search

woocommerce / woocommerce-rest-api-js-lib

New JavaScript library for WooCommerce REST API
https://www.npmjs.com/package/@woocommerce/woocommerce-rest-api
MIT License
286 stars 75 forks source link

401 error - Invalid signature - provided signature does not match #51

Open ankkho opened 4 years ago

ankkho commented 4 years ago

Hi,

Following error gets returned when calling an endpoint.

{
code: 'woocommerce_rest_authentication_error',
message: 'Invalid signature - provided signature does not match.',
data: { status: 401 }
}

I am providing valid consumerKey and consumerSecret values. Can someone take a look?

Thanks!

climba03003 commented 4 years ago

Not enough information to investigate the issue. Can you provide more information ? For example the code you used ( key should be removed inside the code ).

ankkho commented 4 years ago

I am sending GET request to /products endpoint using this module. consumerKey and consumerSecret is provided.

const wooCom = new WooCommerceRestApi({
  url: "http://wordpress",
  consumerKey: "ck_129eca57e185677ca8dee7f3dd43ea4a113e55fa",
  consumerSecret: "cs_8efb4233ed2e19f3a393e841975d3b61bab31b96"
});

  try {
    const {data} = await wooCom.get('products')
    return data
  } catch (error) {
    console.error(error)
  }

Above is a code snippet from the handler, docker-compose is being used. Let me know if you require any other info.

I am aware keys should be removed inside the code. Currently working on my local system. :)

martin-gv commented 4 years ago

This worked for me: add queryStringAuth: true in the config. Like this:

const api = new WooCommerceRestApi({
  url: "http://example.com",
  consumerKey: "ck_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
  consumerSecret: "cs_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
  queryStringAuth: true
});
climba03003 commented 4 years ago

@ankkho After some searching, I discover that it may be the problem of mis-config of web server. Can you check your web server config on local and see if the config is right? Reference: Click Here

ankkho commented 4 years ago

Hi @climba03003,

Sorry for the late reply! Currently, I am using default '.htaccess' file provided by wordpress docker image. Also, @martin-gv adding queryStringAuth: true didn't worked for me.

const wooCom = new WooCommerceRestApi({
    url: 'http://localhost',
    port: 80,
    queryStringAuth: true,
    consumerKey: 'ck_0d45d1a0c0c5e7968b6c7cf068cf6f39b5781444',
    consumerSecret: 'cs_f0fbac716f7f64e67547de3311cc19e601ee35e3'
});

URL being generated: http://localhost:80/wp-json/wc/v3/wp-json/wc/v3/customers?oauth_consumer_key=ck_0d45d1a0c0c5e7968b6c7cf068cf6f39b5781444&oauth_nonce=soYkqVV6HwuSMzGCwHNC8wnn3xprgOOC&oauth_signature_method=HMAC-SHA256&oauth_timestamp=1586273427&oauth_version=1.0&oauth_signature=Dm5NfSKa7WQmdxjYs3UNWhW9ccUeqDVSlP6pScfNXvU%3D

Error response:

 data: {
    code: 'woocommerce_rest_authentication_error',
    message: 'Invalid signature - provided signature does not match.',
    data: { status: 401 }
  }

Thanks!

yorickkooy20 commented 4 years ago

I had the same error. Fixed this by setting the Site Address in (Wordpress general settings) the same as WordPress Address

ioandev commented 4 years ago

Like @yorickkooy20 said, make sure you use 127.0.0.1 instead of localhost.

Andres-RM commented 4 years ago

I solved the problem by adding the content type application/json to the header of the axios configuration.

{
        url: "http://localhost",
        consumerKey: "ck_6a4191390d71922ac915b32ad717dc17e2f084c8",
        consumerSecret: "cs_8019fd5fcbd519cfecdb532b7685e093abb68dd5",
        axiosConfig: {
            headers: {'Content-Type': 'application/json'},
        }
 }
CrowDz commented 3 years ago

Hello, I have the same issue, 28/12/2020 23h00 every thing was ok, 29/12/2020 00h00 nothing work, either in integration environment neither in production, i've disabled all my plugins, but stay the same problem.

$this->woocommerce = new Client( SITE_URL, PUBLIC_KEY, SECRET_KEY, [ 'wp_api' => true, 'version' => 'wc/v3', 'timeout' => API_TIMEOUT, ] );

lavahasif commented 3 years ago

Hello, I have the same issue, 28/12/2020 23h00 every thing was ok, 29/12/2020 00h00 nothing work, either in integration environment neither in production, i've disabled all my plugins, but stay the same problem.

$this->woocommerce = new Client( SITE_URL, PUBLIC_KEY, SECRET_KEY, [ 'wp_api' => true, 'version' => 'wc/v3', 'timeout' => API_TIMEOUT, ] );

did you solved

CrowDz commented 3 years ago

Hello @lavahasif, you should use HTTPS instead of HTTP, force query_string_auth to false and i think optionaly put verify_ssl to false if your certificat is selfsigned .

$this->woocommerce = new Client( SITE_URL, PUBLIC_KEY, SECRET_KEY, [ 'wp_api' => true, 'query_string_auth' => false, 'verify_ssl' => false, 'version' => 'wc/v3', 'timeout' => API_TIMEOUT ] );

lavahasif commented 3 years ago

Thank you for your fast response. I am using c# for accessing api .I f I using postman it work .so I use postman generated url including oauth key value It work 1 st request and 2nd time inavalide timestamp I add timestamp literal then it show invalid noance .so I changed noance literal this time showing invalid signature.can you any provide any example uisng oauth1 custom parameter in url

On Wed, Jan 20, 2021, 5:42 PM CrowDz notifications@github.com wrote:

Hello @lavahasif https://github.com/lavahasif, you should use HTTPS instead of HTTP, force query_string_auth to false and i think optionaly put verify_ssl to false if your certificat is selfsigned .

$this->woocommerce = new Client( SITE_URL, PUBLIC_KEY, SECRET_KEY, [ 'wp_api' => true, 'query_string_auth' => false, 'verify_ssl' => false, 'version' => 'wc/v3', 'timeout' => API_TIMEOUT ] );

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/woocommerce/woocommerce-rest-api-js-lib/issues/51#issuecomment-763563137, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFLEJSRMECPAESOCVPX3ZNDS23CBVANCNFSM4KSKOPYA .

mondalaci commented 3 years ago

None of the above suggestions worked for me when running WordPress on localhost. I patched woocommerce-api, and my forked repo works. Here's the diff.

You can npm install mondalaci/wc-api-node to use my forked package.

ikyandhi commented 3 years ago

For my case, I found the issue was due to the URL used on Postman is using www., but under WordPress > General Settings on both WordPress Address (URL) and Site Address (URL) was set without www. So, it makes sense that the signature is invalid.

jesusmariajurado commented 2 years ago

In my case the solution was the same, the url to connect must be the same configured in WordPress > Genearl Settings on WordPress Address (URL)

srflorea commented 2 years ago

I am having the same issue and none of the above solutions seem to work on my local machine. What is very weird is that sometimes the requests just work and sometimes they throw the "Invalid signature - provided signature does not match." error, without changing absolutely anything.

I am running a wordpress Docker container on my Mac computer. For calling the Woocommerce api I am using the NPM package @woocommerce/woocommerce-rest-api. The exact setup worked for that last past week without any issue. This morning started to throw this error every now an then.