Error when using the Upload API: "The remote server returned an error: (401) Unauthorized."

JakeCJakeC BostonRegistered Users Posts: 2 Beginner grinner
I am trying to use the https://upload.smugmug.com/ API to upload an image to a gallery, but I'm getting a "The remote server returned an error: (401) Unauthorized." error message when sending the POST request. I have an access token and I'm building the authorization header like so:

HttpWebRequest request = (HttpWebRequest)WebRequest.Create("https://upload.smugmug.com/");
authString = "oauth_consumer_key=[CONSUMER_KEY], oauth_nonce=" + GetNonce() + ", oauth_signature='[CONSUMER_SECRET]', oauth_signature_method='HMAC-SHA1', oauth_timestamp=" + GetTimeStamp() + ", oauth_token='[ACCESS_TOKEN]', oauth_token_secret='[ACCESS_TOKEN_SECRET]', oauth_version='1.0'"; request.Headers.Add("Authorization", authHeader);

I'm also building the rest of the headers like so:

request.Headers.Add("X-Smug-AlbumUri", "/api/v2/album/ABLUMKEY");
request.Headers.Add("X-Smug-AlbumID", "ALBUMID");
request.Headers.Add("X-Smug-ResponseType", "JSON");
request.Headers.Add("X-Smug-Version", "v2");
request.Headers.Add("X-Smug-Caption", tbCaption.Text); //Caption
request.Headers.Add("X-Smug-FileName", Request.Files[0].FileName);

request.ContentType = "application/x-www-form-urlencoded";
request.Method = "POST";
request.Headers.Add("Authorization", authHeader);
request.Accept = "application/json";

try
{
//Get Request Stream
var image = System.Drawing.Image.FromStream(Request.Files[0].InputStream);
var dataStream = ConvertImageToByteArray(image);

Stream newStream = request.GetRequestStream();
newStream.Write(dataStream, 0, dataStream.Length);
newStream.Close();
//END - Get Request Stream


var httpResponse = (HttpWebResponse)request.GetResponse();

string output = string.Empty;

using (var streamReader = new StreamReader(httpResponse.GetResponseStream()))
{
var result = streamReader.ReadToEnd();
}
}
Tagged:

Comments

  • JakeCJakeC BostonRegistered Users Posts: 2 Beginner grinner
    Also, The purpose of my project is be able to upload images from my desktop via the API to an existing album. Does it look like I'm missing anything?
  • gibertigiberti SmugMug Engineering Director Registered Users Posts: 19 Big grins

    I realize this is probably too little too late, but your signature process is incorrect. The parameters that are included and the order they are in matters when generating the signature hash (which is then added to the authorization) all matter.

    There is a lot of documentation about Oauth 1.0a and how to create a signed authorization header for a request, but it's often easier to use an existing open source library for the language you are developing on instead of trying to create one yourself since minor variations will result in an invalid signature.

    APIv2 and OAuth are your friend! Having issues? Just ask, I can help!
Sign In or Register to comment.