You need to sign in to do that
Don't have an account?
Signature Invalid Oauth Request
I am trying for the Oauth Code.It is Working fine with linkedin oauth api but when i try with the salesforce it throws an error 'Signature invalid'. I tried with the get and post methods but not able to resolve this methods.can anyone any idea about how to get the request token.
string stroauth_signature_method = "HMAC-SHA1";
string stroauth_version = "1.0";
string outUrl = "";
string querystring = "";
string consumerKey = "3MVG9Y6d_Btp4xp5HE.zoyjqpLRQO7n9twJD9LCyT6DAfnpxkv5EmtHIaxkM5duimUltRtubV8Aa4OexNatwT";
string consumerSecret = "1964943390161656075";
//Uri uri = new Uri(@"https://api.linkedin.com/uas/oauth/requestToken");
Uri uri = new Uri(@"https://login.salesforce.com/_nc_external/system/security/oauth/RequestTokenHandler");
Uri uri1 = new Uri(@"https://login.salesforce.com");
OAuthBase oAuth = new OAuthBase();
string nonce = oAuth.GenerateNonce();
string timeStamp = oAuth.GenerateTimeStamp();
string sig = oAuth.GenerateSignature(uri, consumerKey, consumerSecret, string.Empty, string.Empty, "POST", timeStamp, nonce,OAuth.OAuthBase.SignatureTypes.HMACSHA1, out outUrl, out querystring);
sig = HttpUtility.UrlEncode(sig);
StringBuilder sb = new StringBuilder();
sb.AppendFormat("oauth_consumer_key={0}", consumerKey);
sb.AppendFormat("&oauth_nonce={0}", nonce);
sb.AppendFormat("&oauth_signature_method={0}", stroauth_signature_method);
sb.AppendFormat("&oauth_signature={0}", sig);
sb.AppendFormat("&oauth_timestamp={0}", timeStamp);
sb.AppendFormat("&oauth_version={0}", stroauth_version);
sb.AppendFormat("&oauth_callback={0}", "oob");
//uri = new Uri(sb.ToString());
//sb.AppendFormat("&oauth_token={0}", "11111111");
HttpWebRequest request = System.Net.WebRequest.Create(uri.ToString()) as HttpWebRequest;
//HttpWebRequest request = (HttpWebRequest)WebRequest.Create(uri.ToString());
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
//request.Headers.Add("oauth_consumer_key", consumerKey);
//request.Headers.Add("oauth_nonce", nonce);
//request.Headers.Add("oauth_timestamp", timeStamp);
//request.Headers.Add("oauth_signature_method", stroauth_signature_method);
//request.Headers.Add("oauth_version", stroauth_version);
//request.Headers.Add("oauth_signature", sig);
//request.Headers.Add("oauth_callback", "oob");
request.Headers.Add("Authorization", "OAuth oauth_consumer_key=\"" + consumerKey + "\",oauth_signature_method=\"HMAC-SHA1\",oauth_signature=\"" + sig + "\",oauth_timestamp=\"" + "1191242096" + "\",oauth_nonce=\"" + nonce + "\", oauth_version=\"1.0\",oauth_callback=\"oob\"");
//request.Credentials = CredentialCache.DefaultCredentials;
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
//using (HttpWebResponse response = request.GetResponse() as HttpWebResponse)
//{
// using (TextReader reader = new StreamReader(response.GetResponseStream()))
// {
// ///oauthtokendata = HttpUtility.ParseQueryString(reader.ReadToEnd());
// }
//}
This is extremely low level stuff.
You know .Net provides classes to handle this for you right?
What are you trying to do, stream portions of the Salesforce interface in to your app or something?
(after the login call i mean)
This seems a little overkill if you ask me.
signature problems are one of the hardest part about oauth. my guess is that your signature base string isn't the same thing that salesforce is expecting. http://tools.ietf.org/html/rfc5849#section-3.4.1 i.e. you're not passing callback URL into your signature generating method, which looks suspicious.
also, i suggest using a higher level oauth library that hides away all the request/response handling.