I struggled with this annoying bug for a very long time. The issue was when trying to get the users UID via the two-legged API users/me it would result in an response from the API: Duplicate timestamp/nonce combination, possible replay attack. Request rejected. My work around for a while was basically brute forcing this API endpoint until it responded. This worked sometimes but is obviously not practical.
Asked
Active
Viewed 94 times
0
John Exterkamp
- 23
- 5
1 Answers
1
After going through post after post of people also having this problem I looked at the answers from Schoology support and they all said visit the docs, which I have looked over multiple times before. however this time I scrolled down and found a "short-cut" as they called it to get the UID:
So instead of trying to use the users/me endpoint you simply use the endpoint: /app-user-info which returns a JSON with timestamp and UID!
After you get the UID you can freely access the users/me endpoint by replacing me with the UID like so: users/{UID}
URL:
https://api.schoology.com/v1/app-user-info
two-legged Authorization header:
OAuth realm="Schoology API",
oauth_consumer_key="{CONSUMER_KEY}",
oauth_signature_method="PLAINTEXT",
oauth_timestamp="{TIMESTAMP}",
oauth_token="",
oauth_nonce="{RANDOM_CHARS}",
oauth_version="1.0",
oauth_signature="{CONSUMER_SECRET}%26"
mkrieger1
- 19,194
- 5
- 54
- 65
John Exterkamp
- 23
- 5