0

I need to get a here-API token to use it in HERE Matrix Routing API but I can't get it. the response from the server always return the below

"{"errorId":"ERROR-b877e827-1ed6-4a2d-bed8- 
546d1b9b3bd6","httpStatus":401,"errorCode":401205,"message":"Unsupported 
signature method in the header. Require HMAC- 
SHA256","error":"invalid_request","error_description":"errorCode: 
'401205'. Unsupported signature method in the header. Require HMAC- 
SHA256"}"

here is my code :

    var grant_type = 'client_credentials';
var oauth_consumer_key = 'koauth_consumer_key';
var access_key_secret = 'access_key_secret';
var oauth_nonce = DateTime.now().millisecondsSinceEpoch.toString();
var oauth_timestamp = (new DateTime.now().toUtc().millisecondsSinceEpoch / 100).toString();
var oauth_signature_method = 'HMAC-SHA256';
var oauth_version = '1.0';
var url = 'https://account.api.here.com/oauth2/token';

create_signature(secret_key, signature_base_string) {
var temp = Hmac(sha256, utf8.encode(secret_key)).convert(utf8.encode(signature_base_string));
var hmacBase64 = base64Encode(temp.bytes);
print(hmacBase64);
return hmacBase64;
}

create_parameter_string(grant_type, oauth_consumer_key, oauth_nonce, oauth_signature_method, oauth_timestamp, oauth_version) {
parameter_string = '';
parameter_string = parameter_string + 'grant_type=' + grant_type;
parameter_string = parameter_string + '&oauth_consumer_key=' + oauth_consumer_key;
parameter_string = parameter_string + '&oauth_nonce=' + oauth_nonce;
parameter_string = parameter_string + '&oauth_signature_method=' + oauth_signature_method;
parameter_string = parameter_string + '&oauth_timestamp=' + oauth_timestamp;
parameter_string = parameter_string + '&oauth_version=' + oauth_version;
return parameter_string;
}

create encoded_oauth_signature

var parameter_string = create_parameter_string(grant_type, oauth_consumer_key, oauth_nonce, oauth_signature_method, oauth_timestamp, oauth_version);
var encoded_parameter_string = Uri.encodeComponent(parameter_string);
var encoded_base_string = 'POST' + '&' + Uri.encodeComponent(url) + '&' + encoded_parameter_string;
var signing_key = access_key_secret + '&';
var oauth_signature = create_signature(signing_key, encoded_base_string);
var encoded_oauth_signature = Uri.encodeComponent(oauth_signature);

// #---------------------Requesting Token---------------------
var body = {
'grant_type': '$grant_type'
};

preparing body and header

var headers = {
'Content-Type': 'application/x-www-form-urlencoded',
'Authorization': 'OAuth oauth_consumer_key="$oauth_consumer_key",oauth_nonce="$oauth_nonce",oauth_signature_method="HMAC-SHA256",oauth_timestamp="$oauth_timestamp",oauth_version="1.0",oauth_signature="$encoded_oauth_signature"'
};

get token:

 gettokenpy() async {
    final response = await http.post(
    Uri.parse(url),
    body: body,
    headers: headers,
    );
    return response.body.toString();
}
Mohamed shafik
  • 1
  • 2

1 Answers1

0

The error message indicates that input signature method is not supported. It is supposed to be HMAC-SHA256. The following guide can help you to understand how to get the OAuth 2.0 token.

https://developer.here.com/documentation/identity-access-management/dev_guide/topics/sdk.html#step-3-request-a-token