Newbie: Ruby, OAuth

fitter manfitter man Registered Users Posts: 9 Beginner grinner
edited November 23, 2013 in SmugMug API Support & Integrations
I'm just starting to mess around with the API. I'm hoping to write something in ruby that will do a bulk update of captions for images in an account.

I'm getting hung up on the use of OAuth and am using the oauth gem but I'm having a hard time wrapping my head around how OAuth is going work without a browser. For the moment I'd be fine hard-coding my credentials in to get the thing working and worry about that later.

My sample code looks like this. My questions follow the code
require 'rubygems'
require 'oauth'
  
@consumer = OAuth::Consumer.new(ENV['SMUGMUG_API_KEY'],
                                ENV['SMUGMUG_API_SECRET'],
                                { :site => "http://api.smugmug.com",
                                  :scheme => :query_string,
                                  :request_token_path => "/services/oauth/getRequestToken.mg",
                                  :access_token_path  => "/services/oauth/getAccessToken.mg",
                                  :authorize_path     => "/services/oauth/authorize.mg"
                                })

@consumer.http.set_debug_output($stdout) 

@request_token = @consumer.get_request_token
@access_token = @request_token.get_access_token

The output of this session is shown below, with some values replaced with "<OMITTED>" where I have scrubbed them out.
opening connection to api.smugmug.com...
opened
<- "POST /services/oauth/getRequestToken.mg?oauth_callback=oob&oauth_nonce=KG5crViraAQE3is9XVv6g9lC0oOjrVwZqzVr04Sd4I&oauth_timestamp=1385241479&oauth_signature_method=HMAC-SHA1&oauth_version=1.0&oauth_consumer_key=<OMITTED>&oauth_body_hash=2jmj7l5rSw0yVb%2FvlWAYkK%2FYBwk%3D&oauth_signature=EdY6oxtvjQbHcwlmdwJXV8ALqIE%3D HTTP/1.1\r\nContent-Length: 0\r\nConnection: close\r\nUser-Agent: OAuth gem v0.4.7\r\nAccept: */*\r\nHost: api.smugmug.com\r\n\r\n"
-> "HTTP/1.1 200 OK\r\n"
-> "Cache-Control: private, max-age=1, must-revalidate\r\n"
-> "Content-Type: text/html; charset=utf-8\r\n"
-> "Expires: Sat, 23 Nov 2013 21:18:00 GMT\r\n"
-> "Server: Apache\r\n"
-> "X-Extra: 0.03654\r\n"
-> "X-Powered-By: SmugMug/1.0\r\n"
-> "X-S: 100.10.215:11638\r\n"
-> "X-SmugMug-Hiring: How to love what you do: http://www.smugmug.com/jobs/\r\n"
-> "X-SmugMug-Values: 2/4 - Love your employees\r\n"
-> "X-TTFB: 0.0426\r\n"
-> "X-TTFB-L: 128\r\n"
-> "X-UA-Compatible: IE=edge\r\n"
-> "Date: Sat, 23 Nov 2013 21:17:59 GMT\r\n"
-> "Transfer-Encoding:  chunked\r\n"
-> "Connection: close\r\n"
-> "Connection: Transfer-Encoding\r\n"
-> "Set-Cookie: SMSESS=f4cf45295399414ea2747ca75f7925af; path=/; domain=.smugmug.com; HttpOnly\r\n"
-> "Set-Cookie: SMSESS=2f58844d18d212dbeade9c6dc8e783cd; path=/; domain=.smugmug.com; HttpOnly\r\n"
-> "Set-Cookie: _ss=mBvxJMMQV%2Fn1zj%2FC3bzVA4inuhQ9IbUdmE3YD4ZpfFD3a2SDXhuT%2Fw%3D%3D; expires=Sun, 24-Nov-2013 22:17:59 GMT; path=/; domain=.smugmug.com\r\n"
-> "Set-Cookie: _ss=tu7n8Qrt7FA9FP%2FF%2BHNyTmQ8HCQhYSRgnNzaTiVb2XD1dzGv16XFqw%3D%3D; expires=Sun, 24-Nov-2013 22:17:59 GMT; path=/; domain=.smugmug.com\r\n"
-> "\r\n"
-> "00000080\r\n"
reading 128 bytes...
-> "oauth_token=8ae04d01a8f51c534b6946c4d4e20290&oauth_token_secret=<OMITTED>"
read 128 bytes
reading 2 bytes...
-> "\r\n"
read 2 bytes
-> "00000000\r\n"
-> "\r\n"
Conn close
opening connection to api.smugmug.com...
opened
<- "POST /services/oauth/getAccessToken.mg?oauth_nonce=5k52YB0P2t8CpJR7xkJIhSsuEUE9Ggd0mtXYrMbQ2U&oauth_timestamp=1385241480&oauth_signature_method=HMAC-SHA1&oauth_version=1.0&oauth_consumer_key=<OMITTED>&oauth_token=8ae04d01a8f51c534b6946c4d4e20290&oauth_body_hash=2jmj7l5rSw0yVb%2FvlWAYkK%2FYBwk%3D&oauth_signature=sixgJkX59hdjRO6DUHYVvQpeBf8%3D HTTP/1.1\r\nContent-Length: 0\r\nConnection: close\r\nUser-Agent: OAuth gem v0.4.7\r\nAccept: */*\r\nHost: api.smugmug.com\r\n\r\n"
-> "HTTP/1.1 401 Unauthorized\r\n"
-> "Cache-Control: private, max-age=1, must-revalidate\r\n"
-> "Content-Encoding: gzip\r\n"
-> "Content-Type: text/html; charset=utf-8\r\n"
-> "Expires: Sat, 23 Nov 2013 21:18:00 GMT\r\n"
-> "Server: Apache\r\n"
-> "Vary: Accept-Encoding\r\n"
-> "X-Extra: 0.02748\r\n"
-> "X-Powered-By: SmugMug/1.0\r\n"
-> "X-S: 100.12.164:7607\r\n"
-> "X-SmugMug-Hiring: How to love what you do: http://www.smugmug.com/jobs/\r\n"
-> "X-SmugMug-Values: 4/4 - It's the product, stupid\r\n"
-> "X-TTFB: 0.0312\r\n"
-> "X-TTFB-L: 21\r\n"
-> "X-UA-Compatible: IE=edge\r\n"
-> "Content-Length: 41\r\n"
-> "Date: Sat, 23 Nov 2013 21:17:59 GMT\r\n"
-> "Connection: close\r\n"
-> "Set-Cookie: SMSESS=94606debaf7723262042300a42c46b5f; path=/; domain=.smugmug.com; HttpOnly\r\n"
-> "Set-Cookie: SMSESS=e5b46d76941fdc77697ba7782dbf46b1; path=/; domain=.smugmug.com; HttpOnly\r\n"
-> "Set-Cookie: _ss=aN4U7uVbvW7mCVFQaUAaU2tt4UMpM6lL8%2FYK0TeKRC3pjsEEJsmEHg%3D%3D; expires=Sun, 24-Nov-2013 22:17:59 GMT; path=/; domain=.smugmug.com\r\n"
-> "Set-Cookie: _ss=qdcHm%2ByaPtdY5adw84qRkHStMmiTOuRkCt8SepzmMz7QOec7iJGpig%3D%3D; expires=Sun, 24-Nov-2013 22:17:59 GMT; path=/; domain=.smugmug.com\r\n"
-> "\r\n"
reading 41 bytes...
-> "\037\213\b\000\000\000\000\000\000\003\313\314+K\314\311L\321O\255(\310,JMQ(\311\317N\315\003\000h\205SW\025\000\000\000"
read 41 bytes
Conn close
/Library/Ruby/Gems/1.8/gems/oauth-0.4.7/lib/oauth/consumer.rb:216:in `token_request': 401 Unauthorized (OAuth::Unauthorized)
	from /Library/Ruby/Gems/1.8/gems/oauth-0.4.7/lib/oauth/tokens/request_token.rb:18:in `get_access_token'
	from ./interact.rb:18

The end result is that I'm getting a 401 (not authorized), but I'm trying to figure out if I'm skipping some very basic step here. For example, with a headless app, how can I inject the user authorization portion of the OAuth transaction.
Sign In or Register to comment.