function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
catch_the_cloudcatch_the_cloud 

OAUTH problems

Hi -

 

I have been trying for awhile to get oauth working between salesforce and my application.  I have experience getting oauth to work with Twitter and Youtube, so I figured this would be easy... 

 

BTW, I have set up Remote Access in my salesforce setup.  

 

I'm having problems on the very first step of the oauth process. This is what I am sending to get the RequestToken (I added the returns for clarity after the &'s)

 

https://login.salesforce.com/_nc_external/system/security/oauth/RequestTokenHandler?oauth_consumer_key=<My key>&
oauth_nonce=8114382&
oauth_signature_method=HMAC-SHA1&
oauth_timestamp=1266716665&
oauth_version=1.0&
oauth_callback=https%3A%2F%2Fwww.catchthecloud.com%2FSalesforceOAuth.aspx&
oauth_signature=fH85OWR29G3IXSp1sc3uf4WMD7w%3D

 

This seems to be correct as per: https://ap1.salesforce.com/help/doc/user_ed.jsp?loc=help&section=help&hash=access_data&target=remoteaccess_authenticate.htm

 

However, I'm getting a 400 - bad request error when sending it.

 

The C# code that I am using to generate this string is as follows:

 

   

Uri uri = new Uri("https://login.salesforce.com/"); string nonce = this.GenerateNonce(); string timeStamp = this.GenerateTimeStamp(); //Generate Signature string sig = this.GenerateSignature(uri, this.ConsumerKey, this.ConsumerSecret, this.Token, this.TokenSecret, method.ToString(), timeStamp, nonce, out outUrl, out querystring); querystring += "&" + this.UrlEncode("oauth_callback") + "=" + this.UrlEncode("https://www.catchthecloud.com/SalesforceOAuth.aspx"); querystring += "&" + this.UrlEncode("oauth_signature") + "=" + this.UrlEncode(sig); NameValueCollection oauthtokendata = null; HttpWebRequest request = System.Net.WebRequest.Create(url+"?"+querystring) as HttpWebRequest; using (HttpWebResponse response = request.GetResponse() as HttpWebResponse) { using (TextReader reader = new StreamReader(response.GetResponseStream())) { oauthtokendata = HttpUtility.ParseQueryString(reader.ReadToEnd()); } }

 

Towards the bottom of this code, I do a call to request.GetResponse(), and that's where it dies.  If I take the string that's been created and stick it in the address bar of a browser, I get the following response:

 

 1702Failed: Missing Consumer Key Parameter

 

 

On the first line of this code, --
Uri uri = new Uri("https://login.salesforce.com/");

 

 

 I have used several variations of Uri's in attempts to make this work, including https://login.salesforce.com/_nc_external/system/security/oauth/RequestTokenHandler, but nothing seems to work.

 

 

 

 

 

 

So -- hopefully someone can give me a tip to get this thing to work... I feel like I'm pretty close!

 

 

 

Thanks,

Beth 

 

 

 

 

 

 

 

catch_the_cloudcatch_the_cloud
<bump> any thoughts?
willywuwillywu

try removing the trailing slash in the URI, similar to http://bit.ly/bTmohG

catch_the_cloudcatch_the_cloud

Thanks for the tip -- but it doesn't work either -- I'm amazed how difficult this has been.

 

I have also tried adding an Authorization header:

 

webRequest.Headers.Add("Authorization", "OAuth oauth_consumer_key=\"" + this.ConsumerKey + "\",oauth_signature_method=\"HMAC-SHA1\",oauth_signature=\"" + HttpUtility.UrlEncode(sig) + "\",oauth_timestamp=\"" + timeStamp + "\",oauth_nonce=\"" + nonce + "\", oauth_version=\"1.0\"");

 

 I've also tried sending via GET and POST -- with and without the Authorization header, with the same awful result.  Also -- I changed the signature code to also include the callback in the signature - I've seen other systems that were implemented that way (I have changed this back though).

 

Any other ideas?  My boss is really annoyed this isn't done yet -- grrrr...

 

 

Beth

 

gliderjockeygliderjockey

I don't know if this has been resolved or not yet, but I experienced this same error as well. I managed to get it to work by adding the oauth_consumer_key and value to the querystring. I didn't use any authorization header.

 

Steve