It might be due to additional HTTP headers sending by call mediator. Accept-Encoding: gzip,deflate Content-Type: application/xml Accept: application/xml
Can you try adding those additional headers in SOAP-UI message and see. If so we can look into removing those headers from call request. On Mon, May 26, 2014 at 12:41 PM, Ramindu Deshapriya <[email protected]>wrote: > Hi, > > I am sending a request to Quickbooks API [1] with an OAuth 1.0 > Authentication header as specified as specified at [2]. I am using the > SignPost library at [3] to create an OAuth authentication header using the > following code: > > final String consumerKey = > messageContext.getProperty("uri.var.consumerKey").toString(); > final String consumerSecret = > messageContext.getProperty("uri.var.consumerSecret").toString(); > final String accessToken = > messageContext.getProperty("uri.var.accessToken").toString(); > final String accessTokenSecret = > messageContext.getProperty("uri.var.accessTokenSecret").toString(); > > final QuickBooksHttpRequest request = new > QuickBooksHttpRequest(); > request.setRequestUrl(requestUrl); > request.setMethod(requestMethod); > > // Generate the Authorization and get response through > signpost. > final OAuthConsumer consumer = new > DefaultOAuthConsumer(consumerKey, consumerSecret); > consumer.setTokenWithSecret(accessToken, accessTokenSecret); > consumer.setSigningStrategy(new > AuthorizationHeaderSigningStrategy()); > final HttpRequest signedRequest = consumer.sign(request); > messageContext.setProperty("auth", > response.getHeader(OAuth.HTTP_AUTHORIZATION_HEADER)); > > I am using the following template to make the call to Quickbooks: > <sequence> > > <property name="uri.var.queryString" > expression="$func:queryString" /> > <property name="uri.var.uriRemainder" > > expression="fn:concat('/company/',get-property('uri.var.companyId'),'/query')" > /> > <property name="uri.var.params" > expression="fn:concat('query=',get-property('uri.var.queryString'))" /> > > > <class > name="org.wso2.carbon.connector.quickbooks.auth.QuickBooksOAuthSignpost" /> > > <filter xpath="(string(get-property('auth'))) and > get-property('auth') != > ''"> > <then> > <property name="Authorization" > expression="get-property('auth')" > scope="transport" type="STRING" /> > </then> > </filter> > > <call> > <endpoint> > <http method="get" > uri-template=" > https://qb.sbfinance.intuit.com/v3/company/1207487340/query?{uri.var.params} > " > /> > </endpoint> > </call> > > > <header name="intuit_tid" scope="transport" > action="remove" /> > <header name="QBO-Version" scope="transport" > action="remove" /> > <header name="Vary" scope="transport" action="remove" /> > <header name="Via" scope="transport" action="remove" /> > > </sequence> > > However, this returns an Authorization Failed (401) error. > > I also created a direct connection with the same header within the class > mediator as follows: > final HttpsURLConnection requestDirect = (HttpsURLConnection) > new > URL(requestUrl).openConnection(); > requestDirect.setRequestMethod(requestMethod); > > requestDirect.setRequestProperty(OAuth.HTTP_AUTHORIZATION_HEADER, > response.getHeader(OAuth.HTTP_AUTHORIZATION_HEADER)); > requestDirect.setRequestProperty("Content-Type", > "application/xml"); > requestDirect.setRequestProperty("Accept", "application/xml"); > requestDirect.connect(); > > This request generates the correct output. I sent both requests through the > Membrane monitor and it showed the following request when sent through the > *Call Mediator*: > > GET /v3/company/1207487340/query?query=select*from%20Bill HTTP/1.1 > Authorization: OAuth oauth_consumer_key="lvprdHlLSmf3OtHNZ4EXtSKkhyyALV", > oauth_nonce="-2078842305459898931", > oauth_signature="A6UC8durYm0y7xBut46fYow6Fgo%3D", > oauth_signature_method="HMAC-SHA1", oauth_timestamp="1401087958", > oauth_token="lvprd7Hacq2iK7mwGXOOTHMnmn0CAEOmH0eFv1OypRQpZje5", > oauth_version="1.0" > Accept-Encoding: gzip,deflate > Content-Type: application/xml > Accept: application/xml > Host: qb.sbfinance.intuit.com:80 > Connection: Keep-Alive > User-Agent: Synapse-PT-HttpComponents-NIO > > When sending a direct call through the *Class Mediator* (which worked), the > following request was observed: > GET /v3/company/1207487340/query?query=select*from%20Bill HTTP/1.1 > Authorization: OAuth oauth_consumer_key="lvprdHlLSmf3OtHNZ4EXtSKkhyyALV", > oauth_nonce="-2078842305459898931", > oauth_signature="A6UC8durYm0y7xBut46fYow6Fgo%3D", > oauth_signature_method="HMAC-SHA1", oauth_timestamp="1401087958", > oauth_token="lvprd7Hacq2iK7mwGXOOTHMnmn0CAEOmH0eFv1OypRQpZje5", > oauth_version="1.0" > User-Agent: Java/1.7.0_09 > Host: qb.sbfinance.intuit.com:80 > Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 > Connection: keep-alive > > It is evident that both requests are essentially identical (I checked on > Meld as well). Taking the above Authorization header and using it with the > same request on SOAP-UI (as a REST client) also yielded the correct result. > > Is there some special feature of the ESB that could be causing this > problem? > > > Thanks. > > [1] https://developer.intuit.com/docs/0025_quickbooksapi > [2] http://goo.gl/NxkQ6V > [3] http://code.google.com/p/oauth-signpost/ > > > > -- > View this message in context: > http://wso2-oxygen-tank.10903.n7.nabble.com/ESB-OAuth-1-0-authentication-headers-failing-when-sending-via-Call-Mediator-tp97265.html > Sent from the WSO2 Development mailing list archive at Nabble.com. > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > -- Miyuru Wanninayaka Senior Technical Lead WSO2 Inc. : http://wso2.com Mobile : +94 77 209 9788
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
