AlvAChristina / oauth-signpost

Automatically exported from code.google.com/p/oauth-signpost
0 stars 0 forks source link

two-legged OAuth #66

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
Hello,
I have a question about doing two-legged OAuth authentification. 
I implemented a rest API and OAUTH 2 legs in the server side.
I want to sign my request using a Java library, so I tried signpost. 
I have a valid consumerKey and consumerSecret, but when I ran my test I get a 
401 response code whith the following message : Authorization Required.
Here is a sample code of my client : 

    private OAuthConsumer consumer;

    public LiveClient(String consumerKey, String consumerSecret) {
        this.consumer = new DefaultOAuthConsumer(consumerKey, consumerSecret);
        this.consumer.setTokenWithSecret(null, ""); 
        this.consumer.setMessageSigner(new HmacSha1MessageSigner());  
        this.consumer.setTokenWithSecret(consumerKey, consumerSecret);
    }

    public void sendRequest(String strUrl) 
    throws MalformedURLException, OAuthMessageSignerException, OAuthExpectationFailedException, OAuthCommunicationException, IOException {

        URL url = new URL(strUrl);
        HttpURLConnection request = (HttpURLConnection) url.openConnection();

        // sign the request (consumer is a Signpost DefaultOAuthConsumer)
        consumer.sign(request);     

        // send the request
        request.connect(); 
.....

What I'm doing wrong? Any Ideas please?

Regards.

Original issue reported on code.google.com by amin.sa...@gmail.com on 18 Jan 2011 at 4:50

GoogleCodeExporter commented 8 years ago
try this.consumer.setTokenWithSecret("", "");
I suspect that setTokenWithSecret(null, anything) do not send/compute key with 
oauth_token parameter which would be the case even if token value is empty.

Original comment by guillaum...@gmail.com on 26 Apr 2011 at 10:10

GoogleCodeExporter commented 8 years ago
If you want to send blank tokens (you can do that, and some service providers 
expect it), I believe there's a method on OAuthConsumer called 
setSendEmptyTokens(boolean) to do that. Otherwise null or empty tokens will 
result in the oauth_token parameter to never be sent at all.

Original comment by m.kaepp...@gmail.com on 26 Apr 2011 at 11:05

GoogleCodeExporter commented 8 years ago
Also, use the mailing lists to ask questions, this is the issue tracker.

Original comment by m.kaepp...@gmail.com on 26 Apr 2011 at 11:05