Question about oAuth GetAccessToken
suntsu
Registered Users Posts: 37 Big grins
hi,
I try to create a wp7 smugmug app, but i have some problem with the oAuth protocol.
Steps done:
1. Applied for a developer key(api key/secret) >> ok
2. Programatically called getRequestToken >> ok, response contained id and secret
3. With this auth_token id, i was able to authorize my app via http://api.smugmug.com/services/oauth/authorize.mg?oauth_token=a90d5cbbe9386a247c69f666c56d960d
4. This shows me my App under "Authorized Applications" on the smugmug website
5. Now i'm struggling with GetAccessToken
First i create a HMACSHA1 signature. The signature is build from the following parameters using OAuthBase.cs:
1. SmugMug Secure base url
2. api key
3. api secret
4. oAu0th_Token
5. oAuth_Signature
Parameters for the getAccessToken call:
method=smugmug.auth.getAccessToken&oauth_consumer_key=jvqfdJitzM1xxxxdUbwOkcCAt&oauth_nonce=9567550&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1317650088&oauth_token=a90d5cbbe9386a247c69f666c56d960d&oauth_version=1.0&oauth_signature=ADvxfRZ8uyaw0qBYkI3YcE8IaqM=
Response:
{"stat":"fail","method":"smugmug.auth.getAccessToken","code":36,"message":"invalid/expired token"}
Question:
Do you see any errors here?
When does a request_token expire?
thanks
manuel
I try to create a wp7 smugmug app, but i have some problem with the oAuth protocol.
Steps done:
1. Applied for a developer key(api key/secret) >> ok
2. Programatically called getRequestToken >> ok, response contained id and secret
3. With this auth_token id, i was able to authorize my app via http://api.smugmug.com/services/oauth/authorize.mg?oauth_token=a90d5cbbe9386a247c69f666c56d960d
4. This shows me my App under "Authorized Applications" on the smugmug website
5. Now i'm struggling with GetAccessToken
First i create a HMACSHA1 signature. The signature is build from the following parameters using OAuthBase.cs:
1. SmugMug Secure base url
2. api key
3. api secret
4. oAu0th_Token
5. oAuth_Signature
Parameters for the getAccessToken call:
method=smugmug.auth.getAccessToken&oauth_consumer_key=jvqfdJitzM1xxxxdUbwOkcCAt&oauth_nonce=9567550&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1317650088&oauth_token=a90d5cbbe9386a247c69f666c56d960d&oauth_version=1.0&oauth_signature=ADvxfRZ8uyaw0qBYkI3YcE8IaqM=
Response:
{"stat":"fail","method":"smugmug.auth.getAccessToken","code":36,"message":"invalid/expired token"}
Question:
Do you see any errors here?
When does a request_token expire?
thanks
manuel
0
Comments
I found a mistake in my error description.
I called GetAccessToken several times with the same token, but it seems such a call is only valid once.
The first time call GetAccessToken, the return message is:
{"stat":"fail","method":"smugmug.auth.getAccessToken","code":35,"message":"invalid signature"}
I've read a lot and tried almost every combination, but it always returns "invalid signature".
By chance, i've found a tool to create such an oAuth signature, and this tool returns me the same signature i create by code.
Any hints what I'm doing wrong?
cheers
manuel
News about can be found on my website.
News about can be found on my website.
SmugMug API Developer
My Photos
edit:
btw. I'm using the google oauth implementation for c#(http://oauth.googlecode.com/svn/code/csharp/OAuthBase.cs)
News about can be found on my website.