Discussion Forum: Thread 290112 |
|
|
| | Author: | 1001jouets.fr | Posted: | May 21, 2021 09:07 | Subject: | BricklinkApi class : INVALID_SIGNATURE error | Viewed: | 92 times | Topic: | Technical Issues | |
|
| Hi,
I am trying to use the BricklinkApi class under PHP7 :
https://github.com/blockpartybricks/Bricklink-API-Helper/blob/master/PHPBricklinkAPI/BricklinkApi.php
I always get a INVALID_SIGNATURE error.
"{"meta":{"description":"SIGNATURE_INVALID: Invalid Signature","message":"BAD_OAUTH_REQUEST","code":401}}"
Here is my using :
$arraybkl = array(
'consumerKey' = $mycsk,
'consumerSecret' = $mycss,
'tokenValue' = $mytkv,
'tokenSecret' = $mytks
) ;
include (MY_PATH . "/PHPBricklinkAPI/autoload.php");
$bricklinkApi = new PHPBricklinkApi\BricklinkAPI($arraybkl);
$response = $bricklinkApi-request("GET", "/inventories")-execute();
Regarding the signature, here is the source of the class (didn't change anything)
:
Can you see something wrong with the generation of the signature ?
private function getAuthorizationHeader($url, $request){
//Generate Random String
$random = substr( md5(rand()), 0, 7);
//Build authorization Object
$authorization = [
'oauth_consumer_key' = $this-consumerKey,
'oauth_nonce' = $random,
'oauth_signature_method' = 'HMAC-SHA1',
'oauth_signature' = null,
'oauth_timestamp' = (string) time(),
'oauth_token' = $this-tokenValue,
'oauth_version' = $this-oauthVersion
];
//Add authorization signature
$authorization['oauth_signature'] = $this-generateSignature($request,
$authorization);
//Turn into a url encoded json object
$jsonAuthorization = json_encode($authorization);
return rawurlencode($jsonAuthorization);
}
private function generateSignature(BricklinkApiRequest $request, array $authorization){
$parameters = $authorization;
if($request-method=="GET")
{
$parameters = array_merge($parameters, $request-params);
}
ksort($parameters);
$paramterString = http_build_query($parameters);
$signature_basestring = $request-method.'&'.rawurlencode($this-endpoint.$request-path).'&'.rawurlencode($paramterString);
$secretstring = $this-consumerSecret.'&'.$this-tokenSecret;
$signature = base64_encode(hash_hmac('sha1', $signature_basestring,
$secretstring, true));
return $signature;
}
Thank you.
|
|
|
| | | | | |
| | | | Author: | ErwinNL | Posted: | May 21, 2021 09:54 | Subject: | Re: BricklinkApi class : INVALID_SIGNATURE error | Viewed: | 47 times | Topic: | Technical Issues | |
|
| In Technical Issues, 1001jouets.fr writes:
| Hi,
I am trying to use the BricklinkApi class under PHP7 :
https://github.com/blockpartybricks/Bricklink-API-Helper/blob/master/PHPBricklinkAPI/BricklinkApi.php
I always get a INVALID_SIGNATURE error.
"{"meta":{"description":"SIGNATURE_INVALID: Invalid Signature","message":"BAD_OAUTH_REQUEST","code":401}}"
Here is my using :
$arraybkl = array(
'consumerKey' = $mycsk,
'consumerSecret' = $mycss,
'tokenValue' = $mytkv,
'tokenSecret' = $mytks
) ;
include (MY_PATH . "/PHPBricklinkAPI/autoload.php");
$bricklinkApi = new PHPBricklinkApi\BricklinkAPI($arraybkl);
$response = $bricklinkApi-request("GET", "/inventories")-execute();
Regarding the signature, here is the source of the class (didn't change anything)
:
Can you see something wrong with the generation of the signature ?
private function getAuthorizationHeader($url, $request){
//Generate Random String
$random = substr( md5(rand()), 0, 7);
//Build authorization Object
$authorization = [
'oauth_consumer_key' = $this-consumerKey,
'oauth_nonce' = $random,
'oauth_signature_method' = 'HMAC-SHA1',
'oauth_signature' = null,
'oauth_timestamp' = (string) time(),
'oauth_token' = $this-tokenValue,
'oauth_version' = $this-oauthVersion
];
//Add authorization signature
$authorization['oauth_signature'] = $this-generateSignature($request,
$authorization);
//Turn into a url encoded json object
$jsonAuthorization = json_encode($authorization);
return rawurlencode($jsonAuthorization);
}
private function generateSignature(BricklinkApiRequest $request, array $authorization){
$parameters = $authorization;
if($request-method=="GET")
{
$parameters = array_merge($parameters, $request-params);
}
ksort($parameters);
$paramterString = http_build_query($parameters);
$signature_basestring = $request-method.'&'.rawurlencode($this-endpoint.$request-path).'&'.rawurlencode($paramterString);
$secretstring = $this-consumerSecret.'&'.$this-tokenSecret;
$signature = base64_encode(hash_hmac('sha1', $signature_basestring,
$secretstring, true));
return $signature;
}
Thank you.
|
It works for me when I set $isDevelopment to true.
|
|
|
| | | | | | | | | | | | | | |
| | | | | | | | Author: | 1001jouets.fr | Posted: | May 21, 2021 11:26 | Subject: | Re: BricklinkApi class : INVALID_SIGNATURE error | Viewed: | 36 times | Topic: | Technical Issues | |
|
| In Technical Issues, ErwinNL writes:
Thanks ErwinNL, your example works very fine in a standalone way, with my keys.
The problem comes perhaps with my environment. Thank you for the trying. Notice:
the value of parameter $isDevelopmentdid ot change anything. It worked in both
cases.
|
|
| | | | | | | | | | | | | | | | | |
| | | | | | | | | | Author: | ErwinNL | Posted: | May 21, 2021 11:42 | Subject: | Re: BricklinkApi class : INVALID_SIGNATURE error | Viewed: | 50 times | Topic: | Technical Issues | |
|
| In Technical Issues, 1001jouets.fr writes:
| In Technical Issues, ErwinNL writes:
Thanks ErwinNL, your example works very fine in a standalone way, with my keys.
The problem comes perhaps with my environment. Thank you for the trying. Notice:
the value of parameter $isDevelopmentdid ot change anything. It worked in both
cases.
|
I had some more time to look into the code, I made my own signer in C# and had
to encode some of the oauth_ parameters like oauth_nonce and oauth_timestamp
because I also had bad signature results and this fixed it for me:
AddOAuthParameter(OAuthConstants.TIMESTAMP, OAuthEncoder.Encode(GetTimestamp()));
AddOAuthParameter(OAuthConstants.NONCE, OAuthEncoder.Encode(GetNonce()));
OAuthEncoder.AddOAuthParameter:
// Encode URL
String encoded = HttpUtility.UrlEncode(text, Encoding.UTF8);
// Make escaped chars uppercase
Regex reg = new Regex(@"%[a-f0-9]{2}");
encoded = reg.Replace(encoded, m = m.Value.ToUpperInvariant());
I used this site to validate all steps:
http://lti.tools/oauth/
|
|
|
| | | | | | | | | | | | | |
| | | | | | | | Author: | 1001jouets.fr | Posted: | May 21, 2021 12:05 | Subject: | Re: BricklinkApi class : INVALID_SIGNATURE error | Viewed: | 37 times | Topic: | Technical Issues | |
|
| In Technical Issues, ErwinNL writes:
Got it ! My environment had a issue : little error in the order of the tokens
and I didn't see it. To the authors of this work, I apologize. PHPBricklinkAPI
works very well.
Thanks to the community.
|
|
|
|
|
|