Incorrect signature on most of the users_setStatus

[GoogleCodeExporter]

What steps will reproduce the problem?
1. Create a token, login and getSession steps are completed without an error.
2. Then users_setStatus() method is called but an
com.google.code.facebookapi.FacebookException: Incorrect signature error is
received.

What is the expected output? What do you see instead?
It should update the status without any exceptions. 

What version of the product are you using? On what operating system?
version 2.1.0 on Windows

Please provide any additional information below.

Below you can see my sample code developed on httpcomponents-client.

import com.google.code.facebookapi.FacebookException;
import com.google.code.facebookapi.FacebookXmlRestClient;
import org.apache.http.HttpEntity;
import org.apache.http.HttpException;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.protocol.HTTP;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;

public class ExtendedFacebookXmlRestClient extends FacebookXmlRestClient {
    private String loginUrl = "http://www.facebook.com/login.php";
    public static final String apiKey = "API_KEY";
    public static final String secret = "SECRET";

    public ExtendedFacebookXmlRestClient() {
        super(apiKey, secret);
    }

    public void connect() throws HttpException, IOException,
FacebookException {
        String token = auth_createToken();
        DefaultHttpClient http = new DefaultHttpClient();

        HttpGet get = new HttpGet(loginUrl + "?api_key=" + apiKey +
"&v=1.0&auth_token=" + token);

        HttpResponse response = http.execute(get);
        HttpEntity entity = response.getEntity();

        if (entity != null) {
            entity.consumeContent();
        }

        HttpPost post = new HttpPost(loginUrl);

        List<NameValuePair> parameters = new ArrayList<NameValuePair>();
        parameters.add(new BasicNameValuePair("api_key", apiKey));
        parameters.add(new BasicNameValuePair("v", "1.0"));
        parameters.add(new BasicNameValuePair("auth_token", token));
        parameters.add(new BasicNameValuePair("email", "email"));
        parameters.add(new BasicNameValuePair("pass", "password       
post.setEntity(new UrlEncodedFormEntity(parameters, HTTP.UTF_8));

        System.out.println("executing request " + post.getRequestLine());
        response = http.execute(post);
        HttpEntity resEntity = response.getEntity();

        System.out.println(response.getStatusLine());
        if (resEntity != null) {
            resEntity.consumeContent();
        }

        auth_getSession(token);

        boolean b = users_setStatus("Automatically adjusting the status!");
        System.out.println("document = " + b);
    }

    public static void main(String[] args) throws IOException,
HttpException, FacebookException {
        ExtendedFacebookXmlRestClient client = new
ExtendedFacebookXmlRestClient();
        client.connect();
    }

}

Original issue reported on code.google.com by tanerse...@gmail.com on 30 Apr 2009 at 9:08

[GoogleCodeExporter]

Any chance you could make this into a JUnit test?

Original comment by david.j....@googlemail.com on 1 May 2009 at 8:49

[GoogleCodeExporter]

Sure, I'm working on it.

Original comment by tanerse...@gmail.com on 1 May 2009 at 8:55

[GoogleCodeExporter]

You can use the following file to test it. It depends on new version 2.1.1 with
commons-httpclient-3.1. Thanks,,

import com.google.code.facebookapi.FacebookException;
import com.google.code.facebookapi.FacebookXmlRestClient;
import junit.framework.TestCase;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpState;
import org.apache.commons.httpclient.NameValuePair;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.httpclient.params.HttpClientParams;

import java.io.IOException;

public class Example extends TestCase {
    private String loginUrl = "http://www.facebook.com/login.php";
    public static final String apiKey = "API_KEY";
    public static final String secret = "SECRET";

    public Example(String name) {
        super(name);
    }

    public void testExample() throws IOException, FacebookException {
        connect("email", "password");
    }

    public void connect(String login, String password) throws IOException,
FacebookException {
        System.out.println("Connecting");
        FacebookXmlRestClient client = new FacebookXmlRestClient(apiKey, secret);
        String token = client.auth_createToken();
        System.out.println("token = " + token);

        HttpClient http = new HttpClient();
        http.setParams(new HttpClientParams());
        http.setState(new HttpState());

        GetMethod get = new GetMethod(loginUrl + "?api_key=" + apiKey +
"&v=1.0&auth_token=" + token);

        http.executeMethod(get);

        PostMethod post = new PostMethod(loginUrl);
        post.addParameter(new NameValuePair("api_key", apiKey));
        post.addParameter(new NameValuePair("v", "1.0"));
        post.addParameter(new NameValuePair("auth_token", token));
        post.addParameter(new NameValuePair("email", login));
        post.addParameter(new NameValuePair("pass", password));

        http.executeMethod(post);

        String session = client.auth_getSession(token);

        boolean b = client.users_setStatus("Testing new Java API");

        System.out.println("result = " + b);
    }

}

Original comment by tanerse...@gmail.com on 1 May 2009 at 9:45

[GoogleCodeExporter]

Is your application set to desktop mode?
http://code.google.com/p/facebook-java-api/wiki/DesktopMode

http://code.google.com/p/facebook-java-api/wiki/FAQ

Original comment by david.j....@googlemail.com on 6 May 2009 at 6:58

[GoogleCodeExporter]

Yes it is set to Desktop mode.

Original comment by tanerse...@gmail.com on 11 May 2009 at 12:36

[GoogleCodeExporter]

Well that's your problem then. Set it to Web mode.

Original comment by david.j....@googlemail.com on 11 May 2009 at 6:47

[GoogleCodeExporter]

Hi, we have another error. We setted it to Web mode but now in the line

boolean b = client.users_setStatus("Testing new Java API");

have an error. You have an idea?

Original comment by progetto...@gmail.com on 12 May 2009 at 12:30

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

I don't think it is about the mode, the case is:
- Desktop mode fails on users_setStatus() with incorrect signature failure
- Web mode fails on auth_getSession() with invalid parameter failure

Original comment by tanerse...@gmail.com on 12 May 2009 at 5:15

[GoogleCodeExporter]

Works for me in web mode. Are you SURE you're using a valid username and 
password? If 
I use an invalid username I get the error you're describing.

I do get an error, actually, but it's:
com.google.code.facebookapi.FacebookException: Updating status requires the 
extended 
permission status_update

I'm not sure how you request these additional permissions, not something I've 
done 
before.

Original comment by david.j....@googlemail.com on 12 May 2009 at 10:28

[GoogleCodeExporter]

For grant the status_update permission, you could create a new Enum called 
Permission.java in your project, 
here is the code:

/*
 * Copyright 2007, BigTribe Corporation. All rights reserved.
 *
 * This software is an unpublished work subject to a confidentiality agreement
 * and protected by copyright and trade secret law.  Unauthorized copying,
 * redistribution or other use of this work is prohibited.  All copies must
 * retain this copyright notice.  Any use or exploitation of this work without
 * authorization could subject the perpetrator to criminal and civil liability.
 * 
 * Redistribution and use in source and binary forms, with or without        
 * modification, are permitted provided that the following conditions        
 * are met:                                                                  
 *                                                                           
 * 1. Redistributions of source code must retain the above copyright         
 *    notice, this list of conditions and the following disclaimer.          
 * 2. Redistributions in binary form must reproduce the above copyright      
 *    notice, this list of conditions and the following disclaimer in the    
 *    documentation and/or other materials provided with the distribution.   
 *
 * The information in this software is subject to change without notice
 * and should not be construed as a commitment by BigTribe Corporation.
 *
 * The above copyright notice does not indicate actual or intended publication
 * of this source code.
 *
 * $Id: bigtribetemplates.xml 5524 2006-04-06 09:40:52 -0700 (Thu, 06 Apr 2006) greening $
 */

/**
 * Enum for managing the different permission-types used by Facebook.  These 
 * are opt-in permissions that the user must explicitly grant, and can only 
 * be requested one at a time.  To request that a user grant you a permission, 
 * direct them to a URL of the form:
 * 
 * http://www.facebook.com/authorize.php?api_key=[YOUR_API_KEY]&v=1.0&ext_perm=[PERMISSION NAME]
 * 
 * You can query to see if the user has granted your application a given permission using the 
 * 'users.hasAppPermission' API call.
 */
public enum Permission {
    /**
     * Permission to send SMS messages to a user
     */
    SMS_SEND("sms"),
    /**
     * Permission to update a user's status message
     */
    STATUS_UPDATE("status_update"),
    /**
     * Permission to create marketplac elistings for the user
     */
    MARKETPLACE_CREATE("create_listing"),
    /**
     * Enahnced photo-uploading permissions
     */
    PHOTO_UPLOAD("photo_upload");

    /**
     * The unchanging part of the URL to use when authorizing permissions.
     */
    public static final String PERM_AUTHORIZE_ADDR = "http://www.facebook.com/authorize.php";

    private String name;

    private Permission(String name) {
        this.name = name;
    }

    /**
     * Gets the name by which Facebook refers to this permission.  The name is what is sent in API calls 
     * and other requests to Facebook to specify the desired premission.
     * 
     * @return the Facebook name given to this permission.
     */
    public String getName() {
        return name;
    }

    /**
     * Compute the URL to which to send the user to request the extended permission.
     * 
     * @param apiKey your application's API key.
     * @param permission the permission you want the grant URL for.
     * 
     * @return a String that specifies the URL to direct users to in order to grant this permission to the 
application.
     */
    public static String authorizationUrl(String apiKey, Permission permission) {
      return authorizationUrl(apiKey, permission.getName());
    }

    private static String authorizationUrl(String apiKey, CharSequence permission) {
      return String.format("%s?api_key=%s&v=1.0&ext_perm=%s", PERM_AUTHORIZE_ADDR, apiKey, permission);
    }
}

then in your previous code you have to add these code lines:

String Url;
Url = Permission.authorizationUrl(apiKey, Permission.STATUS_UPDATE);
System.out.println(Url);

after the fist time that you run your project, copy in a browser the Url that 
you have obtained, and grant 
manually the permission in the browser. By this moment you will have the 
status_update permission.

But despite this permission, I have the error: Invalid signature when call the:

boolean b = client.users_setStatus("Testing new Java API");

For now you try to obtain the status_update permission, and then return to see 
the problem of Invalid 
signature...and then advise me :)

bye

Original comment by progetto...@gmail.com on 20 May 2009 at 3:58

[GoogleCodeExporter]

The previous post is related to the Desktop mode.

Original comment by progetto...@gmail.com on 20 May 2009 at 4:39

[GoogleCodeExporter]

Hi all,
I did as the example and it's work fine before.
but from yesterday, I got "invalid parameter" in line auth_getSession() .
can you try it?
It's crazy for me in 2days and can't figure what is happening.

Original comment by thanh.ki...@gmail.com on 19 Jun 2009 at 10:56

[GoogleCodeExporter]

I am using http client for face book login, I am able to get the auth_token and
getting  the login page using getMethod. when i posted login data,i am getting 

"Logging in and requesting a session must go through the Facebook flow." this 
message
in respond body. For facebook.auth.getSession i am geting signature failure.

Please help me.
Thanks,
Dhilip Mandava

Original comment by mandav...@gmail.com on 25 Jun 2009 at 12:52

[GoogleCodeExporter]

reference:
http://forum.developers.facebook.com/viewtopic.php?pid=152609#p152609

Original comment by thanh.ki...@gmail.com on 26 Jun 2009 at 2:36

[GoogleCodeExporter]

@ progettoSISR >> Hi, Thanks for the Permission.java file, this is now working 
for
me. I am not getting the invalid signature problem as well, though I am not 
using the
file given above (ExtendedFacebookXmlRestClient.java), instead I have a simple
program written using the initial example given in the old home page here:
http://code.google.com/p/facebook-java-api/wiki/OldHomePage

cheers,
Iris

Original comment by saguna.m...@gmail.com on 9 Aug 2009 at 7:22

[GoogleCodeExporter]

Original comment by fern...@gmail.com on 1 Nov 2009 at 1:11

• Changed state: WontFix