0

Signing OAuth request: signature_method_rejected

I am accessing Delicious data through OAuth. I successfully retrieved and saved access token and secret. Here is what happens when I try to use them to read data

Request:
CODE
http://api.del.icio.us/v2/posts/all
?fromdt=2010-07-10T12%3A17%3A54Z
&oauth_nonce=1508658807873905
&oauth_consumer_key=dj0yJmk9bmNoV0FWeEhucXprJmQ9WVdrOVNHVmxiMmxuTm5NbWNHbzlNQ
S0tJnM9Y29uc3VtZXJzZWNyZXQmeD01MA--
&oauth_signature_method=plaintext
&oauth_signature=ec58fc428188d15c931ae4228d46a4446f25a75d%265557a72fa306de514e0661e3f0b0aed1f49953ec
&oauth_version=1.0
&oauth_timestamp=1278765098
&xoauth_lang_pref=en-us

Response:
CODE
<?xml version='1.0' encoding='UTF-8'?>
<yahoo:error xmlns:yahoo='http://yahooapis.com/v1/base.rng'
xml:lang='en-US'>
<yahoo:description>Please provide valid credentials. OAuth oauth_problem="signature_method_rejected", realm="yahooapis.com"</yahoo:description>
</yahoo:error>
<!-- fe06.api.del.ac4.yahoo.net uncompressed/chunked Sat Jul 10 05:31:39 PDT 2010 -->


Am I missing some OAuth parameter, or is plaintext really unsopported as signature method? Documentation states otherwise: http://developer.yahoo.com/oauth/guide/oauth-signing.html

by
1 Reply
  • Hi,

    For HTTP call you are required to use HMAC-SHA1 so consumer key secret
    and the token secret are not sent in the clear.

    Thanks,
    Yu Wang
    Yahoo! Membership Team
    0

Recent Posts

in OAuth General Discussion YDN SDKs