser based we need the token.
    2.So i used oauth_Callback = oob , in that case how can i get the oauth_verifier
    3. As you said i used the following for redirecting the url by

    curl -k -v -L https://api.login.yahoo.com/oauth/v2/reques...h_token=gsnjqvf -o n2.txt [here in curl -L means it will redirect to the url]

    Th output is below and there is no oauth_verifier





    Yahoo!























    Yahoo! is unable to process your request. We recommend that you contact the owner of the application or web site to resolve this issue. [95025]
















    Copyright © 2010 Yahoo! Inc. All rights reserved.


    Copyright/IP Policy |
    Terms of Service |
    Guide to Online Security |
    Privacy Policy



    <script type="text/javascript" src="https://s.yimg.com/lq/lib/reg/js/yahoo-dom-event-2.6.0.js"></script>
    <script type="text/javascript"><br /><br /> var Dom = YAHOO.util.Dom;<br /> var Event = YAHOO.util.Event;<br /><br /> function init() {<br /> Event.on("ccLink", "click", function(t) {<br /> Event.preventDefault(t);<br /> window.open("http://help.yahoo.com/l/us/yahoo/edit/alternate_email/general.html", "customercare", "resizable=1,scrollbars=1,toolbar=1,menubar=1,location=1,width=800,height=60<br />0");<br /> });<br /> }<br /><br /> Event.onDOMReady(init);<br /><br /> </script>








    I also understand to Present the Yahoo! Authorization Page
    1.Present the Yahoo! authorization page through a browser pop-up window. (Preferred Method)
    2.Redirect from your Web application off-site to the Yahoo! authorization page

    In that case if my application is not browser based , how can i do the rdirect.
    Is there any special API for that.


    Thanks
    Melvin
    0
  • QUOTE (vinthiya m @ Dec 13 2010, 05:59 PM) <{POST_SNAPBACK}>
    Hi

    Thanks for your reply.

    Here are my other questions:

    1. My applciation is not browser based it is device based application. Any way whether it is browser or non browser based we need the token.
    2.So i used oauth_Callback = oob , in that case how can i get the oauth_verifier
    3. As you said i used the following for redirecting the url by

    curl -k -v -L https://api.login.yahoo.com/oauth/v2/reques...h_token=gsnjqvf -o n2.txt [here in curl -L means it will redirect to the url]

    Th output is below and there is no oauth_verifier





    Yahoo!























    Yahoo! is unable to process your request. We recommend that you contact the owner of the application or web site to resolve this issue. [95025]
















    Copyright © 2010 Yahoo! Inc. All rights reserved.


    Copyright/IP Policy |
    Terms of Service |
    Guide to Online Security |
    Privacy Policy



    <script type="text/javascript" src="https://s.yimg.com/lq/lib/reg/js/yahoo-dom-event-2.6.0.js"></script>
    <script type="text/javascript"><br /><br /> var Dom = YAHOO.util.Dom;<br /> var Event = YAHOO.util.Event;<br /><br /> function init() {<br /> Event.on("ccLink", "click", function(t) {<br /> Event.preventDefault(t);<br /> window.open("http://help.yahoo.com/l/us/yahoo/edit/alternate_email/general.html", "customercare", "resizable=1,scrollbars=1,toolbar=1,menubar=1,location=1,width=800,height=60<br />0");<br /> });<br /> }<br /><br /> Event.onDOMReady(init);<br /><br /> </script>








    I also understand to Present the Yahoo! Authorization Page
    1.Present the Yahoo! authorization page through a browser pop-up window. (Preferred Method)
    2.Redirect from your Web application off-site to the Yahoo! authorization page

    In that case if my application is not browser based , how can i do the rdirect.
    Is there any special API for that.


    Thanks
    Melvin


    If you are still having problems, I would suggest that you check out:

    http://nullinfo.wordpress.com/oauth-yahoo/

    As it has code for calling contacts and the API does work. It is also ran from the command-line too.
    0

  • for getting access token i build url like this,but i got error like

    auth_problem=signature_invalid




    https://api.login.yahoo.com/oauth/v2/get_request_token?oauth_callback=oob&oauth_timestamp=1343986727&oauth_version=1.0&oauth_consumer_key=dj0yJmk9M05uSkZ2WUY1M2VFJmQ9WVdrOVNVOWhOMEp4TkhNbWNHbzlNekEyT1RFMk9EWXkmcz1jb25zdW1lcnNlY3JldCZ4PWUw&oauth_signature=xh0eWEK1k4t/Iy5NOYXc5M9U6iE=&oauth_nonce=3CC8A5B8-8F6B-450F-9E93-124F8CB41274&oauth_signature_method=HMAC-SHA1.
    0

Recent Posts

in OAuth General Discussion YDN SDKs