Magento oauth api for iOS SDK

2
votes

I'm developing an ecommerce iOS app by using magento api. Currently I'm trying to request a token by using oAuth authentication.

Im using the following headers and they parameters for authenticate the user.

Request url = http://beta.localhost.com/oauth/initiate?oauth_callback='http://localhost/testapp'

OAuth realm="http://beta.localhost.com/", oauth_consumer_key="pr9vx4i46lc8jv8mmiu6z2w50p9an43x", oauth_nonce="8QSHUZFRWRC5VGN3", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1354356514", oauth_version="1.0", oauth_signature="ucKs4DyFbKv6MJ1l2%2Fx4NvF819A%3D"

im getting error: oauth_problem=signature_invalid&debug_sbs=szeWMR2jNONabHyS3Ui7FIF3iPc=

I've tried everything same like twitter authentication, but im struggling with same problem

And also I'll try to include those methods into advanced rest client, but im getting the different errors message

My Rest Client Response page screenshot.

enter image description hereenter image description here

Help me to continue this magento api by receiving the token for further steps.

2
iphoneiosmagentooauth
Typo in realm? "salestab" instead of "saletab"?ckhan
Hello , i want to do the Same process. i have to Call one API.but i am not able to do this with Oauth. i have used below source code. devcenter.kinvey.com/ios/samples/oauth2di devcenter.kinvey.com/ios/tutorials/… magentocommerce.com/api/rest/authentication/… have you any idea about, how do i call Magento API ?Vishal Khatri

2 Answers

2
votes

The issue is that the OAuth signature is wrong, which is clearly indicated by Magento error response.

Debugging the signature process is quite a hard process for it to be done via StackOverflow questions. The best way for you to find and fix the error is to do it locally on your own computer. You need to go through the way Magento composes signature (check Zend_Oauth_Http_Utility::sign() method, which will lead you to the Zend_Oauth_Signature_Hmac class) and compare the process step by step with the one at the iOS side. This will help you to find the difference.

Most often such an issue arises because of three reasons:

  1. Wrong order of data parts (in current case - your 'oauth_*' parameters), processed to get the signature.
  2. Mistake in signature algorithm, when implemented by oneself
  3. Wrong encoding done in order to convert the binary signature to a string and pass it via HTTP

Comparing the Magento and iOS processes and their interim results, will help you find the step, where they start to differ. Thus you will be able to understand, what needs to be fixed.

2
votes

1) Get the oAuth tokens

oauth \
  --verbose \
   --query-string \
   --consumer-key v484mnii2jyswedm6uo2cfcjay7uy49snws \
   --consumer-secret koay6845che7giy5lr17gnrhckkbhf8h5 \
   --access-token-url http://www.yourstore.com/magento/oauth/token \
   --authorize-url http://www.yourstore.com/magento/oauth/authorize \
   --request-token-url http://www.yourstore.com/magento/oauth/initiate \
   authorize

Server appears to support OAuth 1.0a; enabling support.
Please visit this url to authorize:
http://www.yourstore.com/magento/oauth/authorize?oauth_token=ey6fokp0pbzwr1016eb528y5xw1ak5ji

Please enter the verification code provided by the SP (oauth_verifier):
YOUR_CODE_HERE

Response:
  oauth_token_secret: g9kyz8c7zv868d58eav1muih3gxvq763
  oauth_token: aqvlfv9tuexn0mqiydgkaff4ixxg8743c

The authorize url you visit will ask you to log in (as a customer, unless you use the admin authorize url instead: /admin/oAuth_authorize). You’ll login and then authorize the client like this.

enter image description here

After a successful login and authorize you should see this dialog, and you’ll copy the verifier code into the oauth commandline to complete the process.

enter image description here

2) Make the API call by using oAuth token

oauth \
    --consumer-key v484mnii2jyswedm6uo2cfcjay7uy49snws \
    --consumer-secret koay6845che7giy5lr17gnrhckkbhf8h5 \ 
    --token aqvlfv9tuexn0mqiydgkaff4ixxg8743c \
    --secret g9kyz8c7zv868d58eav1muih3gxvq763 \ 
    --uri http://www.yourstore.com/magento/api/rest/products \
    debug

Refer this http://www.aschroder.com/2012/04/introduction-to-the-magento-rest-apis-with-oauth-in-version-1-7/