Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Invalid signature. Expected signature base string, JAVA

Tags:

java

oauth

aweber

We are using this piece of code to send request on aweber via oAuth

long unixTime = System.currentTimeMillis() / 1000L;
OAuthRequest request1 = new OAuthRequest(Verb.GET,"https://api.aweber.com/1.0/accounts/1111/lists/1111/subscribers", service);
request1.addBodyParameter("ws.op", "create");
request1.addBodyParameter("email", "[email protected]");
request1.addBodyParameter("name", "ankur");
request1.addBodyParameter("oauth_token_secret", "mysecret");
request1.addBodyParameter("oauth_token", "mytoken");
request1.addBodyParameter("oauth_consumer_key", "mykey");
request1.addBodyParameter("oauth_signature_method", "HMAC-SHA1");
request1.addBodyParameter("oauth_nonce", "secret");
request1.addBodyParameter("oauth_timestamp", String.valueOf(unixTime));

service.signRequest(accessToken, request1);
Response response1 = request1.send();
// Create a reader to read Twitter's stream
BufferedReader reader1 = new BufferedReader(new InputStreamReader(response1.getStream()));

String line;
while ((line = reader1.readLine()) != null) {
    System.out.println(line);
}      

But we are getting this in response

{
    "error": {
        "status": 401,
        "documentation_url": "https://labs.aweber.com/docs/troubleshooting#unauthorized",
        "message": "Invalid signature. Expected signature base string: GET%26https%3A%2F%2Fapi.aweber.com%2F1.0%2Faccounts%2F1111%2Flists%2F1111%2Fsubscribers%26oauth_consumer_key%3Dmykey%26oauth_nonce%3Dnonce%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1461676770%26oauth_token%3Dmytoken%26oauth_version%3D1.0%20https%3A%2F%2Flabs.aweber.com%2Fdocs%2Ftroubleshooting%23unauthorized",
        "type": "UnauthorizedError"
    }
}

Invalid signature. Expected signature base string

I checked my signature, Its same. Dont know why its showing different.

UPDATE - 1:

Lots of guys saying my key and access token is invalid, But In my code I am hitting first account URL after that trying to hit another.

like this

  OAuth1AccessToken  accessToken= new OAuth1AccessToken("oauth_token","oauth_token_secret","oauth_token_secret=oauth_token_secret&oauth_token=oauth_token");
  final OAuthRequest request = new OAuthRequest(Verb.GET, ACCOUNT_RESOURCE_URL, service);
  service.signRequest(accessToken, request);

  final Response response = request.send();
  System.out.println("Got it! Lets see what we found...");
  System.out.println();
  System.out.println(response.getBody());

  System.out.println();
  System.out.println("Thats it man! Go and build something awesome with AWeber and ScribeJava! :) 11111111");

and here is the log

  Got it! Lets see what we found...

 {"total_size": 1, "start": 0, "entries": [{"http_etag": "\"8c4c161ee1fd3dfg596911c82e9f2feff145907dec2-ca5feee2b7fbb6febfca8af554fg1541ea960aaedb\"", "lists_collection_link": "https://api.aweber.com/1.0/accounts/xxxx/lists", "self_link": "https://api.aweber.com/1.0/accounts/xxxx", "resource_type_link": "https://api.aweber.com/1.0/#account", "id": xxxx, "integrations_collection_link": "https://api.aweber.com/1.0/accounts/xxxx/integrations"}], "resource_type_link" : "https://api.aweber.com/1.0/#accounts"}

After this I am running my top code, So is there anything wrong with my key then why its working for first part of code?

like image 421
Renu Thakur Avatar asked Apr 26 '16 13:04

Renu Thakur


1 Answers

Root cause Analysis: Invalid signature

This error is raised when the signature of your request doesn't match what we'd expect it to be. Common causes of this error are incorrect or missing token secret keys (either consumer, request token, or access token) or an incorrect OAuth 1.0A implementation in your applications.

Here access token has a expiry time. after a expiry time, the access token will not work.

There is another restriction also. There are limits on the number of refresh tokens that will be issued; one limit per client/user combination, and another per user across all clients.

So, in your case it may also happen that you have already crossed your limit of creating refresh token.

For solution, you can follow my another answer: Google Play Developer API - Query purchase token returns Invalid Value


For troubleshooting your problem, you can follow this:

  1. Verify that your consumer secret is correct by logging onto your labs account and copy and pasting the consumer key into your application.
  2. Issue new request tokens and/or access tokens and try again.
  3. Verify that your application is properly implementing the OAuth 1.0A standard with respect to the server base string.
  4. Refer to RFC5849 OAuth 1.0A Specification Section 3.4.1 for more details.
like image 133
SkyWalker Avatar answered Sep 19 '22 12:09

SkyWalker