Josh, I owe you a beer.
I was able to figure out the problem looking at the base string sent
to the server from the client, and the one the server generated
itself.
In practice I was doing the following: GET myserver/foo.json?page=1
and I was using
query = '/foo.json?page=1'
client.get(query, access_token)
But there's a problem here. If you remember how my client library
looks like [1], the GET function does not pass any parameter to
OAuthRequest.from_consumer_and_token, so the signature generated did
not include page=1, which the server expected instead.
So I modified the code of GET to also send the parameters, and then I
was doing the following:
query = '/foo.json'
parameters = {'page': page }
client.get(query, parameters, access_token)
This time the signature was built correctly, but the page param was
not sent along with the url, so there was again a mismatch.It turned
out I have to set the parameters also in the url:
query = '/foo.json?page=' + page
parameters = {'page': page }
client.get(query, parameters, access_token)
It took me 3 days to figure out this thing. In my opinion the oauth
library should set the parameters itself to avoid confusion.
Unfortunately I'm not very experienced with python so I don't know how
to make a patch at this moment.
Thanks again for your help.
Cheers,
Oscar
[1] http://gist.github.com/204165
On Oct 7, 6:25 pm, Josh Roesslein <jroessl...@gmail.com> wrote:
> From the code at line 37, I believe you should be using self.authority
> instead of self.host.
> You must include the port unless it is 80 or 443 (section 9.1.2).
> If the server is using a different base string then that would cause
> the signature not matching.
> Make sure the URLs are the same both for the client and server.
>
> If I notice anything else I'll let you know.
>
> Josh
>
> On Wed, Oct 7, 2009 at 11:14 AM, Oscar Del Ben <thehcdrea...@gmail.com> wrote:
>
>
>
>
>
> > I'll try your code tomorrow.
>
> > Anyways, this is what I use [1]. The problem seems to be when I get or
> > post to the server with the access token because the server can't
> > validate the request. In particular it doesn't match the signature.
>
> > What I would do is this:
>
> > access_token = web.cookies().get('access_token') // oauth_token_secret
> > %3D2Df6x2SrJMgKYFtgTCT2d8As8GvGvIM8kZZAO7Vt%26oauth_token
> > %3DYOttwT0ok7CNm8yMYLXA
>
> > client.get('/path', access_token)
>
> > Oscar
>
> > [1]http://gist.github.com/204165
>
> > On Oct 7, 5:52 pm, Josh Roesslein <jroessl...@gmail.com> wrote:
> >> I use the library in my twitter python library. You can view the code
> >> for my oauth handler here [1].
> >> The code is pretty simple. The apply_auth method is where I build the
> >> headers for the resource
> >> request. Let me know if you have any questions.
>
> >> If you could post a link to your client code using the library I could
> >> offer to look at it.
>
> >> Josh
>
> >> [1]http://github.com/joshthecoder/tweepy/blob/master/tweepy/auth.py
>
> >> On Wed, Oct 7, 2009 at 2:10 AM, Oscar Del Ben <thehcdrea...@gmail.com>
> >> wrote:
>
> >> > Hi Josh and thanks for your reply. Our SP is currently used by another
> >> > client application written in ruby and it's actually working. Do you
> >> > have any code to share or do you know where I can find an example? I
> >> > know about the example in the library itself, but it's not working for
> >> > me.
>
> >> > On Oct 7, 5:54 am, Josh Roesslein <jroessl...@gmail.com> wrote:
> >> >> Hi Oscar,
>
> >> >> The python library in the OAuth SVN is 1.0a compliant. I have
> >> >> successfully used it on Twitter (which uses 1.0a)
> >> >> without issues. Has your SP implementation been tested with other
> >> >> OAuth libraries? Perhaps there is a bug in your
> >> >> SP server code.
>
> >> >> Best of luck,
>
> >> >> Josh
>
> >> >> On Tue, Oct 6, 2009 at 8:04 AM, Oscar Del Ben <thehcdrea...@gmail.com>
> >> >> wrote:
>
> >> >> > Hi, I'm using the module oauth which can be found at
> >> >> >http://oauth.googlecode.com/svn/code/python/oauth/tobuilda simple
> >> >> > client we built. The problem is that I'm not sure if that library
> >> >> > support oauth 1.0a
>
> >> >> > I used the example
> >> >> > athttp://apiwiki.justin.tv/mediawiki/index.php/Justin.tv_Python_Client_...
> >> >> > to develop a first version of my client and I am able to get an access
> >> >> > token back from the provider, however when I try to access private
> >> >> > data my request does not pass the signature control.
>
> >> >> > Since I am in control of the provider server (which is not built in
> >> >> > python) I have tried to figure out what was happening but without any
> >> >> > result and I would like to know if someone knows of a simple oauth
> >> >> > client 1.0a that I can use in my python application.
>
> >> >> > Many thanks,
>
> >> >> > Oscar
>
> >> --
> >> Josh
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"OAuth" group.
To post to this group, send email to oauth@googlegroups.com
To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/oauth?hl=en
-~----------~----~----~----~------~----~------~--~---
