Coldfusion Vimeo oAuth

Question

Hey guys, I’m trying to figure out the oAuth process using coldfusion and there doesn't seem to be a lot of information on the forums.

I keep getting “401 Unauthorized - Invalid signature - The oauth_signature passed was not valid” But I am passing the correct one.

Here is my process.::

I am using the oauth codebase from http://oauth.googlecode.com/svn/code/coldfusion/oauth

Using there examples for twitter and google I have modified it to work like below.

<cfset sConsumerKey = "XXX">
<cfset sConsumerSecret = "YYY"> 
<cfset sTokenEndpoint = "http://vimeo.com/oauth/request_token"&gt;

<cfset oReqSigMethodSHA = CreateObject("component", "oauth.oauthsignaturemethod_hmac_sha1")>
<cfset oToken = CreateObject("component", "oauth.oauthtoken").createEmptyToken()>
<cfset oConsumer = CreateObject("component", "oauth.oauthconsumer").init(sKey = sConsumerKey, sSecret = sConsumerSecret)>

<cfset myParams = structNew() />
<cfset myParams.oauth_callback = "http://XXX.XXX/web/oAuth/examples_external/vimeo2.cfm" />

<cfset oReq = CreateObject("component", "oauth.oauthrequest").fromConsumerAndToken(
oConsumer = oConsumer,
oToken = oToken,
sHttpMethod = "GET",
sHttpURL = sTokenEndpoint,
stParameters = myParams)>

<cfset oReq.signRequest(
oSignatureMethod = oReqSigMethodSHA,
oConsumer = oConsumer,
oToken = oToken)>

<cfhttp url="#oREQ.getString()#" method="get" result="tokenResponse"/>

This then returns oauth_token & oauth_verifier.

<cfset sConsumerKey = "XXX"> 
<cfset sConsumerSecret = "YYY"> 
<cfset sAuthorizationEndpoint = "http://vimeo.com/oauth/access_token"&gt; <!--- Authorize URL --->

<cfset oReqSigMethodSHA = CreateObject("component", "oauth.oauthsignaturemethod_hmac_sha1")>
<cfset oToken = CreateObject("component", "oauth.oauthtoken").createEmptyToken()>
<cfset oConsumer = CreateObject("component", "oauth.oauthconsumer").init(sKey = sConsumerKey, sSecret = sConsumerSecret)>

<cfset myParams = structNew() />
<cfset myParams.oauth_token = URL.oauth_token />
<cfset myParams.oauth_verifier = URL.oauth_verifier />
<cfset myParams.oauth_callback = "oob" />

<cfset oReq = CreateObject("component", "oauth.oauthrequest").fromConsumerAndToken(
oConsumer = oConsumer,
oToken = oToken,
sHttpMethod = "GET",
sHttpURL = sAuthorizationEndpoint ,
stParameters = myParams)>

<cfset oReq.signRequest(
oSignatureMethod = oReqSigMethodSHA,
oConsumer = oConsumer,
oToken = oToken)>

<cfhttp url="#oREQ.getString()#" method="get" result="tokenResponse"/>
<cfdump var="#tokenResponse#" />

And the results from the cfhttp is the 401 error

Answer 1

Without knowing anything about the Vimeo API, I had the same problem over oAuth when trying to send data via GET when a POST was required.