![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
I'm try to authenticate with Yahoo's OAuth system.
I've successfully gotten a request token, launched a popup that forces a user to log in to their yahoo account, and approve my application. The next step in the process is to refresh the access token. Yahoo's documentation on this process is seen here. I'm running in to an error, "signature_invalid".
Line 117 in OAuthRequester.php is the following (bolded):
Here's the example of Yahoo's request:
Here's an example of one of my requests going out:
For the oauth_signature, it's the application secret + oauth_token_secret. I've tried all combinations of HMAC-SHA1/PLAINTEXT and concat'ing with '&' and '%26', all to no avail.
Does anyone have any ideas?
I've successfully gotten a request token, launched a popup that forces a user to log in to their yahoo account, and approve my application. The next step in the process is to refresh the access token. Yahoo's documentation on this process is seen here. I'm running in to an error, "signature_invalid".
Line 117 in OAuthRequester.php is the following (bolded):
Here's the example of Yahoo's request:
Code:
https://api.login.yahoo.com/oauth/v2/get_token?oauth_consumer_key=dj0yJmk9NG5USlVvTlZsZEpnJmQ9WVdrOVQwazFPRUozTkc4bWNHozlNVE13TXprM01UUTBNZy0tJnM9Y29uc3VtZXJzZWNyZXQmeD1kNg--
&oauth_signature_method=PLAINTEXT
&oauth_version=1.0
&oauth_verifier=svmhhd
&oauth_token=gugucz&oauth_timestamp=1228169662
&oauth_nonce=8B9SpF
&oauth_signature=5f78507cf0acc38890cf5aa697210822e90c8b1c%261fa61b464613d0d32de80089fe099caf34c9dac5Here's an example of one of my requests going out:
Code:
https://api.login.yahoo.com/oauth/v2/get_token?oauth_consumer_key=dj0yJmk9S0tNZllnTXhhd01ZJmQ9WVdrOU9XVkpUVFZoTm5NbWNHbzlPRE0zTlRVek5qWXkmcz1jb25zdW1lcnNlY3JldCZ4PWQ3
&oauth_signature_method=HMAC-SHA1
&oauth_version=1.0
&oauth_verifier=taxyvk
&oauth_token=uakang3
&oauth_timestamp=1284601463
&oauth_nonce=674252535b2090cd50b6a1b5ed476e70
&oauth_signature=XXXXXXXXXXX54523a68c44856ae3d37bd&1570235115365e9ea16787fc2344fb07070e9000For the oauth_signature, it's the application secret + oauth_token_secret. I've tried all combinations of HMAC-SHA1/PLAINTEXT and concat'ing with '&' and '%26', all to no avail.
Does anyone have any ideas?