7

I am trying to hit the Oauth webservice which is of 1.0 Version. I can get this done succesfully over postman client but just can't get this done in android app.

Library used :- signpost-commonshttp4-1.2.1.2.jar

Parameters needed for the API :- oauth_consumer_key oauth_nonce oauth_version oauth_signature oauth_signature_method oauth_timestamp

Code :-

HttpClient httpclient = new DefaultHttpClient();


            // generate the oauth_signature
            String urlParamsForSignature = "oauth_consumer_key="+consumerKey + 
                    "&oauth_nonce=" + "pT6c0H"+
                    "&oauth_signature_method=HMAC-SHA1" +
                    "&oauth_timestamp=" + timestamp +
                    "&oauth_version=1.0";
            String baseString = "https://oauth.withings.com/account/request_token?" + urlParamsForSignature;
            String signature = computeHmac(URLEncoder.encode(baseString), consumerSecret);
            // add it to params list
            qparams.add(new BasicNameValuePair("oauth_signature", signature));

            // generate URI which lead to access_token and token_secret.
            String urlParams = "oauth_consumer_key="+consumerKey + 
                        "&oauth_nonce=" + "pT6c0H"+
                        "&oauth_signature=" + signature +
                        "&oauth_signature_method=HMAC-SHA1" +
                        "&oauth_timestamp=" + timestamp +
                        "&oauth_version=1.0";

            String url = "https://oauth.withings.com/account/request_token?" + urlParams;

            HttpGet httpget = new HttpGet(url);
            // output the response content.
            System.out.println("oken and Token Secrect:");

            HttpResponse response = httpclient.execute(httpget);
            HttpEntity entity = response.getEntity();
            if (entity != null) {
                InputStream instream = entity.getContent();
                int len;
                byte[] tmp = new byte[2048];
                while ((len = instream.read(tmp)) != -1) {
                    System.out.println(new String(tmp, 0, len, ENC));
                }
            }



public String computeHmac(String baseString, String key)
{
    try {
        Mac mac = Mac.getInstance("HmacSHA1");
        SecretKeySpec secret = new SecretKeySpec(key.getBytes(), mac.getAlgorithm());
        mac.init(secret);
        byte[] digest = mac.doFinal(baseString.getBytes());
        return new String(Base64.encodeBase64(digest));
    } catch (InvalidKeyException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
        return null;
    } catch (NoSuchAlgorithmException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
        return null;
    } catch (IllegalStateException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
        return null;
    }
}
abhishek
  • 1,434
  • 7
  • 39
  • 71
  • I dont have the answer to your question but aren't there OAuth libraries out there for Android that solve this for you already? – Robert Levy May 20 '14 at 12:59
  • I am using signpost library but i am not able to get the right oauth_signature – abhishek May 20 '14 at 13:38
  • It's a 7-year-old question, but I can't achieve the same result even though I do it one-on-one with the documents. I don't want to use ready-made library. I encrypt the values ​​in the document (https://oauth.net/core/1.0a/#RFC2045 A.5.2. Calculating Signature Value) and find the correct value, but I cannot find the equivalent signature correctly with the WooCommerce api request I made with the Postman tool. While Postman is correct for WooCommerce I can't find it. Does it add an additional parameter? Do you know about the subject? Thanks. @abhishek – Halil Han BADEM Jul 13 '21 at 18:16

1 Answers1

1

As per the code you have posted.. you are not using the signpost library for generating signature. You are using your custom code for it.

You can use signpost library as follow:

//create an oAuth consumer and provide CONSUMER_KEY & CONSUMER SECRET.
DefaultOAuthConsumer defaultOAuthConsumer  = new DefaultOAuthConsumer("CONSUMER_KEY","CONSUMER_SECRET");

   //REQUEST URL
    String url = "https://oauth.withings.com/account/request_token";
    try {
        // sign the url with consumer. (This will add all oAuth parameters to the query automatically and return the signed request url with all parameter). 
        url = defaultOAuthConsumer.sign(url);
    } catch (OAuthMessageSignerException e) {
        e.printStackTrace();
    } catch (OAuthExpectationFailedException e) {
        e.printStackTrace();
    } catch (OAuthCommunicationException e) {
        e.printStackTrace();
    }

// use the url to make your request.
Tarun
  • 90
  • 10