Finally I have figured out the solution in Javascript only.The
signature.html from the sample
http://oauth.googlecode.com/svn/code/javascript/example/signature.html
was really helpful to fix this issue.
The main fix was the Access token send to yahoo which should be
decoded correctly in JS which was different from Java.
I have provided the code snippet here in HTML which you can verify in
IE browser(I am not sure why it didn't work in other browsers)
But any way the main concept of javascript will work fine- I have
added a text area to display the contacts in XML format using AJAX.
Provide the necessary values and check whether the values are coming
correctly using the alerts.
The URL here is to access the Contacts from Yahoo API i.e:
http://social.yahooapis.com/v1/user/+guid+/contacts;
HTML
head
script type=text/javascript src=http://oauth.googlecode.com/svn/
code/javascript/sha1.js/script
script type=text/javascript src=http://oauth.googlecode.com/svn/
code/javascript/oauth.js/script
/head
script language=javascript
var oauth_consumer_key =Provide your Consumer Key here;
var oauth_token = Provide your Access Token here; // This should
be double decoded- if it stars with A%25%25%3DkLa , it should be A=kLa
var consumerSecret = Provide your Consumer Secret here;
var tokenSecret = Provide your Token Secret here;
var guid = Provide your Yahoo GUID here;
var timeStamp1 = OAuth.timestamp();
var nonce1 = OAuth.nonce(11);
var accessor = { consumerSecret: consumerSecret
, tokenSecret : tokenSecret};
var message = { method: GET
, action: http://social.yahooapis.com/v1/user/+guid
+/contacts
,parameters:[]
};
message.parameters.push([oauth_version,1.0]);
message.parameters.push([oauth_consumer_key,oauth_consumer_key]);
message.parameters.push([oauth_token,oauth_token]);
message.parameters.push([oauth_timestamp,timeStamp1]);
message.parameters.push([oauth_nonce,nonce1]);
message.parameters.push([oauth_signature_method,HMAC-SHA1]);
OAuth.SignatureMethod.sign(message, accessor);
var key = OAuth.percentEncode(consumerSecret)
++OAuth.percentEncode(tokenSecret);
var signature =
b64_hmac_sha1(key,OAuth.SignatureMethod.getBaseString(message));
alert(Signature: +signature);
alert(NormalizedParameters : +
OAuth.SignatureMethod.normalizeParameters(message.parameters));
alert(SignatureBaseString : +
OAuth.SignatureMethod.getBaseString(message));
alert(Signature :+
OAuth.getParameter(message.parameters, oauth_signature));
alert(AuthorizationHeader : +
OAuth.getAuthorizationHeader(http://yahooapis.com/;,
message.parameters));
alert(URL : + http://social.yahooapis.com/v1/user/+guid+/
contacts?+OAuth.SignatureMethod.normalizeParameters(message.parameters)
+oauth_signature=+OAuth.percentEncode(OAuth.getParameter(message.parameters,
'oauth_signature')));
var url =http://social.yahooapis.com/v1/user/+guid+/
contacts?+OAuth.SignatureMethod.normalizeParameters(message.parameters)
+oauth_signature=+OAuth.percentEncode(OAuth.getParameter(message.parameters,
'oauth_signature'));
xmlhttpPost(url);
function xmlhttpPost(strURL) {
var xmlHttpReq = false;
var self = this;
// Mozilla/Safari
if (window.XMLHttpRequest) {
self.xmlHttpReq = new XMLHttpRequest();
}
// IE
else if (window.ActiveXObject) {
self.xmlHttpReq = new ActiveXObject(Microsoft.XMLHTTP);
}
self.xmlHttpReq.open('GET', strURL, true);
self.xmlHttpReq.setRequestHeader('Content-Type', 'application/x-
www-form-urlencoded');
self.xmlHttpReq.setRequestHeader('Authorization', 'OAuth');
self.xmlHttpReq.onreadystatechange = function() {
if (self.xmlHttpReq.readyState == 4) {
updatepage(self.xmlHttpReq.responseText);
}
}
self.xmlHttpReq.send();
}
function updatepage(str){
document.getElementById(oauthBox).value += str;
}
/script
body
textarea id=oauthBox rows=20 cols=120/textarea
/body
/HTML
Hope this helps to satisfy the hunger for Yahoo OAuth using
Javascript.
Thanks,
Test SCF
On Feb 13, 10:51 pm, Vinod facebook vinod.faceb...@gmail.com wrote:
Hi,
I dunno how oauth in javascript works. I implemented oauth in
Java and I faced the same signature invalid issue. I broke my head for about
2 weeks before I found a solution. Anyways this was the problem. I was
running my app on a box which was sitting behind an apache webserver
machine. So when I send out requests for any end point, the opensocial
container used to sign the requests with my public IP address and while
verifying the response from my end, the IP with which I would be signing was
my local server's which was sitting behind my apache. Hence there was a
mismatch and it used to fire the signature invalid exception