Yahoo OAuth on Android - 401 error

3
votes

I'm trying to implement OAuth for Google, Twitter, Yahoo etc. on Android using the signpost libraries.

All of the above work fine, except Yahoo, which gives me a 401 error when trying to retrieve the Request Token. I've tried modifying my callback url to an http one, and even tried Out of Band authentication.

Does anyone have an idea on what I could be doing wrong ?

My code which requests for the OAuth Request Token using Signpost libraries is pasted below. 

private static CommonsHttpOAuthConsumer yahooConsumer = new CommonsHttpOAuthConsumer(
        YAHOO_CONSUMER_KEY, YAHOO_CONSUMER_SECRET);
private static CommonsHttpOAuthProvider yahooProvider = new CommonsHttpOAuthProvider(
        YAHOO_REQUEST_URL, YAHOO_ACCESS_TOKEN_URL, YAHOO_AUTH_URL);

and

String authURL = yahooProvider.retrieveRequestToken( yahooConsumer,YAHOO_REDIRECT_URL); startWebView(authURL);

EDIT:

Here's the output from the catched Exception :

08-21 00:18:10.935: WARN/System.err(3752): oauth.signpost.exception.OAuthNotAuthorizedException: Authorization failed (server replied with a 401). This can happen if the consumer key was not correct or the signatures did not match. 08-21 00:18:10.945: WARN/System.err(3752): at oauth.signpost.AbstractOAuthProvider.handleUnexpectedResponse(AbstractOAuthProvider.java:239) 08-21 00:18:10.945: WARN/System.err(3752): at oauth.signpost.AbstractOAuthProvider.retrieveToken(AbstractOAuthProvider.java:189) 08-21 00:18:10.955: WARN/System.err(3752): at oauth.signpost.AbstractOAuthProvider.retrieveRequestToken(AbstractOAuthProvider.java:69)

Thanks,

Abhinav

2
androidoauthyahoosignpost
Could you please provide the error details from Yahoo with the 401? - Kristiono Setyadi
@Kristiono - I've edited my question to add the logcat output with the exception. Thanks - Abhinav Manchanda
Thanks for the exception thrown. I think you should also see the body response of 401 given by Yahoo. Yahoo should gave you a descriptive response of what being wrong. - Kristiono Setyadi
Thanks for the help. Here's what signpost outputs to my Logcat - Authentication error: Unable to respond to any of these challenges: {oauth=WWW-Authenticate: OAuth oauth_problem=consumer_key_rejected}. Do you want me to install a request tracking software and give you the detailed request and response ? - Abhinav Manchanda
@Abhinav I got the same error(oauth.signpost.exception.OAuthNotAuthorizedException: Authorization failed (server replied with a 401). This can happen if the consumer key was not correct or the signatures did not match). I have valid customer key. But it shows above exception. can you help me. - Ramakrishna

2 Answers

4
votes

consumer_key_rejected means that you didn't provide valid consumer_key to Yahoo. If you do have provided the right consumer_key to Yahoo, you may check your app registration with Yahoo. Probably you need to check at least one or more services provided by Yahoo. Don't forget to also choose the type of your application whether it's web-based or client-based.

This all make sense since Yahoo wrapped the permission scope into the Consumer Key. Read this explanation for further details: Yahoo OAuth Scope.

This is the workaround example and hints that might be useful to solve your problem: Yahoo OAuth Problem - Consumer Key Rejected

Let me know if this works for you.

0
votes

Try forcing 1.0a authentication with Provider.setOAuth10a(true).

It's also worth checking that the date, time and timezone on your client are all correct else the signature verification will fail.