How do I sign access token request withings oauth 1.0

Question

I am currently working on connecting the withings api via web and have been able to automate getting token secret and getting the userId from the callback function inside auth, however when trying to implement step 3 (generating token) I always get signing error. Here is the base logic please help if possible.

  nonce = getNonce(32);
  date = Math.round((new Date()).getTime() / 1000.0);
      var requestSig = oauthSign.hmacsign(
        'GET',
        'https://oauth.withings.com/account/access_token',
        {oauth_consumer_key: <myconsumerkey>,
          oauth_nonce: nonce,
          oauth_signature_method: 'HMAC-SHA1',
          oauth_timestamp: date.toString(),
          oauth_token: oauth_token,
          oauth_version: '1.0'
        }, newSecret);
      var hey = encodeURIComponent(requestSig);
      var permanentTokensLink = "https://oauth.withings.com/account/access_token?oauth_consumer_key=<myconsumerkey>&oauth_nonce="+nonce+"&oauth_signature="+hey+"&oauth_signature_method=HMAC-SHA1&oauth_timestamp="+date+"&oauth_token="+oauth_token+"&oauth_version=1.0";
      return {link:permanentTokensLink, newSecret: newSecret, tokensecret: oauth_token_secret, dataObj: dataObj, token: oauth_token};

newSecrect is a consumersercret&tokensecret, and permanentTokensLink is where I should be able to click to to get the access key and secret. Why is this not working?

score 0 · Accepted Answer · answered Aug 29 '16 at 07:52

0

I was missing an oauth verifier in the signing params and inside the link I was creating, and the secret should have been broken up into two parts (consumer-secret, token-secret) to be used correctly by the npm package hmacsign.

answered Aug 29 '16 at 07:52

Chris

391
4
14

How do I sign access token request withings oauth 1.0

1 Answers1