0

Request Auth doesn't work ?

I tested Yahoo OAuth here.
But request_auth doesn't work...

http://term.ie/oauth/example/client.php

The response returned is below.

==
oauth_problem=parameter_absent&oauth_parameters_absent=oauth_consumer_key
==

In the documentation, the required parameter is only oauth_token in the request_auth action.

Please tell me the reasons.

thanks!

by
6 Replies
  • I faced the same problem. When I sent all the parameters with the query string, it worked.
    Looks like Yahoo doesn't support parameters through Authorization or as HTTP Body.

    Only thing worked for me is parameters as query string. Give it a shot.

    Vijay Balani

    QUOTE (n.matake @ Oct 30 2008, 09:19 PM) <{POST_SNAPBACK}>
    I tested Yahoo OAuth here.
    But request_auth doesn't work...

    http://term.ie/oauth/example/client.php

    The response returned is below.

    ==
    oauth_problem=parameter_absent&oauth_parameters_absent=oauth_consumer_key
    ==

    In the documentation, the required parameter is only oauth_token in the request_auth action.

    Please tell me the reasons.

    thanks!
    0
  • QUOTE (synccontact @ Nov 20 2008, 11:33 PM) <{POST_SNAPBACK}>
    I faced the same problem. When I sent all the parameters with the query string, it worked.
    Looks like Yahoo doesn't support parameters through Authorization or as HTTP Body.

    Only thing worked for me is parameters as query string. Give it a shot.

    Vijay Balani



    request_auth should only require the oauth_token parameter (your request token) and an optional callback URL, with those parameters in a query string, I believe.

    -zach
    0
  • QUOTE (Zach graves @ Dec 1 2008, 03:58 PM) <{POST_SNAPBACK}>
    request_auth should only require the oauth_token parameter (your request token) and an optional callback URL, with those parameters in a query string, I believe.

    -zach


    Is there a reason why Yahoo's OAuth implementation doesn't follow the specifications?

    From http://oauth.net/core/1.0/#consumer_req_param
    QUOTE
    OAuth Protocol Parameters are sent from the Consumer to the Service Provider in one of three methods, in order of decreasing preference:

    1. In the HTTP Authorization header as defined in OAuth HTTP Authorization Scheme (OAuth HTTP Authorization Scheme).
    2. As the HTTP POST request body with a content-type of application/x-www-form-urlencoded.
    3. Added to the URLs in the query part (as defined by [RFC3986] (Berners-Lee, T., “Uniform Resource Identifiers (URI): Generic Syntax,” .) section 3).


    From http://developer.yahoo.com/oauth/guide/oau...ke-request.html
    QUOTE
    Requests to Yahoo! APIs and Web services that require OAuth authorization must provide the OAuth credentials either via query parameters or via an Authorization header. Credentials in the POST body are not supported.

    (This statement in itself is fine, but yet, as one guy pointed out in http://developer.yahoo.net/forum/index.php...dpost&p=826 , this is totally not working the way it should.)

    It seems like two different teams implemented the OAuth for token workflow and for API requests. Please either fix the implementation or fix the documentations. Having developers integrate with broken implementation AND bad documentations is a waste of everyone's time.
    0
  • Can you please try passing the parameters in HTTP Authorization header and see if that works for you? We recently added support for Authorization header.

    Thanks,
    Aanchal

    Yahoo Membership Team
    0
  • QUOTE (blogger @ Dec 11 2008, 10:23 AM) <{POST_SNAPBACK}>
    Can you please try passing the parameters in HTTP Authorization header and see if that works for you? We recently added support for Authorization header.

    Thanks,
    Aanchal

    Yahoo Membership Team


    I encountered problems when trying to Post a HTML string to yahoo smallview using Authorization header or QueryString, it always returns error code 403 "OAuth signature mismatch".
    I had similar problem with HTTP PUT, it return me error code 401. However GET works fine. So far I have not be successful at sending any requests which has a body.

    thanks,
    coco
    0
  • SyncContact 1.0.2 - which is an iPhone application uses OAuth for authentication for accessing Yahoo Contacts Social API. It works just as document on Yahoo Developer Network (http://developer.yahoo.com/oauth/guide/oauth-auth-flow.html). Just that we couldn't get it to work using Authorization header or HTTP Body for OAuth paramters, however, everyone works fine as stated if all the OAuth parameters are passed as query string.

    SyncContact Team
    0

Recent Posts

in OAuth General Discussion YDN SDKs