views:

246

answers:

1

The fact that Delicious has two sets of API authentications one with username and password and one with oAuth told me something about things I was going to experience and I wasn't wrong. Unfortunately I have to deal with both APIs now and am unsuccessful getting through the first hurdle of API v2 (Yahoo oAuth).

Here is a code snippet (I'm using OpenSocial in this example http://code.google.com/p/opensocial-net-client)

public static string GetRequestToken(string callbackUrl)
{
    string normaluri;
    string normaluriparam;
    OAuthBase oAuth = new OAuthBase();
    string nonce = oAuth.GenerateNonce();
    string timeStamp = oAuth.GenerateTimeStamp();
    string sig = oAuth.GenerateSignature(new Uri(TOKEN_URL), ConfigurationManager.AppSettings[CONSUMER_KEY],
                                         ConfigurationManager.AppSettings[SECRET_KEY],
                                         string.Empty,
                                         string.Empty,
                                         "GET",
                                         timeStamp,
                                         nonce,
                                         OAuthBase.SignatureTypes.HMACSHA1,
                                         out normaluri,
                                         out normaluriparam);
    sig = HttpUtility.UrlEncode(sig);

    string result =
        HttpClient.Get(TOKEN_URL, new
                                      {
                                          oauth_nonce = nonce,
                                          oauth_timestamp = timeStamp,
                                          oauth_consumer_key = ConfigurationManager.AppSettings[CONSUMER_KEY],
                                          oauth_signature_method = "HMAC-SHA1",
                                          oauth_signature = sig,
                                          oauth_version = "1.0",
                                          oauth_callback = callbackUrl
                                      });

    return result;
}

It seems it doesn't matter if I follow instructions at http://delicious.com/help/oauthapi myself of leave it to OpenSocial, I get an "401 Unauthorized" from the server with no further info.

I can see many people have the same issue but couldn't find any resolution.

A: 

The answer is "don't use HMAC-SHA1 for this stage. Also I forgot to include callbackUrl into my signature.

Khash