ColdFusion oAuth Authorization header not passing

Question

My authorisation header looks like this (params altered slightly for security and line breaked for easier reading):

    <cfset oAuthHeader = 'OAuth oauth_consumer_key="zz3u0Lf9XxkC2KX839r2MS0fDltvLquow3ZMLaOw",
oauth_nonce="9BD4FAE88D1B213F86D908FE183F0501C682EE2F",
oauth_signature="Zy91IhXWGcMxyuAVIlGX%2F3ULTWU%3D",
oauth_signature_method="HMAC-SHA1",
oauth_timestamp="1337169270",
oauth_version="1.0"'

My cfhttp call looks like this:

 <cfhttp url="#oRequestReq.getNormalizedHttpURL()#" method="POST">
            <cfhttpparam type="header" name="Authorization" value="#oAuthHeader#">
            <cfloop collection="#arguments#" item="key">
                <cfif key neq 'fieldnames'>
                    <cfhttpparam type="formfield" name="#key#" value="#arguments[key]#">
                </cfif>
            </cfloop>
        </cfhttp>

Running <cfdump var="#GetHttpRequestData()#">, I get the following, which shows that my fields are passing through as formfield params OK, but my Authorization header is nowhere to be seen.

![enter image description here][1]

Shouldn't the Authorization header be included in the Headers struct? [1]: https://i.stack.imgur.com/VbQQO.jpg

This cut and paste reveals rather too much information on your public web site (especially if that key is real). I would alter it and put in some *****. — Mark A Kruger, May 16 '12 at 12:56
It'd help if you say what are you trying to do - what site are you trying to get access to? — Lucas, May 16 '12 at 14:11

score 0 · Answer 1 · answered May 16 '12 at 14:09

0

How are you getting the oauth_signature? It's not a hard-coded thing in OAuth - it's being generated each time.

I'd suggest using this library http://oauth.riaforge.org/

There are some examples there that should help you get started.

answered May 16 '12 at 14:09

Lucas

1,402
1
12
18

Henry · Answer 2 · 2012-05-16T23:01:30.857

Shouldn't it be...

<cfset oAuthHeader = {
    'oauth_consumer_key'="zz3u0Lf9XxkC2KX839r2MS0fDltvLquow3ZMLaOw",
    'oauth_nonce'="9BD4FAE88D1B213F86D908FE183F0501C682EE2F",
    'oauth_signature'="Zy91IhXWGcMxyuAVIlGX%2F3ULTWU%3D",
    'oauth_signature_method'="HMAC-SHA1",
    'oauth_timestamp'="1337169270",
    'oauth_version'="1.0"
}>

<cfhttp url="#oRequestReq.getNormalizedHttpURL()#" method="POST">
    <cfloop collection="#oAuthHeader#" item="key">
        <cfhttpparam type="header" name="#key#" value="#oAuthHeader[key]#">
    </cfloop>
    <cfloop collection="#arguments#" item="key">
        <cfif key neq 'fieldnames'>
            <cfhttpparam type="formfield" name="#key#" value="#arguments[key]#">
        </cfif>
    </cfloop>
    ...
</cfloop>

?

ColdFusion oAuth Authorization header not passing

2 Answers2