[oauth] invalid sinature problem

Tue, 25 Aug 2009 09:09:04 -0700 

I want to use yahoo contact api. So I try oauth using HMAC-SHA1
algorithm. But I fail to acquire request token.
result message : Unable to respond to any of these challenges:
{oauth=OAuth oauth_problem=signature_invalid}

package com.naver.address.web.action.ext;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Map;

import org.apache.commons.httpclient.Header;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.methods.GetMethod;

import com.google.gdata.client.authn.oauth.OAuthException;
import com.google.gdata.client.authn.oauth.OAuthHmacSha1Signer;
import com.google.gdata.client.authn.oauth.OAuthParameters;
import com.google.gdata.client.authn.oauth.OAuthUtil;

public class YahooTest {
        static String key = "";
        static String secret = "";
        static String callback = "";
        static private String requestUrl = "https://api.login.yahoo.com/oauth/
v2/get_request_token";
        /**
         * @param args
         * @throws OAuthException
         * @throws IOException
         */
        @SuppressWarnings("unchecked")
        public static void main(String[] args) throws OAuthException,
IOException {
                OAuthParameters oaup = new OAuthParameters();
                oaup.setOAuthCallback(callback);
                oaup.setOAuthConsumerKey(key);
                oaup.setOAuthConsumerSecret(secret);
                oaup.setOAuthNonce(OAuthUtil.getNonce());
                oaup.setOAuthTimestamp(OAuthUtil.getTimestamp());
                oaup.setOAuthSignatureMethod("HMAC-SHA1");
                oaup.setRealm("yahooapis.com");

                String baseString = OAuthUtil.getSignatureBaseString(requestUrl,
"GET", oaup
                                .getBaseParameters());

                OAuthHmacSha1Signer sgner = new OAuthHmacSha1Signer();
                String signature = (sgner.getSignature(baseString, oaup));

                oaup.setOAuthSignature(signature);

                Map params = new LinkedHashMap();
                params.put(OAuthParameters.OAUTH_CONSUMER_KEY,
oaup.getOAuthConsumerKey());
                params.put(OAuthParameters.OAUTH_SIGNATURE_METHOD_KEY, oaup
                                .getOAuthSignatureMethod());
                params.put(OAuthParameters.OAUTH_SIGNATURE_KEY,
oaup.getOAuthSignature());
                params.put(OAuthParameters.OAUTH_TIMESTAMP_KEY, oaup
                                .getOAuthTimestamp());
                params.put(OAuthParameters.OAUTH_NONCE_KEY, 
oaup.getOAuthNonce());
                params.put("oauth_version", "1.0");

                params.put(OAuthParameters.OAUTH_CALLBACK_KEY, 
oaup.getOAuthCallback
());

                String aHeader = getAuthorizationHeader(oaup.getRealm(), 
params);
                System.out.println("HEader " + aHeader);
                Header hdr = new Header("Authorization", aHeader);

                HttpClient httpClient = new HttpClient();
                GetMethod method = new GetMethod(requestUrl);
                method.addRequestHeader(hdr);
                method.addRequestHeader("content-type", "application/x-www-form-
urlencoded");
                httpClient.executeMethod(method);
                System.out.println(method.getResponseBodyAsString());
        }

        public static String percentEncode(String s) {
                if (s == null) {
                        return "";
                }
                try {
                        return URLEncoder.encode(s, "UTF-8")
                                        // OAuth encodes some characters 
differently:
                                        .replace("+", "%20").replace("*", "%2A")
                                        .replace("%7E", "~");
                        // This could be done faster with more hand-crafted 
code.
                } catch (UnsupportedEncodingException wow) {
                        throw new RuntimeException(wow.getMessage(), wow);
                }
        }

        /**
         * Construct a WWW-Authenticate or Authentication header value,
containing
         * the given realm plus all the parameters whose names begin with
"oauth_".
         */
        @SuppressWarnings("unchecked")
        public static String getAuthorizationHeader(String realm, Map
parameters) throws IOException {
                StringBuilder into = new StringBuilder();
                if (realm != null) {
                        into.append(" 
realm=\"").append(percentEncode(realm)).append('"');
                }
                if (parameters != null) {
                        for (Iterator iterator = 
parameters.entrySet().iterator();
iterator.hasNext();) {
                                Map.Entry parameter = (Map.Entry) 
iterator.next();
                                String name = parameter.getKey().toString();
                                if (name.startsWith("oauth_")) {
                                        if (into.length() > 0) 
into.append(",\n");
                                        into.append(" ");
                                        
into.append(percentEncode(name)).append("=\"");
                                        
into.append(percentEncode(parameter.getValue().toString())).append
('"');
                                }
                        }
                }
                return "OAuth \n" + into.toString();
        }

}

Of course, I have consumer key, secret, callbak

please help me

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"OAuth" group.
To post to this group, send email to oauth@googlegroups.com
To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/oauth?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to