Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Post to wordpress via rest #213

Open
lfoliveira opened this issue Nov 17, 2017 · 1 comment
Open

Post to wordpress via rest #213

lfoliveira opened this issue Nov 17, 2017 · 1 comment

Comments

@lfoliveira
Copy link

I was able to authenticate with wordpress with oauth 1.0a. Now when i try to post i always get the error. i tried to post with postman with the client id/secret, token/tokensecret with success.

{"code":"json_oauth1_signature_mismatch",
"message":"OAuth signature does not match",
"data":{"status":401}}

Here is header i am send it

Authorization: OAuth oauth_consumer_key="XXXXXX",
 oauth_token="XXXXXXXXX", 
oauth_signature_method="HMAC-SHA1", 
oauth_timestamp="1510921763", 
oauth_nonce="5800303", 
oauth_version="1.0",
oauth_signature="0qRr9VhjSrXmWRr%2B%2B8HmUmvvGrU%3D"

To build the signature i'm doing:

public void MssGenerate_oAuthSignatureValues(string ssConsumerKey, string ssConsumerSecret, string ssOAuthToken, string ssOAuthTokenSecret, string ssrequest_Method, string ssURL, string ssauth_callback, string ssoAuth_verifier, out string ssoAuth_Signature)
    {
        // TODO: Write implementation for action

        ssoAuth_Signature = "";
        oAuthBase oaBase = new oAuthBase();

        string oauth_signature_method = "HMAC-SHA1";
        string oauth_nonce = oaBase.GenerateNonce();
        string oauth_version = "1.0";
        string oauth_timestamp = oaBase.GenerateTimeStamp();

        SortedDictionary<string, string> sd = new SortedDictionary<string, string>();
        sd.Add("oauth_version", oauth_version);
        if(ssauth_callback !="")
            sd.Add("oauth_callback", PercentEncode(ssauth_callback));
        sd.Add("oauth_consumer_key", ssConsumerKey);
        sd.Add("oauth_nonce", oauth_nonce);
        sd.Add("oauth_signature_method", oauth_signature_method);
        sd.Add("oauth_timestamp", oauth_timestamp);
        sd.Add("oauth_token", ssOAuthToken);
        if (ssoAuth_verifier != "")
        {
            sd.Add("oauth_verifier", ssoAuth_verifier);
        }

        Uri url = new Uri(ssURL);
        StringBuilder baseString = new StringBuilder(ssrequest_Method + "&" + PercentEncode(NormalizeUrl(url)) + "&");

        foreach (var keyValuePair in sd)
        {
            baseString.Append(PercentEncode(string.Format("{0}={1}&", keyValuePair.Key, keyValuePair.Value)));
        }
        string signatureBaseString = baseString.ToString().Substring(0, baseString.Length - 3);

        string signingKey =
            PercentEncode(ssConsumerSecret) + "&" +
            PercentEncode(ssOAuthTokenSecret);


        string signatureString = ComputeSignature(signingKey, signatureBaseString);

        string authorizationHeaderParams = "OAuth ";
        authorizationHeaderParams += "oauth_consumer_key=" + "\"" + PercentEncode(ssConsumerKey) + "\", ";
        authorizationHeaderParams += "oauth_token=" + "\"" + PercentEncode(ssOAuthToken) + "\", ";
        authorizationHeaderParams += "oauth_signature_method=" + "\"" + PercentEncode(oauth_signature_method) + "\", ";
        authorizationHeaderParams += "oauth_timestamp=" + "\"" + PercentEncode(oauth_timestamp) + "\", ";
        authorizationHeaderParams += "oauth_nonce=" + "\"" + PercentEncode(oauth_nonce) + "\", ";
        authorizationHeaderParams += "oauth_version=" + "\"" + PercentEncode(oauth_version) + "\", ";
        authorizationHeaderParams += "oauth_signature=" + "\"" + PercentEncode(signatureString) + "\"";

        if (ssauth_callback != ""){
            authorizationHeaderParams += ", oauth_callback =" + "\"" + PercentEncode(ssauth_callback) + "\"";
        }
        if (sd.ContainsKey("oauth_verifier")){
            authorizationHeaderParams += "\", oauth_verifier =" + "\"" + PercentEncode(sd["oauth_verifier"]) + "\"";
        }

        ssoAuth_Signature = authorizationHeaderParams;
    }

public virtual string GenerateTimeStamp()
        {
            // Default implementation of UNIX time of the current UTC time
            TimeSpan ts = DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0);
            return Convert.ToInt64(ts.TotalSeconds).ToString();
        }

        public virtual string GenerateNonce()
        {
            // Just a simple implementation of a random number between 123400 and 9999999
            return random.Next(123400, 9999999).ToString();
        }
    }

private static string ComputeSignature(string signingKey, string text)
        {
            // Sign the request
            HMACSHA1 hasher = new HMACSHA1(new ASCIIEncoding().GetBytes(signingKey));
            return Convert.ToBase64String(hasher.ComputeHash(new ASCIIEncoding().GetBytes(text)));
        }

        private static string NormalizeUrl(Uri url)
        {
            string normalizedUrl = string.Format(System.Globalization.CultureInfo.InvariantCulture, "{0}://{1}", url.Scheme, url.Host);
            if (!((url.Scheme == "http" && url.Port == 80) || (url.Scheme == "https" && url.Port == 443)))
            {
                normalizedUrl += ":" + url.Port;
            }

            normalizedUrl += url.AbsolutePath;
            return normalizedUrl;
        }

I'm out of ideas what i'm doing wrong
@salviof
Copy link

salviof commented Oct 6, 2018

Do you solved that? @lfoliveira

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@salviof @lfoliveira