Announcement

Collapse
No announcement yet.

crypto_hmac_sha1() and oauth

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    crypto_hmac_sha1() and oauth

    Has anyone successfully managed to get Oauth working with Mivascript?

    I've found the following Oauth test site:

    http://term.ie/oauth/example/

    and have the following Mivascript code:

    Code:
        	<mvassign name="oauth_consumer_key" value="key" />
    	<mvassign name="oauth_signature_method" value="HMAC-SHA1" />
    	<mvassign name="oauth_version" value="1.0" />
    	<mvassign name="oauth_timestamp" value="{dyn_time_t}" />
    	<mvassign name="oauth_nonce" value="{makesessionid( )}" />
    	<mvassign name="l.key" value="secret" />
<mvassign name="l.signaturebase" value="{'GET&' $ encodeattribute(l.RequestTokenURL) $ '&oauth_consumer_key%3D' $ oauth_consumer_key $ '%26oauth_nonce%3D' $ oauth_nonce $ '%26oauth_signature_method%3D' $ oauth_signature_method $ '%26oauth_timestamp%3D' $ oauth_timestamp $ '%26oauth_version%3D1.0'}" />
    	<mvassign name="l.ok" value="{crypto_hmac_sha1(l.signaturebase, l.key, 'bin', oauth_signature)}" />
    	<mvassign name="oauth_signature" value="{crypto_base64_encode(oauth_signature)}" />
    	<mvcall action="{l.RequestTokenURL $ '?oauth_consumer_key=' $ oauth_consumer_key $ '&oauth_nonce=' $ oauth_nonce $ '&oauth_signature_method=' $ oauth_signature_method $ '&oauth_timestamp=' $ oauth_timestamp $ '&oauth_version=' $ oauth_version  $ '&oauth_signature=' $ encodeattribute(oauth_signature)}" method="GET">
    		<mveval expr="{callvalue}" />
    	</mvcall>
    I keep getting an "invalid signature" response, but I'm not quite sure where I've gone wrong.
    Christopher Cookson
    Create IT Powered by Webpression CMS
    Tags: None
    #2
    Re: crypto_hmac_sha1() and oauth

    I haven't worked with HMAC specifically, but I've done a number of projects that involved encrypting data in Miva Script, and then passing it to another server. From experience, I can suggest that you go over the details carefully. Make sure there's no extra white space in any of the strings, etc. You may need the Oauth folks to take a lok, so they can give you a better description than the short error message.

    Hope that helps -- Kent
    Kent Multer
    Magic Metal Productions
    http://TheMagicM.com
    * Web developer/designer
    * E-commerce and Miva
    * Author, The Official Miva Web Scripting Book -- available on-line:
    http://www.amazon.com/exec/obidos/IS...icmetalproducA

    Comment

      #3
      Re: crypto_hmac_sha1() and oauth

      I'm wanting to use Oauth with Twitter. I had a script working nicely with basic authentication, but Twitter no longer supports this.

      The oauth test site I linked to is useful as it gives the ability to work with some controlled values to get things up and going.
      Although it gives some diagnostics, it doesn't actually return what the signature SHOULD be so I can figure out whether the crypto_hmac_sha1 and subsequent crypto_base64_encode are actually returning the correct value.
      Christopher Cookson
      Create IT Powered by Webpression CMS

      Comment

        #4
        I know that I'm a bit late to this thread, but I got OAuth 1.0 working on my end (for integration with netsuite). Here's the relevant code (including a JSON function I grabbed from http://themagicm.com/store/miva-json...visited.html):

        https://gist.github.com/nelsonlaquet...8f638cab7ef898

        Note the config object, it has the following keys: ConsumerKey, ConsumerSecret, TokenId, TokenSecret, CompanyId, RESTLetEndpoint
        Last edited by NLaQuet; 07-02-18, 05:33 AM.
        • 1 like

        Comment

          #5
          Very nice, thanks for sharing!
          M.A.D.* since 1997

          http://www.scotsscripts.com

          *miva application developers

          Comment

          Previous template Next
          Working...
          X