0

invalid signature using HMAC-SHA1 in java

I want to use yahoo contact api. So I try oauth using HMAC-SHA1 algorithm. But I fail to acquire request token.
result message : Unable to respond to any of these challenges: {oauth=OAuth oauth_problem=signature_invalid}

JAVA Source

public static final String ENCODING = "UTF-8";

public static String percentEncode(String s) {
if (s == null) {
return "";
}
try {
return URLEncoder.encode(s, ENCODING)
// OAuth encodes some characters differently:
.replace("+", "%20").replace("*", "%2A")
.replace("%7E", "~");
// This could be done faster with more hand-crafted code.
} catch (UnsupportedEncodingException wow) {
throw new RuntimeException(wow.getMessage(), wow);
}
}

public String getRequestToken() {
String url = "https://api.login.yahoo.com/oauth/v2/get_request_token";

OAuthParameters oaup = new OAuthParameters();
oaup.setOAuthCallback(callback);
oaup.setOAuthConsumerKey(key);
oaup.setOAuthConsumerSecret(secret);
oaup.setOAuthNonce(OAuthUtil.getNonce());
oaup.setOAuthTimestamp(OAuthUtil.getTimestamp());
oaup.setOAuthSignatureMethod("HMAC-SHA1");
oaup.setRealm("yahooapis.com");

String baseString = OAuthUtil.getSignatureBaseString(url, "POST", oaup.getBaseParameters());
OAuthHmacSha1Signer sgner = new OAuthHmacSha1Signer();
String signature = (sgner.getSignature(baseString, oaup));
signature = percentEncode(signature);
oaup.setOAuthSignature(signature);

Map params = new LinkedHashMap();
params.put(OAuthParameters.OAUTH_CONSUMER_KEY, oaup.getOAuthConsumerKey());
params.put(OAuthParameters.OAUTH_NONCE_KEY, oaup.getOAuthNonce());
params.put(OAuthParameters.OAUTH_SIGNATURE_METHOD_KEY, oaup.getOAuthSignatureMethod());
params.put(OAuthParameters.OAUTH_TIMESTAMP_KEY, oaup.getOAuthTimestamp());
params.put("oauth_version", "1.0");
params.put(OAuthParameters.OAUTH_SIGNATURE_KEY, oaup.getOAuthSignature());
params.put(OAuthParameters.OAUTH_CALLBACK_KEY, oaup.getOAuthCallback());

String aHeader = getAuthorizationHeader(oaup.getRealm(), params);
System.out.println("HEader " + aHeader);
Header hdr = new Header("Authorization", aHeader);

HttpClient httpClient = new HttpClient();
PostMethod method = new PostMethod(url);
method.addRequestHeader(hdr);
method.addParameter("Content-type", "application/x-www-form-urlencoded");
httpClient.executeMethod(method);
return method.getResponseBodyAsString();
}

Why response message is oauth_problem=signature_invalid?

Please help me

by
2 Replies
  • QUOTE (stager0909 @ Aug 24 2009, 04:43 AM) <{POST_SNAPBACK}>
    I want to use yahoo contact api. So I try oauth using HMAC-SHA1 algorithm. But I fail to acquire request token.
    result message : Unable to respond to any of these challenges: {oauth=OAuth oauth_problem=signature_invalid}

    JAVA Source

    public static final String ENCODING = "UTF-8";

    public static String percentEncode(String s) {
    if (s == null) {
    return "";
    }
    try {
    return URLEncoder.encode(s, ENCODING)
    // OAuth encodes some characters differently:
    .replace("+", "%20").replace("*", "%2A")
    .replace("%7E", "~");
    // This could be done faster with more hand-crafted code.
    } catch (UnsupportedEncodingException wow) {
    throw new RuntimeException(wow.getMessage(), wow);
    }
    }

    public String getRequestToken() {
    String url = "https://api.login.yahoo.com/oauth/v2/get_request_token";

    OAuthParameters oaup = new OAuthParameters();
    oaup.setOAuthCallback(callback);
    oaup.setOAuthConsumerKey(key);
    oaup.setOAuthConsumerSecret(secret);
    oaup.setOAuthNonce(OAuthUtil.getNonce());
    oaup.setOAuthTimestamp(OAuthUtil.getTimestamp());
    oaup.setOAuthSignatureMethod("HMAC-SHA1");
    oaup.setRealm("yahooapis.com");

    String baseString = OAuthUtil.getSignatureBaseString(url, "POST", oaup.getBaseParameters());
    OAuthHmacSha1Signer sgner = new OAuthHmacSha1Signer();
    String signature = (sgner.getSignature(baseString, oaup));
    signature = percentEncode(signature);
    oaup.setOAuthSignature(signature);

    Map params = new LinkedHashMap();
    params.put(OAuthParameters.OAUTH_CONSUMER_KEY, oaup.getOAuthConsumerKey());
    params.put(OAuthParameters.OAUTH_NONCE_KEY, oaup.getOAuthNonce());
    params.put(OAuthParameters.OAUTH_SIGNATURE_METHOD_KEY, oaup.getOAuthSignatureMethod());
    params.put(OAuthParameters.OAUTH_TIMESTAMP_KEY, oaup.getOAuthTimestamp());
    params.put("oauth_version", "1.0");
    params.put(OAuthParameters.OAUTH_SIGNATURE_KEY, oaup.getOAuthSignature());
    params.put(OAuthParameters.OAUTH_CALLBACK_KEY, oaup.getOAuthCallback());

    String aHeader = getAuthorizationHeader(oaup.getRealm(), params);
    System.out.println("HEader " + aHeader);
    Header hdr = new Header("Authorization", aHeader);

    HttpClient httpClient = new HttpClient();
    PostMethod method = new PostMethod(url);
    method.addRequestHeader(hdr);
    method.addParameter("Content-type", "application/x-www-form-urlencoded");
    httpClient.executeMethod(method);
    return method.getResponseBodyAsString();
    }

    Why response message is oauth_problem=signature_invalid?

    Please help me

    Has not been solved yet. This problem is not that people know about?
    Please help me
    0
  • Has not been solved yet. This problem is not that people know about?
    Please help me
    0

Recent Posts

in OAuth General Discussion YDN SDKs