1

I'm developing a React-Native App with Open Bank Project and I can't use suggested SDKs, not even the nodeJS one as Oauth1.0 is not available in RN. And I'm stuck with a Bad Signature error on Access Token request '/oauth/token' after passed '/oauth/initiate' and '/oauth/authorize' without any problem.

As specified in docs here before accessing to a Protected Resource we need an Access Token via a POST Request, which gives me the Bad Signature answer.

Here is my code for the request:

getAccessToken(verifier){
let request = {
  url:    'https://api.openbankproject.com/oauth/token',
  method: 'POST',
  data: {
    oauth_verifier: verifier,
    oauth_token: this.auth.oauth_token,
    oauth_token_secret: this.auth.oauth_token_secret
  }
}
return fetch(this.url_login, {
  method:     request.method, //POST
  form:       request.data,
  headers:    this.oauth.toHeader(this.oauth.authorize(request))
})
.then((res) => {return res.text()})
.then((txt) => {
  console.log('setUID', txt, this.url_login, {
    method:     request.method,
    form:       request.data,
    headers:    this.oauth.toHeader(this.oauth.authorize(request))
  })
})

Here is the signed request:

Object {method: "POST", form: Object, headers: Object} form: oauth_token:"..." oauth_token_secret:"..." oauth_verifier:"71531"

headers: Authorization: "OAuth oauth_consumer_key="...", oauth_nonce="3UlQ5dx958tibf6lSg0RUGPQFZeV7b8V", oauth_signature="weyE1lFkoIjAErYLKdSi9SDlCZsNBi7%2BuAkLV2PWePo%3D", oauth_signature_method="HMAC-SHA256", oauth_timestamp="1464248944", oauth_token="...", oauth_token_secret="...", oauth_verifier="71531", oauth_version="1.0""

I've tried with and without Oauth_token_secret, also moving oauth_verifier from body to query but with the same Bad Signature result.

Any idea? thx

imaginair
  • 519
  • 1
  • 7
  • 12

1 Answers1

0

You can use oauth module https://github.com/ciaranj/node-oauth

   var oauth=require('oauth');         
   var consumer = new oauth.OAuth(
     "https://twitter.com/oauth/request_token", "https://twitter.com/oauth/access_token", 
_twitterConsumerKey, _twitterConsumerSecret, "1.0A", "http://127.0.0.1:8080/sessions/callback", "HMAC-SHA1");

then generating signature like this :

    var parameters = consumer._prepareParameters("user_access_token", "user_access_token_secret", "http_method", "request_url");
    var headers = consumer._buildAuthorizationHeaders(parameters);

parameters array contains signature, also you can build authorization headers if needed. Hope it helps :)

Muhammad
  • 720
  • 6
  • 13