To access a secure resource, like those in /api/v1/user, you have to login. After clicking the large, orange login button, instead of the login screen the user is greeting with this text: OAuth error. Invalid signature. Expected signature base string: GET&https%3A%2F%2Fwww.khanacademy.org%2Fapi%2Fauth%2Frequest_token&oauth_callback%3Dhttps%253A%252F%252Fapi-explorer.khanacademy.org%252Foauth_callback%252Fapi%252Fv1%252Fuser%26oauth_consumer_key%3D2L5KXYfv8vysj8Ws%26oauth_nonce%3D48874096%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1563636404%26oauth_version%3D1.0
This is because the server_url variable in secrets.py is using http instead of https.
Note that while this change will help future users get the program running on a local machine, current users will have to modify their build by making the change in their current secrets.py file. This is especially true for the app at https://api-explorer.khanacademy.org/.
To access a secure resource, like those in
/api/v1/user
, you have to login. After clicking the large, orange login button, instead of the login screen the user is greeting with this text:OAuth error. Invalid signature. Expected signature base string: GET&https%3A%2F%2Fwww.khanacademy.org%2Fapi%2Fauth%2Frequest_token&oauth_callback%3Dhttps%253A%252F%252Fapi-explorer.khanacademy.org%252Foauth_callback%252Fapi%252Fv1%252Fuser%26oauth_consumer_key%3D2L5KXYfv8vysj8Ws%26oauth_nonce%3D48874096%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1563636404%26oauth_version%3D1.0
This is because the
server_url
variable in secrets.py is usinghttp
instead ofhttps
.Note that while this change will help future users get the program running on a local machine, current users will have to modify their build by making the change in their current secrets.py file. This is especially true for the app at https://api-explorer.khanacademy.org/.