OAuth Signature implemented through Java code












0














I need to generate an OAuth 1.0 signature.



Four params are provided by end system (Not flicker):




  • oauth_consumer_key

  • oauth_consumer_secret

  • oauth_token_secret

  • oauth_token


I have used the below Java code to generate the signature. Signature got generated. But when I am trying to use the signature to call the end system API, it is throwing "Invalid Signature".



Where I am going wrong in the code?



package oauth;

import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URLEncoder;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.List;

import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

import org.apache.commons.codec.binary.Base64;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIUtils;
import org.apache.http.client.utils.URLEncodedUtils;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;

/**
* a simple program to get flickr token and token secret.
*
* @author Mark Zang
*
*/
public class OAuthForFlickr {

private static String conskey = "myconskey";
private static String conssecret = "myconssecret";
private static String tokensecret = "mytokensecret";
private static String token = "mytoken";

private static final String HMAC_SHA1 = "HmacSHA1";

private static final String ENC = "UTF-8";

private static Base64 base64 = new Base64();

/**
*
* @param url
* the url for "request_token" URLEncoded.
* @param params
* parameters string, URLEncoded.
* @return
* @throws UnsupportedEncodingException
* @throws NoSuchAlgorithmException
* @throws InvalidKeyException
*/
private static String getSignature(String url, String params)
throws UnsupportedEncodingException, NoSuchAlgorithmException,
InvalidKeyException {
/**
* base has three parts, they are connected by "&": 1) protocol 2) URL
* (need to be URLEncoded) 3) Parameter List (need to be URLEncoded).
*/
StringBuilder base = new StringBuilder();
base.append("POST&");
base.append(url);
base.append("&");
base.append(params);
System.out.println("Base String for oauth_signature generation:" + base);
byte keyBytes = (token + "&").getBytes(ENC);

SecretKey key = new SecretKeySpec(keyBytes, HMAC_SHA1);

Mac mac = Mac.getInstance(HMAC_SHA1);
mac.init(key);

// encode it, base64 it, change it to string and return.
return new String(base64.encode(mac.doFinal(base.toString().getBytes(
ENC))), ENC).trim();
}

/**
* @param args
* @throws IOException
* @throws ClientProtocolException
* @throws URISyntaxException
* @throws NoSuchAlgorithmException
* @throws InvalidKeyException
*/
public static void main(String args) throws ClientProtocolException,
IOException, URISyntaxException, InvalidKeyException,
NoSuchAlgorithmException {

HttpClient httpclient = new DefaultHttpClient();
List<NameValuePair> qparams = new ArrayList<NameValuePair>();
// These params should ordered in key
// qparams.add(new BasicNameValuePair("oauth_callback", "oob"));
qparams.add(new BasicNameValuePair("oauth_consumer_key", conskey));
qparams.add(new BasicNameValuePair("oauth_consumer_secret", conssecret));
qparams.add(new BasicNameValuePair("oauth_token_secret", tokensecret));
qparams.add(new BasicNameValuePair("oauth_nonce", ""
+ (int) (Math.random() * 100000000)));
qparams.add(new BasicNameValuePair("oauth_signature_method",
"HMAC-SHA1"));
qparams.add(new BasicNameValuePair("oauth_timestamp", ""
+ (System.currentTimeMillis() / 1000)));
//qparams.add(new BasicNameValuePair("oauth_version", "1.0"));
qparams.add(new BasicNameValuePair("oauth_token", token));
// generate the oauth_signature
String signature = getSignature(URLEncoder.encode(
"myRestAPI", ENC),
URLEncoder.encode(URLEncodedUtils.format(qparams, ENC), ENC));

// add it to params list
qparams.add(new BasicNameValuePair("oauth_signature", signature));

// generate URI which lead to access_token and token_secret.
URI uri = URIUtils.createURI("http", "10.202.3.15", -1,
"/RestAPI",
URLEncodedUtils.format(qparams, ENC), null);

System.out.println("Get Token and Token Secrect from:"
+ uri.toString());


}
}









share|improve this question






















  • Issue was resolved by implementing signpost java code
    – Sharlette
    Dec 17 '18 at 5:04
















0














I need to generate an OAuth 1.0 signature.



Four params are provided by end system (Not flicker):




  • oauth_consumer_key

  • oauth_consumer_secret

  • oauth_token_secret

  • oauth_token


I have used the below Java code to generate the signature. Signature got generated. But when I am trying to use the signature to call the end system API, it is throwing "Invalid Signature".



Where I am going wrong in the code?



package oauth;

import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URLEncoder;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.List;

import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

import org.apache.commons.codec.binary.Base64;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIUtils;
import org.apache.http.client.utils.URLEncodedUtils;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;

/**
* a simple program to get flickr token and token secret.
*
* @author Mark Zang
*
*/
public class OAuthForFlickr {

private static String conskey = "myconskey";
private static String conssecret = "myconssecret";
private static String tokensecret = "mytokensecret";
private static String token = "mytoken";

private static final String HMAC_SHA1 = "HmacSHA1";

private static final String ENC = "UTF-8";

private static Base64 base64 = new Base64();

/**
*
* @param url
* the url for "request_token" URLEncoded.
* @param params
* parameters string, URLEncoded.
* @return
* @throws UnsupportedEncodingException
* @throws NoSuchAlgorithmException
* @throws InvalidKeyException
*/
private static String getSignature(String url, String params)
throws UnsupportedEncodingException, NoSuchAlgorithmException,
InvalidKeyException {
/**
* base has three parts, they are connected by "&": 1) protocol 2) URL
* (need to be URLEncoded) 3) Parameter List (need to be URLEncoded).
*/
StringBuilder base = new StringBuilder();
base.append("POST&");
base.append(url);
base.append("&");
base.append(params);
System.out.println("Base String for oauth_signature generation:" + base);
byte keyBytes = (token + "&").getBytes(ENC);

SecretKey key = new SecretKeySpec(keyBytes, HMAC_SHA1);

Mac mac = Mac.getInstance(HMAC_SHA1);
mac.init(key);

// encode it, base64 it, change it to string and return.
return new String(base64.encode(mac.doFinal(base.toString().getBytes(
ENC))), ENC).trim();
}

/**
* @param args
* @throws IOException
* @throws ClientProtocolException
* @throws URISyntaxException
* @throws NoSuchAlgorithmException
* @throws InvalidKeyException
*/
public static void main(String args) throws ClientProtocolException,
IOException, URISyntaxException, InvalidKeyException,
NoSuchAlgorithmException {

HttpClient httpclient = new DefaultHttpClient();
List<NameValuePair> qparams = new ArrayList<NameValuePair>();
// These params should ordered in key
// qparams.add(new BasicNameValuePair("oauth_callback", "oob"));
qparams.add(new BasicNameValuePair("oauth_consumer_key", conskey));
qparams.add(new BasicNameValuePair("oauth_consumer_secret", conssecret));
qparams.add(new BasicNameValuePair("oauth_token_secret", tokensecret));
qparams.add(new BasicNameValuePair("oauth_nonce", ""
+ (int) (Math.random() * 100000000)));
qparams.add(new BasicNameValuePair("oauth_signature_method",
"HMAC-SHA1"));
qparams.add(new BasicNameValuePair("oauth_timestamp", ""
+ (System.currentTimeMillis() / 1000)));
//qparams.add(new BasicNameValuePair("oauth_version", "1.0"));
qparams.add(new BasicNameValuePair("oauth_token", token));
// generate the oauth_signature
String signature = getSignature(URLEncoder.encode(
"myRestAPI", ENC),
URLEncoder.encode(URLEncodedUtils.format(qparams, ENC), ENC));

// add it to params list
qparams.add(new BasicNameValuePair("oauth_signature", signature));

// generate URI which lead to access_token and token_secret.
URI uri = URIUtils.createURI("http", "10.202.3.15", -1,
"/RestAPI",
URLEncodedUtils.format(qparams, ENC), null);

System.out.println("Get Token and Token Secrect from:"
+ uri.toString());


}
}









share|improve this question






















  • Issue was resolved by implementing signpost java code
    – Sharlette
    Dec 17 '18 at 5:04














0












0








0







I need to generate an OAuth 1.0 signature.



Four params are provided by end system (Not flicker):




  • oauth_consumer_key

  • oauth_consumer_secret

  • oauth_token_secret

  • oauth_token


I have used the below Java code to generate the signature. Signature got generated. But when I am trying to use the signature to call the end system API, it is throwing "Invalid Signature".



Where I am going wrong in the code?



package oauth;

import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URLEncoder;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.List;

import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

import org.apache.commons.codec.binary.Base64;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIUtils;
import org.apache.http.client.utils.URLEncodedUtils;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;

/**
* a simple program to get flickr token and token secret.
*
* @author Mark Zang
*
*/
public class OAuthForFlickr {

private static String conskey = "myconskey";
private static String conssecret = "myconssecret";
private static String tokensecret = "mytokensecret";
private static String token = "mytoken";

private static final String HMAC_SHA1 = "HmacSHA1";

private static final String ENC = "UTF-8";

private static Base64 base64 = new Base64();

/**
*
* @param url
* the url for "request_token" URLEncoded.
* @param params
* parameters string, URLEncoded.
* @return
* @throws UnsupportedEncodingException
* @throws NoSuchAlgorithmException
* @throws InvalidKeyException
*/
private static String getSignature(String url, String params)
throws UnsupportedEncodingException, NoSuchAlgorithmException,
InvalidKeyException {
/**
* base has three parts, they are connected by "&": 1) protocol 2) URL
* (need to be URLEncoded) 3) Parameter List (need to be URLEncoded).
*/
StringBuilder base = new StringBuilder();
base.append("POST&");
base.append(url);
base.append("&");
base.append(params);
System.out.println("Base String for oauth_signature generation:" + base);
byte keyBytes = (token + "&").getBytes(ENC);

SecretKey key = new SecretKeySpec(keyBytes, HMAC_SHA1);

Mac mac = Mac.getInstance(HMAC_SHA1);
mac.init(key);

// encode it, base64 it, change it to string and return.
return new String(base64.encode(mac.doFinal(base.toString().getBytes(
ENC))), ENC).trim();
}

/**
* @param args
* @throws IOException
* @throws ClientProtocolException
* @throws URISyntaxException
* @throws NoSuchAlgorithmException
* @throws InvalidKeyException
*/
public static void main(String args) throws ClientProtocolException,
IOException, URISyntaxException, InvalidKeyException,
NoSuchAlgorithmException {

HttpClient httpclient = new DefaultHttpClient();
List<NameValuePair> qparams = new ArrayList<NameValuePair>();
// These params should ordered in key
// qparams.add(new BasicNameValuePair("oauth_callback", "oob"));
qparams.add(new BasicNameValuePair("oauth_consumer_key", conskey));
qparams.add(new BasicNameValuePair("oauth_consumer_secret", conssecret));
qparams.add(new BasicNameValuePair("oauth_token_secret", tokensecret));
qparams.add(new BasicNameValuePair("oauth_nonce", ""
+ (int) (Math.random() * 100000000)));
qparams.add(new BasicNameValuePair("oauth_signature_method",
"HMAC-SHA1"));
qparams.add(new BasicNameValuePair("oauth_timestamp", ""
+ (System.currentTimeMillis() / 1000)));
//qparams.add(new BasicNameValuePair("oauth_version", "1.0"));
qparams.add(new BasicNameValuePair("oauth_token", token));
// generate the oauth_signature
String signature = getSignature(URLEncoder.encode(
"myRestAPI", ENC),
URLEncoder.encode(URLEncodedUtils.format(qparams, ENC), ENC));

// add it to params list
qparams.add(new BasicNameValuePair("oauth_signature", signature));

// generate URI which lead to access_token and token_secret.
URI uri = URIUtils.createURI("http", "10.202.3.15", -1,
"/RestAPI",
URLEncodedUtils.format(qparams, ENC), null);

System.out.println("Get Token and Token Secrect from:"
+ uri.toString());


}
}









share|improve this question













I need to generate an OAuth 1.0 signature.



Four params are provided by end system (Not flicker):




  • oauth_consumer_key

  • oauth_consumer_secret

  • oauth_token_secret

  • oauth_token


I have used the below Java code to generate the signature. Signature got generated. But when I am trying to use the signature to call the end system API, it is throwing "Invalid Signature".



Where I am going wrong in the code?



package oauth;

import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URLEncoder;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.List;

import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

import org.apache.commons.codec.binary.Base64;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIUtils;
import org.apache.http.client.utils.URLEncodedUtils;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;

/**
* a simple program to get flickr token and token secret.
*
* @author Mark Zang
*
*/
public class OAuthForFlickr {

private static String conskey = "myconskey";
private static String conssecret = "myconssecret";
private static String tokensecret = "mytokensecret";
private static String token = "mytoken";

private static final String HMAC_SHA1 = "HmacSHA1";

private static final String ENC = "UTF-8";

private static Base64 base64 = new Base64();

/**
*
* @param url
* the url for "request_token" URLEncoded.
* @param params
* parameters string, URLEncoded.
* @return
* @throws UnsupportedEncodingException
* @throws NoSuchAlgorithmException
* @throws InvalidKeyException
*/
private static String getSignature(String url, String params)
throws UnsupportedEncodingException, NoSuchAlgorithmException,
InvalidKeyException {
/**
* base has three parts, they are connected by "&": 1) protocol 2) URL
* (need to be URLEncoded) 3) Parameter List (need to be URLEncoded).
*/
StringBuilder base = new StringBuilder();
base.append("POST&");
base.append(url);
base.append("&");
base.append(params);
System.out.println("Base String for oauth_signature generation:" + base);
byte keyBytes = (token + "&").getBytes(ENC);

SecretKey key = new SecretKeySpec(keyBytes, HMAC_SHA1);

Mac mac = Mac.getInstance(HMAC_SHA1);
mac.init(key);

// encode it, base64 it, change it to string and return.
return new String(base64.encode(mac.doFinal(base.toString().getBytes(
ENC))), ENC).trim();
}

/**
* @param args
* @throws IOException
* @throws ClientProtocolException
* @throws URISyntaxException
* @throws NoSuchAlgorithmException
* @throws InvalidKeyException
*/
public static void main(String args) throws ClientProtocolException,
IOException, URISyntaxException, InvalidKeyException,
NoSuchAlgorithmException {

HttpClient httpclient = new DefaultHttpClient();
List<NameValuePair> qparams = new ArrayList<NameValuePair>();
// These params should ordered in key
// qparams.add(new BasicNameValuePair("oauth_callback", "oob"));
qparams.add(new BasicNameValuePair("oauth_consumer_key", conskey));
qparams.add(new BasicNameValuePair("oauth_consumer_secret", conssecret));
qparams.add(new BasicNameValuePair("oauth_token_secret", tokensecret));
qparams.add(new BasicNameValuePair("oauth_nonce", ""
+ (int) (Math.random() * 100000000)));
qparams.add(new BasicNameValuePair("oauth_signature_method",
"HMAC-SHA1"));
qparams.add(new BasicNameValuePair("oauth_timestamp", ""
+ (System.currentTimeMillis() / 1000)));
//qparams.add(new BasicNameValuePair("oauth_version", "1.0"));
qparams.add(new BasicNameValuePair("oauth_token", token));
// generate the oauth_signature
String signature = getSignature(URLEncoder.encode(
"myRestAPI", ENC),
URLEncoder.encode(URLEncodedUtils.format(qparams, ENC), ENC));

// add it to params list
qparams.add(new BasicNameValuePair("oauth_signature", signature));

// generate URI which lead to access_token and token_secret.
URI uri = URIUtils.createURI("http", "10.202.3.15", -1,
"/RestAPI",
URLEncodedUtils.format(qparams, ENC), null);

System.out.println("Get Token and Token Secrect from:"
+ uri.toString());


}
}






java oauth signature






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Nov 23 '18 at 12:31









Sharlette

11




11












  • Issue was resolved by implementing signpost java code
    – Sharlette
    Dec 17 '18 at 5:04


















  • Issue was resolved by implementing signpost java code
    – Sharlette
    Dec 17 '18 at 5:04
















Issue was resolved by implementing signpost java code
– Sharlette
Dec 17 '18 at 5:04




Issue was resolved by implementing signpost java code
– Sharlette
Dec 17 '18 at 5:04

















active

oldest

votes











Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53446773%2foauth-signature-implemented-through-java-code%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown






























active

oldest

votes













active

oldest

votes









active

oldest

votes






active

oldest

votes
















draft saved

draft discarded




















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.





Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


Please pay close attention to the following guidance:


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53446773%2foauth-signature-implemented-through-java-code%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

A CLEAN and SIMPLE way to add appendices to Table of Contents and bookmarks

Calculate evaluation metrics using cross_val_predict sklearn

Insert data from modal to MySQL (multiple modal on website)