I'm having real difficulty generating the OAuth1.0a signature correctly. Below are the parameters that I used from here (Request Token)
//URL parameters sans-signature
$preSignedParameters = [
'oauth_callback' => 'http://example.com/OAuthRequestToken.do',
'oauth_consumer_key' => 'WEhGuJZWUasHg',
'oauth_nonce' => 'zSs4RFI7lakpADpSsv',
'oauth_signature_method' => 'HMAC-SHA1',
'oauth_timestamp' => 1330442419,
'oauth_version' => '1.0'
];
$signature = $this->generateSignature(
CurlHelper::HTTP_GET,
"http://nid.naver.com/naver.oauth",
$preSignedParameters
);
And I sign them with; (code modified for readability sake)
private function generateSignature($method, $url, $parameters)
{
return base64_encode(
hash_hmac(
'sha1',
$this->generateSignatureString($method, $url, $parameters),
$this->generateSignatureKey(),
true
)
);
}
}
private function generateSignatureString($method, $url, $parameters)
{
//Returns ksort() array
$parameters = $this->sortParams($parameters);
$string = $method
.'&'.rawurlencode($url)
.'&'.rawurlencode(http_build_query($parameters, PHP_QUERY_RFC3986));
return $string;
}
private function generateSignatureKey()
{
if (!$applicationToken = $this->getApplicationToken()) {
$applicationToken = '';
}
$key = rawurlencode('WEhGuJZWUasHg').'&'.rawurlencode($applicationToken);
return $key;
}
So when I pass in the above parameters...
generateSignatureString() returns
GET&
http%3A%2F%2Fnid.naver.com%2Fnaver.oauth&
oauth_callback%3Dhttp%253A%252F%252Fexample.com%252FOAuthRequestToken.do%26
oauth_consumer_key%3DWEhGuJZWUasHg%26
oauth_nonce%3DzSs4RFI7lakpADpSsv%26
oauth_signature_method%3DHMAC-SHA1%26
oauth_timestamp%3D1330442419%26
oauth_version%3D1.0
generateSignatureKey() returns
WEhGuJZWUasHg&
generateSignature() returns
5EqAAGLxoAovkYs+4gS1E4S9l5I=
Expected signature (according to linked guide)
wz9+ZO5OLUnTors7HlyaKat1Mo0=
And of course it goes on to get an "invalid_signature" error from the OAuth provider.
What am I doing wrong???
