Options
Invalid permissions when calling smugmug.albums.create
dlado
Registered Users Posts: 11 Big grins
Hi All,
I'm having issues when adding albums. It returns me the following XML:
<?xml version="1.0" encoding="utf-8"?>
<rsp stat="fail"><method>smugmug.albums.create</method><err code="34" msg="invalid permissions"/></rsp>
I try to change the authorization parameters of my application in the control panel but it is not allowing me to change.
I've not tested upload images but I assume I'll have the same issue.
I'm using v 1.2.2 of Smugmug api (with oAuth) and I call the API using .NET through REST.
Could anyone assist me on this issue?
Thanks in advance!
Damian Lado
I'm having issues when adding albums. It returns me the following XML:
<?xml version="1.0" encoding="utf-8"?>
<rsp stat="fail"><method>smugmug.albums.create</method><err code="34" msg="invalid permissions"/></rsp>
I try to change the authorization parameters of my application in the control panel but it is not allowing me to change.
I've not tested upload images but I assume I'll have the same issue.
I'm using v 1.2.2 of Smugmug api (with oAuth) and I call the API using .NET through REST.
Could anyone assist me on this issue?
Thanks in advance!
Damian Lado
0
Comments
Read the section 'Obtaining User Authorization in the OAuth documentation.
Let me know if you have any questions.
Cheers,
David
SmugMug API Developer
My Photos
Ok, I follow your indications and I read the link. Now I added a couple of parameters more to the URL that redirects the user for authentication. It looks like:
[html]
http://api.smugmug.com/services/oauth/authorize.mg?oauth_token=1ddbee9fda00d4da698c2835f5aece33&Access=Full&Permissions=Add
[/html]
Now, when I call [html]
http://api.smugmug.com/services/api/rest/1.2.2/?method=smugmug.albums.create&Title=new
[/html]
I get:
[html]<?xml version="1.0" encoding="utf-8"?>
<rsp stat="fail"><method>smugmug.albums.create</method><err code="35" msg="invalid signature"/></rsp>[/html]
The odd thing here is that I can get albums and images without any problem using oAuth and I assume that the signature generation and authorization header will be the same for create, update, upload...???
Should I make the call using POST??? because I'm using GET.
Another question. Let's supose I make the create album and update album work, If I have two methods, one to add an album and the other to update an album...should I have to generate again the authorization token?? (becouse in the Permissions parameter you could select Modify and Add).
Modify allows you to add??
Hope you can help me and I appreciate the quick and kind response.
once you have an authorized app, re-authorizing the app doesn't change the Access/Permissions, go you either have to change the app's Permissions/Access from the Control Panel...or revoke the token and re-authorize.
In regard to Permissions.... Add can Read, and Modify can Add and Read
Let me know how you get on.
Cheers,
David
SmugMug API Developer
My Photos
I've done that before posting but nothing happend. I went to Control Panel/Settings/Authorized Applications
Then I click change, I select Full + Modify in the combos, click Save and after telling me "Changing Application", it remains the old info, nothing happend:
app name: MyApp | access: Public | permissions: Read | [URL="javascript:toggleDIV('editAuthApp_25504','authapp_25504','block');"]change[/URL] | [URL="javascript:toggleDIV('revokeAuthApp_25504','actionsAuthApp_25504','block');"]revoke[/URL]
I don't know why...
Any ideas?
Thanks for yout help!
Damian
I revoke the permission and then execute my app sending Full + Modify and in the control panel shows me that I have Full access and Modify Permisions!
But....... it stills not allowing me to create an album:
[HTML]
<?xml version="1.0" encoding="utf-8"?>
<rsp stat="fail"><method>smugmug.albums.create</method><err code="35" msg="invalid signature"/></rsp>
[/HTML]
The call I'm doing is: string response = _oauth.APIWebRequest("GET", "http://api.smugmug.com/services/api/rest/1.2.2/?method=smugmug.albums.create&Title=new", null);
Keep on trying... let me know if you have any ideas...
What signature method are you using ? Does the URL that is requested over the wire look correct (including headers if you are using the Authorization header).
What's the nickname for your account, so that I can take a look ?
Cheers,
David
SmugMug API Developer
My Photos
My user name is schakra.
I'm using oAUth with HMAC-SHA1.
Here is the data:
URL: [html]http://api.smugmug.com/services/api/rest/1.2.2/?method=smugmug.albums.create&Title=new[/html]
Parameters in Signature: [html]method=smugmug.albums.create&oauth_consumer_key=rqEw0bLgIaV4oWYek4G1gudqREfzd6Lo&oauth_nonce=8727979&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1270817974&oauth_token=561ed5cb0c8f2ec2c7a1dde8e2fe5252&oauth_version=1.0&Title=new[/html]
Generated signature: [html]GET&http%3A%2F%2Fapi.smugmug.com%2Fservices%2Fapi%2Frest%2F1.2.2%2F&method%3Dsmugmug.albums.create%26oauth_consumer_key%3DrqEw0bLgIaV4oWYek4G1gudqREfzd6Lo%26oauth_nonce%3D8727979%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1270817974%26oauth_token%3D561ed5cb0c8f2ec2c7a1dde8e2fe5252%26oauth_version%3D1.0%26Title%3Dnew[/html]
Authentication Header: [html]OAuth realm="http://api.smugmug.com/",oauth_consumer_key="rqEw0bLgIaV4oWYek4G1gudqREfzd6Lo",oauth_token="561ed5cb0c8f2ec2c7a1dde8e2fe5252",oauth_signature_method="HMAC-SHA1",oauth_signature="xRHfiF1Y3ks0n8kVzVIW/yZLA3U=",oauth_timestamp="1270817974",oauth_nonce="8727979", oauth_version="1.0"[/html]
I hope all this info will help you to find the issue.
The strange thing is that with methods that get's data is working.
Hope we could solve this.
Thanks in advance!
Damian Lado
I believe that the issue is that Title should appear first in this string as it should be sorted A-Za-z
Did you write your own OAuth code or are you using an existing library ?
Cheers,
David
SmugMug API Developer
My Photos
No, I'm using an existing class but I can modify it because I have the source code. I'll fix that and I'll let you know!
Thanks!
Damian
Now I'm able to delete, update and add albums.
Thanks very much for your help and support!! I was needing this calls to work and sometime is difficult to finde people that help you until it is solved.
I appreciate your disposition and professionalism.
Damian Lado
Glad you got it working
Cheers mate,
David
SmugMug API Developer
My Photos
I didn't get what does it mean by "Title" should be before? I am also getting this errror, I am able to retrieve other details like getTree, etc. I am using "oAuthSig" project to get signature.
Thanks.
I believe it means that the queyr parameters in the oAuth base string must be sorted lexographically before . This means that all the upper case parameters come first, then lowercase, etc.
Here is the link in the oAuth 1.0 spec that describes this: http://oauth.net/core/1.0/#sig_norm_param
In C# I am using this comparer to sort the list of KeyValuePair objects that contain the parameters.
encodedParameters.Sort(new Comparison<KeyValuePair<string, string>>((param1, param2) => { if (param1.Key == param2.Key) { return string.Compare(param1.Value, param2.Value, StringComparison.Ordinal); } else { return string.Compare(param1.Key, param2.Key, StringComparison.Ordinal); } }));Also, make sure that the parameter name and parameter values are both encoded in the same way the oAuth spec mentiones.
--Masterghi