Closed doremon closed 7 years ago
Hi @doremon,
Thanks for reporting this issue. We are currently investigating the issue. Will comment with any further updates on this.
Hi @doremon,
We have verified that TripIt's request_token
endpoint is functioning correctly. To simplify the process of getting a valid OAuth 1.0 access token to makes calls against TripIt API, we highly recommend that you use our python SDK - https://github.com/tripit/python_binding_v1/
I will spell out the exact steps for you bellow:
Get a request token Request
$ python get_request_token.py https://api.tripit.com 40f9e72c1a0a587225b9c0b34765ca2989d156df <consumer_secret>
Response
{'oauth_token_secret': '<token_secret>', 'oauth_token': 'adb5d9d2fd95ee4ebf04fc9fce21a8cfacaa1b04'}
Authorize the request token
Take your web-browser to https://www.tripit.com/oauth/authorize?oauth_token=<oauth_token>&oauth_callback=<oauth_callback>
_Note about <oauth_token>
: This is adb5d9d2fd95ee4ebf04fc9fce21a8cfacaa1b04
obtained in previous step_
_Note about <oauth_callback>
: This is the callback URL that TripIt will use upon successful access token authorization. This parameter is optional if you associated a URL with your application when you registered it and obtained your OAuth consumer key and secret. If you supplied a URL when you registered the application, providing this request parameter will override that value. If neither the application URL is set nor the oauth_callback parameter is supplied the user will get an error when taken to the /oauth/authorize page and will be unable to authorize the access token. It is highly encouraged that you explicitly provide an oauthcallback URL when linking to the /oauth/authorize page. Providing this URL gives you the flexibility of defining a different URL that is associated with your action on which you can provide marketing text and a description of your application and what it does.
You may see a 404 in this step (we are working on getting it resolved), however your request token will actually be authorized.
Generate the access_token and token_secret Request
$ python get_authorized_token.py https://api.tripit.com 40f9e72c1a0a587225b9c0b34765ca2989d156df <consumer_secret> adb5d9d2fd95ee4ebf04fc9fce21a8cfacaa1b04 <token_secret>
Response
{'oauth_token_secret': '<authorized_token_secret>', 'oauth_token': '6959101cd76fbaca8a4032be2f9a5c50975045a4'}
Keep this access_token / token_secret pair safe somewhere in your config file or DB
Finally, you can call our API
Hi @doremon,
What are you specifying in &oauth_callback=
Thanks,
Hi! I run what @vsejpal suggest and i'm getting the following response:
<Response><Error><code>401</code><detailed_error_code>106.100000</detailed_error_code><description>invalid token key: <TOKEN_ID></description></Error></Response>
I tried run it via example.py or via postman but getting the same error. What am I doing wrong?
@thefishermanhacker - please confirm that you are passing in the actual access token in authorization header as opposed to the literal string "<TOKEN_ID>"
?
What is the email address associated with your TripIt account, the one linked to your developer credentials?
@vsejpal the email is thefishermanhackeryahoo [at] gmail.com I'm passing the token that i'm getting when running python get_request_token.py https://api.tripit.com
@doremon, @thefishermanhacker : Couple of questions for you, Does it used to work for you before ? if yes, when did it stopped working. Also if I may know were you using same process as vivek mentioned to get the token or you were getting token in some-other way.
Your response will help us in getting to the root cause. Thanks.
@zenachaturvedi @doremon I use it for the first time I try to get tokens in away the documents explain.
Hi @thefishermanhacker, I checked your app's traffic and found that you're trying to use the request token as an access token, effectively skipping steps 2 and 3 above. You'll need to take the request token you're using, have the user authorize that request token via oauth/authorize on the web, and then exchange that request token for an access token via oauth/access_token on the API. Then, you'll be able to make API requests using that access token.
Keep in mind that request tokens only last for five minutes; this can crop up as a "gotcha" when developing if you go grab a coffee or something!