Hi Everyone,

I am looking into the NING API for a friend, and I am having some problems with step one. I feel embarrassed but I don't know what the problem is. I have gotten the Consumer key and the Consumer secret.

I use this command with my own email, the consumer key and secret I have gotten from my friend and the correct subdomain.

 

curl -u admin@example.com \

-d 'oauth_signature_method=PLAINTEXT&oauth_consumer_key=0d716e57-5ada-4b29-a33c-2f4af1b26837&oauth_signature=f0963fa5-1259-434f-86fc-8a17d14b16ca%26' \
'https://external.ningapis.com/xn/rest/apiexample/1.0/Token?xn_pretty=true'

 

But I still get this:

{
"success" : false,
"reason" : "The oauth_signature is invalid. That is, it doesn't match the signature computed by the Service Provider.",
"status" : 401,
"code" : 1,
"subcode" : 12,
"trace" : "e8bfe2a6-b71f-47c3-8bcb-87c32f6c7cf4"
}

 

oauth_signature is invalid... We have tried several keys, but still get this respons every time.

What am I missing ????

 

Thanks a lot,

Jens

 

 

 

Views: 1435

Reply to This

Replies to This Discussion

now I have created a test network http://bjtest.ning.com, that I admin myself to see if it is a permission problem. But I get the same responds...

I have tried the PHP API with the example in the documentation but first I got:

[15-Mar-2011 07:58:21] PHP Fatal error: Uncaught cURL error: SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
thrown in /Applications/MAMP/htdocs/NingApi.php on line 205

Then I added:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);

Now I just get nothing. No errors or anything ???

The certificate verification error you receive is caused by MAMP. By default MAMP doesn't come with a ca-bundle (certificate bundle). Check out this SSL MAMP tutorial to fix it.

 

As for your "oauth_signature is invalid error", can you send me a private message with the exact command you are using?

Hi Devin,

Did you find anything from the message I send you ?

Thanks,

Jens

For your Objective-C code that you sent me, I believe the issue is that you are trying to send the OAuth data via an 'Authorization' header during the Token request. You need to send the OAuth information as POST data for a Token request and use a 'Basic access authentication', 'Authentication' header.

I think your code is trying to send two Authentication headers: Basic access auth and OAuth.

 

Let me know if you need me to explain it a different way, OAuth is tricky.

I'm having the same issue, in php. Here's my code:

 

require_once('/...path.../ning-ning-api-php-e6e9a54/src/NingApi.php');


$email = 'email@email.com';$password = 'password';

$ningApi = new NingApi();

echo"<br>1<br>";

$result = $ningApi->login($email, $password);

echo"<br>2<br>";

print_r($result);

With the output:

 



1

Fatal error: Uncaught The oauth_signature is invalid. That is, it doesn't match the signature computed by the Service Provider. (401) 1-12 thrown in /home/...path.../ning-ning-api-php-e6e9a54/src/NingException.php on line 56

 

 


 

It's probably something really obvious and silly, but I can't figure it out for the life of me. It will tell me if the username or password are incorrect, so it's obviously working to some extent, but why don't the oauth_signatures match? Is it an outdated version of the php code? Odd thing is, that I've already got some of the api up and running, I didn't need the login bit for that though, and it is fine with all the various secrets and signatures.

 

Any help would be very welcome!

 

Thanks :)

 

Hi Chris,

Try this:

$ningApi = new NingApi($subdomain, $consumer_key, $consumer_secret);

 

ohh and the login returns blank, add this to the login function 

 

var_dump($json);
return $result;

 

then you can see if you get the right reply. So you can simply return the json.

 

Jens H. Nielsen said:

Hi Chris,

Try this:

$ningApi = new NingApi($subdomain, $consumer_key, $consumer_secret);

 

 

I found the problem. I put up a proxy between my mac and NING. The problem is that it sends two requests instead of combining them into one. I did only get debug information for the second request. When I have some time, I will change the code.

This is a complete hobby project so I can't devote much time to it. But we love our hobby projects he he

Devin said:

For your Objective-C code that you sent me, I believe the issue is that you are trying to send the OAuth data via an 'Authorization' header during the Token request. You need to send the OAuth information as POST data for a Token request and use a 'Basic access authentication', 'Authentication' header.

I think your code is trying to send two Authentication headers: Basic access auth and OAuth.

 

Let me know if you need me to explain it a different way, OAuth is tricky.

Thanks Jens. I added those things into the "new NingApi" line, though I have already added them to NingApi.php in the appropriate places. I also added those two lines at the end of the login function in NingApi.php

 

The result is only a tiny bit different unfortunately:

 


 

NULL 
1

Fatal error: Uncaught The oauth_signature is invalid. That is, it doesn't match the signature computed by the Service Provider. (401) 1-12 thrown in /home/.../ning-ning-api-php-e6e9a54/src/NingException.php on line 56

 


 

I assume the new NULL is the response from the extra lines in the login function?

 

If I put an incorrect password in, we get:

 

 


 

NULL 
1

Fatal error: Uncaught Invalid password (401) 1-24 thrown in /home/.../ning-ning-api-php-e6e9a54/src/NingException.php on line 56

 


 

I'm wondering if the problem is that I need to tell something where to find the public and private certificates...? Would this make a difference, and which should be where? (Should the public one be on Ning's servers, and the private one on mine? I do have one, I think, for the OpenSocial oauth routines, would it be the same one, or am I horribly confusing everything here?

 

Thanks for the help Jens!

After a bit of debugging, it seems that calling "new NingApi" triggers a login with the default username / password, which is successful. Then calling "->login" triggers another login, which is unsuccessful.

 

Turns out I need to call:

 

$ningApi = new NingApi($subdomain, $consumer_key, $consumer_secret, $email, $password);

 

and then I don't need to call "login" separately - the constructor has already done it. Nice one Jens!

 

Now all I need to do is work out how this non-admin user can retrieve their own profile info. I keep getting the error "Only administrators can view email address of members (403) 2-4" when using

 

$NingUser= new NingUserTest();

$userObj = $NingUser->testFetch('screenname');

 

where screenname is the screenname of the signed in user. It doesn't appear to be in the $ningApi object... I'll get there, but if anyone has any helpful hints like Jens did it would be great!

By default, the Ning API library requests the 'email' field. This field is only accessible to the Network Creator to prevent malicious members from harvesting email addresses. You can remove this field from the request by editing the $extraFields array found in the objects/NingUser.php file.

Devin,

I tried to access the API through poster, and I got an error message similar to the above:

The oauth_signature is invalid. That is, it doesn't match the signature computed by the Service Provider.

As an oauth_signature I used the consumer secret I got at the page http://test-60e19eo4d305919359c2.ning.com/main/extend/keys of my test network.

Is that wrong? What should I use instead?

I'm totally a newbie at Oauth, so I guess it's probably something very stupid on my side.

I attach below the screenshots of the POST I sent out and the resulting response.

Thanks in advance for your support.

Attachments:

Reply to Discussion

RSS

Blog Posts

Getting Started

Posted by Kyle Ford on October 13, 2010 at 8:00am 3 Comments

A Note on API Pricing

Posted by Phil McCluskey on October 1, 2010 at 8:55am 0 Comments

Welcome to Build!

Posted by Kyle Ford on September 30, 2010 at 8:30pm 1 Comment

Ning Status

All systems Go!

All Ning Networks are fully operational and speedy. Things are humming along nicely.

© 2017   Created by Build Team.   Powered by

Badges  |  Report an Issue  |  Terms of Service