0

token rejected

Hello all,

I have been trying to reach the contacts api through the following url:
GET http://social.yahooapis.com/v1/user/XD4RYW...P2YHUI/contacts

I went through the entire oAuth authorization flow uptil getting an access token and guid as mentioned here (http://developer.yahoo.com/oauth/guide/oauth-auth-flow.html).

However Iam stuck at the last step of retrieving the contact list. The request header is as follows. I created a base string(following Parameter encoding) and signed it with the key(Shared secret+ secret token duly parameter encoded) and appended the same to the request.

GET http://social.yahooapis.com/v1/user/{guid}...ASg\n\n


HTTP/1.1 401 Authorization Required\nConnection: close\nDate: Fri, 04 Dec 2009 08:04:58 GMT\nVia: HTTP/1.1 r4.ycpi.s1s.yahoo.net (YahooTrafficServer/1.17.22 [cMsSf ])\nAge: 0\nServer: YTS/1.17.22\nWWW-Authenticate: OAuth oauth_problem="token_rejected", realm="yahooapis.com"\nContent-Type: application/xml\nClient-Date: Fri, 04 Dec 2009 08:04:58 GMT\nClient-Peer: 209.73.190.208:80\nClient-Response-Num: 1\nClient-Warning: Unsupported authentication scheme 'oauth'\n\n<?xml version='1.0' encoding='UTF-8'?>\n<yahoo:error xmlns:yahoo='http://yahooapis.com/v1/base.rng'\n xml:lang='en-US'>\n <yahoo:description>Please provide valid credentials. OAuth oauth_problem="token_rejected", realm="yahooapis.com"</yahoo:description>\n</yahoo:error>\n<!-- ws139.socdir.sp2.yahoo.com uncompressed/chunked Fri Dec 4 00:04:58 PST 2009 -->\n

Here is the code snippet


my $paramHashRef = {
157 oauth_consumer_key => {hidden},
158 oauth_nonce => $nonce,
159 oauth_token => $oauth_token,
160 oauth_signature_method => "HMAC-SHA1",
161 oauth_timestamp => $timestamp,
162 oauth_version => "1.0"
163 };
164 my $content;
165 foreach my $key (sort keys %$paramHashRef){
166 my $value = parameter_encode(Encode::encode("UTF-8",$$paramHashRef{$key}));
167
168 $content .= "${key}=${value}&";
169 }
170 chop $content;
171 my $url = "http://social.yahooapis.com/v1/user/$guid/contacts?".$content;
172
173 my $data = "GET&". parameter_encode("http://social.yahooapis.com/v1/user/$guid/contacts") . "&".parameter_encode($content);
174
175 MLog::write("$_::LOG_DIR/web_contact", "data: $data ");
176
177 my $sig_key = parameter_encode(Encode::encode("UTF-8",$shared_secret)) . "&" .parameter_encode(Encode::encode("UTF-8",$oauth_secrettoken));
178 MLog::write("$_::LOG_DIR/web_contact", "seecret token: $sig_key");
179
180 my $hmac = Digest::HMAC_SHA1->new($sig_key);
181 $hmac->add($data);
182 my $signature = $hmac->b64digest;
183 $signature .= "=";
184
185 MLog::write("$_::LOG_DIR/web_contact", "signature : $signature ");
186
187 $url .= "&oauth_signature=".parameter_encode($signature);
188
189 $request = HTTP::Request->new(GET => $url);
190
191 my $ua = LWP::UserAgent->new();
193 my $res = $ua->request($request);
195 my $response = $res->content;

It would be great if anyone can point out where Iam going wrong.

Thanks!

by
5 Replies
  • Resolved the token_rejected error as follows:

    the oauth_token in my request was doubly encoded, hence I removed that from being parameter_encoded . But now I get an 'oauth_signature_invalid' error ! :(Thanks!
    0
  • Same problem.

    Invalid Token.
    0
  • Hi. I got same problem.
    token_rejected


    Did anyone solve this?

    Regards
    0
  • Same Problem.

    It seems that the PHP SDK is not complete. How to use YQL insert in PHP SDK which only supports get. Are there any way to use post?
    0
  • in fact I had the same problem with token_rejected for the access token retrieved by https://api.login.yahoo.com/oauth/v2/get_token
    a urldecode($accesstoken solved it)

    0

Recent Posts

in OAuth General Discussion YDN SDKs