Re: [oauth] Signature Invalid and Token Rejected Errors-Yahoo Oauth Social API using Javascript, Getting contacts from Yahoo using Social API by OAUTH
This is one of the reasons why we simplified signatures in WRAP. Yahoo and other Service Providers have architectures where incoming requests are proxied and forwarded the public facing hostname and even the path that¹s exposed to the consumer can be very different than the origin server ends up servicing the request. In WRAP, the client just passes the Access Token in the request this is exactly the same model as ³Cookie Auth² for web browsers. Allen On 2/13/10 9:51 AM, Vinod facebook vinod.faceb...@gmail.com wrote: I implemented oauth in Java and I faced the same signature invalid issue. I broke my head for about 2 weeks before I found a solution. Anyways this was the problem. I was running my app on a box which was sitting behind an apache webserver machine. So when I send out requests for any end point, the opensocial container used to sign the requests with my public IP address and while verifying the response from my end, the IP with which I would be signing was my local server's which was sitting behind my apache. Hence there was a mismatch and it used to fire the signature invalid exception everytime. After finding this out, I fixed the issue by replacing the IP in my oauth message with that of my public IP before I do a validation. Now it works like a charm. Hope this -- You received this message because you are subscribed to the Google Groups OAuth group. To post to this group, send email to oa...@googlegroups.com. To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/oauth?hl=en.
Re: [oauth] Signature Invalid and Token Rejected Errors-Yahoo Oauth Social API using Javascript, Getting contacts from Yahoo using Social API by OAUTH
Hi, I dunno how oauth in javascript works. I implemented oauth in Java and I faced the same signature invalid issue. I broke my head for about 2 weeks before I found a solution. Anyways this was the problem. I was running my app on a box which was sitting behind an apache webserver machine. So when I send out requests for any end point, the opensocial container used to sign the requests with my public IP address and while verifying the response from my end, the IP with which I would be signing was my local server's which was sitting behind my apache. Hence there was a mismatch and it used to fire the signature invalid exception everytime. After finding this out, I fixed the issue by replacing the IP in my oauth message with that of my public IP before I do a validation. Now it works like a charm. Hope this helps :) On Fri, Feb 12, 2010 at 1:32 PM, Test test@gmail.com wrote: After referring so many threads from Google and Yahoo, I was not able to get an accurate/correct/exact answer/solution/fix for the signature_invalid problem which i am also facing. In those threads most of the samples for OAuth application were in JAVA,C# and Perl languages.But I wanted it working in Javascript. Though I found the sample code from http://oauth.googlecode.com/svn/code/javascript/ - still it was not that much clear to get the contacts of a user from Yahoo Social API. I followed the exact steps of OAuth too. After struggling for one week I am posting this thread out of frustration.I just needed a full fledged working sample or example of Getting contacts from Yahoo using OAuth in JS.Wherever I searched the Signature and Token Issues for Yahoo OAUTH, I was not able to get a complete answer. Even I tried the simple CURL command to GET/POST a request for Yahoo Social API. There too I was getting the same error, When I tried with https://social.yahooapis.com/v1/user/+guid+/ contacts; I am getting Connection timed Out or Connection to the host lost. I am not sure why Yahoo Social API is not returning the exact error response as I got signature_invalid and token_rejected errors for mere API calls. Is there any solutions or suggestions atleast for gettting it work?? Any help would be greatly appreciated. Thanks Test SCF -- You received this message because you are subscribed to the Google Groups OAuth group. To post to this group, send email to oa...@googlegroups.com. To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com oauth%2bunsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/oauth?hl=en. -- You received this message because you are subscribed to the Google Groups OAuth group. To post to this group, send email to oa...@googlegroups.com. To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/oauth?hl=en.
Re: [oauth] Signature Invalid and Token Rejected Errors-Yahoo Oauth Social API using Javascript, Getting contacts from Yahoo using Social API by OAUTH
Hi there - Unfortunately, none of the Yahoo Social APIs support HTTPS. Try again using HTTP. Did you see HTTPS referenced anywhere in the docs? The Yahoo Contacts API is documented here: http://developer.yahoo.com/social/rest_api_guide/contact_api.html With regards to accessing Yahoo OAuth APIs entirely in Javascript - I have heard of people trying to do this, but I've never actually witnessed anyone successfully doing it. We are very aware that Yahoo Social APIs are not really accessible to developers who only want to write Javascript. Yahoo, along with other Service Providers, have mostly been looking at Oauth-WRAP to support a Javascript Profile. We have several SDKs available to access Yahoo Contacts: http://developer.yahoo.com/social/sdk/ Ping me directly if you have any more questions, Thanks Allen On 2/12/10 12:02 AM, Test test@gmail.com wrote: When I tried with https://social.yahooapis.com/v1/user/+guid+/ contacts; I am getting Connection timed Out or Connection to the host lost. -- You received this message because you are subscribed to the Google Groups OAuth group. To post to this group, send email to oa...@googlegroups.com. To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/oauth?hl=en.
