0

oauth process not working well ( [oauth_problem] => signature_invalid )

hello all,

for the last 10 hours i am breaking my head trying to fetch emails from yahoo email service.

i will describe my script flow and please if you think you can help me i will be grateful:

first i will mention that i am using this guide:
http://developer.yahoo.com/oauth/guide/oauth-auth-flow.html

1- i got myself consumerKey and secret
2- i downloaded OAuth.php class and ymclinet php class. (i think they are broken sad.gif )
3- i created a script that looks like this:
index.php:
CODE
require_once 'yMailClient.inc';
require_once 'yahooOAuth.class.inc';

$ymc = new YMClient($key,$secret);
$callBackUrl = "http://MYWEBSITEURL/CallBackUrl.php?service=yahoo";
$requestToken = $ymc->oauth_get_request_token($callBackUrl);

the response from this call is this:

CODE
Array
(
[0] => Array
(
[oauth_token] => SMALL_TOKEN
[oauth_token_secret] => SECRET_STRING_RESPONSE
[oauth_expires_in] => 3600
[xoauth_request_auth_url] => https://api.login.yahoo.com/oauth/v2/request_auth?oauth_token=SMALL_TOKEN
[oauth_callback_confirmed] => true
)

[1] => https://api.login.yahoo.com/oauth/v2/request_auth?oauth_token=SMALL_TOKEN
)

i am now building the callbackUrl with the secret value:
CODE
$requestUrl 	= $requestToken[0]['xoauth_request_auth_url'].'&s='.urlencode($requestToken[0]['oauth_token_secret']);


i redirect the script to here $requestUrl value; https://api.login.yahoo.com/oauth/v2/reques...;s=SECRET_TOKEN

this open the yahoo authentication page.
the user enter his yahooId and password then press on sign in button
(in IE i am getting script error after the click)
CODE
Line: 607
Error: Object required

the next page display "agree" button and the script jump to my callbackUrl.php script after a click

in my callBackUrl script i do this:

CODE
require_once 'yMailClient.inc';
require_once 'yahooOAuth.class.inc';
$tokens = array('oauth_token'=> get_arg('oauth_token'),'oauth_token_secret'=>get_arg('s'),'oauth_verifier'=> get_arg('oauth_verifier'));
$ymc = new YMClient($emailServiceData[$service]['key'],$emailServiceData[$service]['secret']);
$accessToken = $ymc->oauth_get_access_token($tokens);
print_r($accessToken);


the response is always this sad.gif :
YMClientException: Access token request failed

what can i do? where i can check why the request failed?

i think my main error was using this pre made class.

google also using oauth with their API it went realy smooth

thanks
Elad

by
9 Replies
  • Hi Elad,

    Can you please provide the consumer key here? We first need to make sure
    your consumer key indeed can access the Mail API.

    Thanks,
    Yu Wang
    Yahoo! Membership Team
    0
  • hello Yu Wang

    thanks for the fast reply,

    here is my consumer key:
    dj0yJmk9dHZpdmF6d1V5NlB2JmQ9WVdrOU5qVmhiMGQ2TXpZbWNHbzlNVGcyT0Rrd05EUTJNZy0tJnM9
    Y29uc3VtZXJzZWNyZXQmeD1hMw--

    when i opened the key i requested write and read access.

    thanks
    Elad.
    0
  • hello,
    something that is not clear to me with the flow,
    in index.php i do
    CODE
    $ymc = new YMClient($key,$secret);
    $requestToken = $ymc->oauth_get_request_token('CALLBACK_URL_SCRIPT');

    in CALLBACK_URL_SCRIPT i do this:
    CODE
    $tokens = array('oauth_token'=>$_GET['oauth_token'],'oauth_verifier'=>$_GET['oauth_verifier']);
    $ymc = new YMClient($key,$secret);
    $accessToken = $ymc->oauth_get_access_token($tokens);


    what i dont understand is where is the secret go to???
    in oauth_get_access_token method there is a $tok['oauth_token_secret']
    but where is the oauth_token_secret should come from ???

    thanks
    Elad
    0
  • Hi Elad,

    Your consumer key looks good. In fact, from your original description,
    you've already completed the OAuth authorization flow successfully once
    Yahoo! redirects the user to your callback URL.

    Now the part that fails is on how you construct the request to the Mail
    API. The oauth_token_secret is the one you got after calling
    /oauth/v2/get_token. The secret is used to sign your request to the Mail
    API.

    You can check the following document for example:
    http://developer.yahoo.com/oauth/guide/oauth-signing.html

    Thanks,
    Yu Wang
    0
  • QUOTE (omiga @ Apr 14 2010, 09:53 AM) <{POST_SNAPBACK}>
    Hi Elad,

    Your consumer key looks good. In fact, from your original description,
    you've already completed the OAuth authorization flow successfully once
    Yahoo! redirects the user to your callback URL.

    Now the part that fails is on how you construct the request to the Mail
    API. The oauth_token_secret is the one you got after calling
    /oauth/v2/get_token. The secret is used to sign your request to the Mail
    API.

    You can check the following document for example:
    http://developer.yahoo.com/oauth/guide/oauth-signing.html

    Thanks,
    Yu Wang


    amm thank mr Wang for you reply,

    if i understood the process i am 100% sure i didn't complete oauth process in fact
    after yahoo redirect the user to my callback script i still need to get the acess token no?

    i think the libraray i am using is broken because the method oauth_get_access_token needs oauth_secret but i dont have it in the callback script
    please direct me to a working script that you guys have

    i have another 2 questions if you dont mind

    is yahoo mail API still support new bbauth application?
    is it possible to modify an success URL in existing (bbauth) application?

    thanks Elad
    0
  • Hi Elad,

    Sorry I missed one point: After user going back to your callback URL,
    you need to call the OAuth get_token end point to get the access
    token and access token secret.

    You can try the complete example from this file:
    http://github.com/michaelcurtis/ymailphp/b...aster/README.md

    I tried this myself and I can get access token and access token
    secret. However I do see some issue with the Mail API itself and
    am getting touch with the team that maintains the API to see
    why it fails.

    As to BBAuth, it is still supported but deprecated:
    http://developer.yahoo.com/mail/docs/user_guide/index.html

    We encourage you to use OAuth and will help you to go through
    the process.

    Currently we don't support updating the Success URL for BBAuth.
    Since we encourage developers to use OAuth instead, it is unlikely
    that we would do any enhancement to BBAuth.

    Thanks,
    Yu Wang
    0
  • Hi Elad,

    There was some problem with the YID I used. It works fine
    after I switch to another YID. To summarize, accessing the Mail API
    through OAuth should work and the sample code provided on YDN
    is good.

    I would suggest you try the complete example from the following
    file:
    http://github.com/michaelcurtis/ymailphp/b...aster/README.md

    Thanks,
    Yu Wang
    0
  • thanks for the support i finally mange to get a success token.

    my problem was as i describe above with the flow,

    the callback url is not flexible in yahoo (in appose to google) so i had a problem passing the oauth_token_secret that i got from request token call.
    my brain lock on passing the oauth_token_secret via the url,

    but the real solution is to pass it in a cookie and now it works.

    the second step is to fetch emails so cross fingers for me

    thanks
    Elad
    0
  • Hi Elad,

    Please let us know if you still have any problem with the Mail API through
    OAuth.

    Thanks,
    Yu Wang
    0

Recent Posts

in OAuth General Discussion YDN SDKs