signature_invalid in Google API
-
I am developing Google app (with oauth 1.0)that retrieve google contatcs but i got error : signature_invalid please help me Thx in advance
function GetRequestToken()
{
$consumer = 'YOUR_CONSUMER_KEY';
$secret = 'YOUR_CONSUMER_SECRETE';
$callback = 'http://localhost/Gcontacts/welcome/redirection';
$sign_method = 'HMAC-SHA1';
$version = '1.0';
$scope = 'https://www.google.com/m8/feeds/';
$path = "/accounts/OAuthGetRequestToken";
$mt = microtime();
$rand = mt_rand();
$nonce = md5($mt.$rand);
$time = time();
$url = 'https://www.google.com/accounts/OAuthGetRequestToken';
$post = array(
'oauth_callback' => $callback,
'oauth_consumer_key' => $consumer,
'oauth_nonce' => $nonce,
'oauth_signature_method' => $sign_method,
'oauth_timestamp' => $time,
'oauth_version' => $version,
'scope' => $scope
);
$post_string1 = '';
foreach($post as $key => $value)
{
$post_string1 .= $key.'='.($value).'&';
}
$post_string1 = trim($post_string1, '&');$key\_part = $this->urlencodeRFC3986($secret); $key = $key\_part; $base\_string = $this->calculateBaseString($scope, "GET", $post); echo $base\_string; $signature = base64\_encode(hash\_hmac('sha1', $base\_string, $key,true)); $post\_string1 .= 'oauth\_signature'.'='.urlencode($signature); $post\['oauth\_signature'\] = $signature; $header\[\] = 'POST'.$path.'?scope='.$scope.' HTTP/1.1'; $header\[\] = 'Content-Type: application/x-www-form-urlencoded'; $header\[\] = 'Accept: \*/\*'; $header\[\] = $this->calculateHeader($post).', Content-Type: application/x-www-form-urlencoded ,Host: www.google.com'; $ch = curl\_init(); curl\_setopt($ch, CURLOPT\_POSTFIELDS, $post\_string1); curl\_setopt($ch, CURLOPT\_HTTPHEADER, $header); curl\_setopt($ch, CURLOPT\_URL, $url); curl\_setopt($ch, CURLOPT\_POSTFIELDS, 'scope='.$scope); curl\_setopt($ch, CURLOPT\_SSL\_VERIFYPEER,false); curl\_setopt($ch, CURLOPT\_POST,1); curl\_setopt($ch, CURLOPT\_RETURNTRANSFER, true); curl\_setopt($ch, CURLOPT\_FOLLOWLOCATION, true); $result = curl\_exec($ch); curl\_close($ch);}
private static function urlencode_rfc3986($value)
{
if(is_array($value)) return array_map(array('Welcome_model', 'urlencode_rfc3986'), $value);
else
{
$search = array('+', ' ', '%7E', '%');
$replace = array('%20', '%20', '~', '%25');return str\_replace($search, $replace, urlencode($value)); } }function calculateBaseString($url, $method, array $parameters)
{
$url = (string) $url; -
I am developing Google app (with oauth 1.0)that retrieve google contatcs but i got error : signature_invalid please help me Thx in advance
function GetRequestToken()
{
$consumer = 'YOUR_CONSUMER_KEY';
$secret = 'YOUR_CONSUMER_SECRETE';
$callback = 'http://localhost/Gcontacts/welcome/redirection';
$sign_method = 'HMAC-SHA1';
$version = '1.0';
$scope = 'https://www.google.com/m8/feeds/';
$path = "/accounts/OAuthGetRequestToken";
$mt = microtime();
$rand = mt_rand();
$nonce = md5($mt.$rand);
$time = time();
$url = 'https://www.google.com/accounts/OAuthGetRequestToken';
$post = array(
'oauth_callback' => $callback,
'oauth_consumer_key' => $consumer,
'oauth_nonce' => $nonce,
'oauth_signature_method' => $sign_method,
'oauth_timestamp' => $time,
'oauth_version' => $version,
'scope' => $scope
);
$post_string1 = '';
foreach($post as $key => $value)
{
$post_string1 .= $key.'='.($value).'&';
}
$post_string1 = trim($post_string1, '&');$key\_part = $this->urlencodeRFC3986($secret); $key = $key\_part; $base\_string = $this->calculateBaseString($scope, "GET", $post); echo $base\_string; $signature = base64\_encode(hash\_hmac('sha1', $base\_string, $key,true)); $post\_string1 .= 'oauth\_signature'.'='.urlencode($signature); $post\['oauth\_signature'\] = $signature; $header\[\] = 'POST'.$path.'?scope='.$scope.' HTTP/1.1'; $header\[\] = 'Content-Type: application/x-www-form-urlencoded'; $header\[\] = 'Accept: \*/\*'; $header\[\] = $this->calculateHeader($post).', Content-Type: application/x-www-form-urlencoded ,Host: www.google.com'; $ch = curl\_init(); curl\_setopt($ch, CURLOPT\_POSTFIELDS, $post\_string1); curl\_setopt($ch, CURLOPT\_HTTPHEADER, $header); curl\_setopt($ch, CURLOPT\_URL, $url); curl\_setopt($ch, CURLOPT\_POSTFIELDS, 'scope='.$scope); curl\_setopt($ch, CURLOPT\_SSL\_VERIFYPEER,false); curl\_setopt($ch, CURLOPT\_POST,1); curl\_setopt($ch, CURLOPT\_RETURNTRANSFER, true); curl\_setopt($ch, CURLOPT\_FOLLOWLOCATION, true); $result = curl\_exec($ch); curl\_close($ch);}
private static function urlencode_rfc3986($value)
{
if(is_array($value)) return array_map(array('Welcome_model', 'urlencode_rfc3986'), $value);
else
{
$search = array('+', ' ', '%7E', '%');
$replace = array('%20', '%20', '~', '%25');return str\_replace($search, $replace, urlencode($value)); } }function calculateBaseString($url, $method, array $parameters)
{
$url = (string) $url;You need to be very careful while doing this sort of thing - any little errors are going to break it, and can be hard to track down. A few I've spotted are:
- You have the 'scope' parameter out of sequence when building the data to sign. Data must be ordered alphabetically by key for the oauth signature to be correct.
- You use "GET" as a parameter for calculateBaseString although you're using POST
- You miss out the & delimiter when adding the oauth_signature
- You call curl_setopt($ch, CURLOPT_POSTFIELDS twice, overwriting the OAuth signed data with a single parameter.
It's very possible there are other errors I've not spotted. Niall