Finally I have figured out the solution in Javascript only.The
signature.html from the sample 
http://oauth.googlecode.com/svn/code/javascript/example/signature.html
was really helpful to fix this issue.

The main fix was the Access token send to yahoo which should be
decoded correctly in JS which was different from Java.
I have provided the code snippet here in HTML which you can verify in
IE browser(I am not sure why it didn't work in other browsers)
But any way the main concept of javascript will work fine- I have
added a text area to display the contacts in XML format using AJAX.
Provide the necessary values and check whether the values are coming
correctly using the alerts.
The URL here is to access the Contacts from Yahoo API i.e:
http://social.yahooapis.com/v1/user/"+guid+"/contacts";

<HTML>
  <head>

  <script type="text/javascript" src="http://oauth.googlecode.com/svn/
code/javascript/sha1.js"></script>
  <script type="text/javascript" src="http://oauth.googlecode.com/svn/
code/javascript/oauth.js"></script>

  </head>
  <script language="javascript">


        var oauth_consumer_key ="<Provide your Consumer Key here>";
        var oauth_token = "<Provide your Access Token here>"; // This should
be double decoded- if it stars with A%25%25%3DkLa , it should be A=kLa
        var consumerSecret = "<Provide your Consumer Secret here>";
        var tokenSecret = "<Provide your Token Secret here>";
        var guid = "<Provide your Yahoo GUID here>";
        var timeStamp1 = OAuth.timestamp();
        var nonce1 = OAuth.nonce(11);

        var accessor = { consumerSecret: consumerSecret
                   , tokenSecret   : tokenSecret};
    var message = { method: "GET"
                  , action: "http://social.yahooapis.com/v1/user/"+guid
+"/contacts"
                   ,parameters:[]
                  };

        message.parameters.push(["oauth_version","1.0"]);
        message.parameters.push(["oauth_consumer_key",oauth_consumer_key]);
        message.parameters.push(["oauth_token",oauth_token]);
        message.parameters.push(["oauth_timestamp",timeStamp1]);
        message.parameters.push(["oauth_nonce",nonce1]);
        message.parameters.push(["oauth_signature_method","HMAC-SHA1"]);

    OAuth.SignatureMethod.sign(message, accessor);

    var key = OAuth.percentEncode(consumerSecret)
+"&"+OAuth.percentEncode(tokenSecret);

    var signature =
b64_hmac_sha1(key,OAuth.SignatureMethod.getBaseString(message));
    alert("Signature: " +signature);
    alert("NormalizedParameters : "+
OAuth.SignatureMethod.normalizeParameters(message.parameters));
    alert("SignatureBaseString : " +
OAuth.SignatureMethod.getBaseString(message));
    alert("Signature : "           +
OAuth.getParameter(message.parameters, "oauth_signature"));
    alert("AuthorizationHeader : " +
OAuth.getAuthorizationHeader("http://yahooapis.com/";,
message.parameters));
    alert("URL : " + "http://social.yahooapis.com/v1/user/"+guid+"/
contacts?"+OAuth.SignatureMethod.normalizeParameters(message.parameters)
+"&oauth_signature="+OAuth.percentEncode(OAuth.getParameter(message.parameters,
'oauth_signature')));

    var url ="http://social.yahooapis.com/v1/user/"+guid+"/
contacts?"+OAuth.SignatureMethod.normalizeParameters(message.parameters)
+"&oauth_signature="+OAuth.percentEncode(OAuth.getParameter(message.parameters,
'oauth_signature'));

    xmlhttpPost(url);

  function xmlhttpPost(strURL) {

    var xmlHttpReq = false;
    var self = this;
    // Mozilla/Safari
    if (window.XMLHttpRequest) {
        self.xmlHttpReq = new XMLHttpRequest();
    }
    // IE
    else if (window.ActiveXObject) {
        self.xmlHttpReq = new ActiveXObject("Microsoft.XMLHTTP");
    }
    self.xmlHttpReq.open('GET', strURL, true);
    self.xmlHttpReq.setRequestHeader('Content-Type', 'application/x-
www-form-urlencoded');
    self.xmlHttpReq.setRequestHeader('Authorization', 'OAuth');
    self.xmlHttpReq.onreadystatechange = function() {
        if (self.xmlHttpReq.readyState == 4) {
            updatepage(self.xmlHttpReq.responseText);
        }
    }
    self.xmlHttpReq.send();
}

function updatepage(str){

    document.getElementById("oauthBox").value += str;
 }

  </script>
  <body>
   <textarea id="oauthBox" rows=20 cols=120></textarea>
  </body>
</HTML>

Hope this helps to satisfy the hunger for Yahoo OAuth using
Javascript.

Thanks,
Test SCF

On Feb 13, 10:51 pm, Vinod facebook <vinod.faceb...@gmail.com> wrote:
> Hi,
>
>            I dunno how oauth in javascript works. I implemented oauth in
> Java and I faced the same signature invalid issue. I broke my head for about
> 2 weeks before I found a solution. Anyways this was the problem. I was
> running my app on a box which was sitting behind an apache webserver
> machine. So when I send out requests for any end point, the opensocial
> container used to sign the requests with my public IP address and while
> verifying the response from my end, the IP with which I would be signing was
> my local server's which was sitting behind my apache. Hence there was a
> mismatch and it used to fire the signature invalid exception everytime.
> After finding this out, I fixed the issue by replacing the IP in my oauth
> message with that of my public IP before I do a validation. Now it works
> like a charm. Hope this helps :)
>
>
>
> On Fri, Feb 12, 2010 at 1:32 PM, Test <test....@gmail.com> wrote:
> > After referring so many threads from Google and Yahoo, I was not able
> > to get an accurate/correct/exact answer/solution/fix for the
> > signature_invalid problem which i am also facing.
> >                               In those threads most of the samples
> > for OAuth application were in JAVA,C#  and Perl languages.But I wanted
> > it working in Javascript. Though I found the sample code from
> >http://oauth.googlecode.com/svn/code/javascript/- still it was not
> > that much clear to get the contacts of a user from Yahoo Social API. I
> > followed the exact steps of OAuth too. After struggling for one week I
> > am posting this thread out of frustration.I just needed a full fledged
> > working sample or example of Getting contacts from Yahoo using OAuth
> > in JS.Wherever I searched the Signature and Token Issues for Yahoo
> > OAUTH, I was not able to get a complete answer.
>
> > Even I tried the simple CURL command to GET/POST a request for Yahoo
> > Social API. There too I was getting the same error,
>
> > When I tried with "https://social.yahooapis.com/v1/user/"+guid+"/
> > contacts"; I am getting Connection timed Out or Connection to the host
> > lost.
> > I am not sure why Yahoo Social API is not returning the exact error
> > response as I got signature_invalid and token_rejected errors for mere
> > API calls.
>
> > Is there any solutions or suggestions atleast for gettting it work??
>
> > Any help would be greatly appreciated.
>
> > Thanks
> > Test SCF
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "OAuth" group.
> > To post to this group, send email to oa...@googlegroups.com.
> > To unsubscribe from this group, send email to
> > oauth+unsubscr...@googlegroups.com <oauth%2bunsubscr...@googlegroups.com>.
> > For more options, visit this group at
> >http://groups.google.com/group/oauth?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
"OAuth" group.
To post to this group, send email to oa...@googlegroups.com.
To unsubscribe from this group, send email to 
oauth+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/oauth?hl=en.

Reply via email to