Authentication Error, Prob With Oauth_signature

Discussion in 'Shapeways API' started by Abhijithz, Mar 15, 2017.

  1. Abhijithz
    Abhijithz New Member
    Hi,

    I have seen through the previous posts, i am trying to get access token so that i will be able to upload new models, i'm having error with the following request throwing authentication error.

    Im using the postman to check the api, and im facing the same issue authentication error

    I believe i have problem with generated oauth signature, How do i generate the oauth signature.

    How can i identify the where is the problem.
     

    Attached Files:

  2. imdaveho
    imdaveho Shapeways Employee Product Team
    @Abhijithz with Postman, you can head over to Authorization and choose OAuth 1.0. Insert the information there.

    What programming language are you using? Basically there are OAuth 1.0a libraries that does the encryption (signing) and formats the Authorization Header properly; which looks something like this:

    Authorization OAuth oauth_consumer_key=CONSUMER_KEY, oauth_signature_method="HMAC-SHA1", oauth_timestamp="1489594144", oauth_nonce="aVLGLNfCOf8", oauth_version="1.0", oauth_signature=SIGNATURE

    That's for the request_token/v1 endpoint. If that is a success, Shapeways will send you back an authorization URL, with a temporary oauth_token and oauth_token_secret which you will copy+paste into the browser (make sure to change the %2F and %3F to / and : respectively)

    Then you can login and authorize the client and get back a Verifier Code

    With the verifier, you can call /access_token/v1 with the oauth_token, oauth_token_secret + consumer_key and consumer_secret for the signature. Once that is complete, you should get your access token and secret.

    NOTE: if you just screenshotted an img with your consumer key and secret in that img, I recommend that you reset your credentials immediately.
     
  3. Abhijithz
    Abhijithz New Member
    Hi imdaveho,

    Your reply actually helped, still i'm i'm having problem.

    I'm Using ruby language and oauth gem is installed this is the command i used

    @consumer = OAuth::Consumer.new("key","secret", :site => "http://api.shapeways.com", :request_token_path => "/oauth1/request_token/v1", :http_method => :get)

    @request_token = @consumer.get_request_token

    and i got the authentication_url like you mentioned. and i visited the url in the browser and i authenticated the app, and got the verifier code

    Now i tried

    @request_token.get_access_token => gives me authentication error(OAuth::Unauthorized: 401 Unauthorized)

    Even i have checked the example provided by shapeways, it asks for access_token before even we got one
     
  4. imdaveho
    imdaveho Shapeways Employee Product Team
  5. Abhijithz
    Abhijithz New Member
    Hi @imdaveho ,

    I have checked the authorize ruby file in the example also the first part is ok, i have modified and got the result it says

    @consumer = OAuth::Consumer.new(consumer_key, consumer_secret, {:site=>url})

    i changed it to

    @consumer = OAuth::Consumer.new("key","secret", :site => "http://api.shapeways.com", :request_token_path => "/oauth1/request_token/v1", access_token_path => "/oauth1/access_token/v1", :http_method => :get)
    @request_token = @consumer.get_request_token

    the second part i was not able to change since oauth token and secret i havent got

    @accesstoken = OAuth::AccessToken.new(@consumer, access_token, access_secret) # this is from example

    So i checked the methods from @request_token -> get_access_token was present and then i gave

    @request_token.get_access_token and i got 401 unauthorized,

    I also checked the docs i'm having the same problem with this endpoint /oauth1/access_token/v1 unauthorized
     
  6. kirakira3D
    kirakira3D Member
    Hi @imdaveho and @Abhijithz,

    Did you ever make it work? I'm using the node-shapeways module and keep getting the 401 unauthorized as well, no matter what I try.
    I'm able to successfully get a token and a secret and send GET requests to the API, but whenever I try a POST (upload model, upload an image to a model etc), I get the unauthorized: invalid_signature response.
    Is there anything I might be missing?

    Thanks!
     
  7. imdaveho
    imdaveho Shapeways Employee Product Team
    @julial there are a few ways I could help:
    1. add more detail in this form: bit.ly/api-issues-form (with code snippets)
    2. join the shapeways community on slack: bit.ly/shapeways-community (it's more direct access)
    3. have you looking into the oauth documentation here: developers.shapeways.com/learn/understanding-authorization
     
  8. kirakira3D
    kirakira3D Member
    @imadeveho thanks for your reply!
    1. submitted the form
    2. joined slack
    3. yeah, I've been using this as a reference for oauth 1, but no luck so far. The oauth 2 credentials will be only available once I get approved for the order endpoint access, is that right?

    Here's a snippet that works only for GET and not POST, can you please take a look?

    client = new shapeways.client({
    consumerKey: process.env.SHAPEWAYS_PKEY,
    consumerSecret: process.env.SHAPEWAYS_SKEY,
    oauthToken: req.session.oauthToken,
    oauthSecret: req.session.oauthSecret,
    authorizationCallback: callb
    });
    var buffer = fs.readFileSync("file.stl");

    var params = {
    file: buffer,
    fileName:"test.stl",
    hasRightsToModel: 1,
    acceptTermsAndConditions: 1
    };

    //works
    client.getModels(function(err, response){
    console.log(response)
    });

    //401 invalid_signature
    client.addModel(params, function(err, response){
    if(err) console.log(err)
    else console.log(response)
    res.end();
    });


    Thank you
     
  9. kirakira3D
    kirakira3D Member
    Found a solution for oauth 1 in one of the node-shapeways repo's pull requests - link.
    Oauth 2 is not working with the consumer key and secret, though - client_id not found. Do I have to obtain them separately after all?

    Thanks!