3

I'm attempting to authenticate requests to the Withings API using node-oauth, a widely used OAuth module for Node. All of the initials steps of the OAuth process are working, and I'm able to acquire the user ID, access token, and access token secret. However, when attempting to actually use these tokens to make an authenticated request, I get one of the following errors:

  • 2554 Wrong action or wrong webservice
  • 2555 An unknown error occurred
  • 2556 Service is not defined

I've verified that the credentials I'm using are valid by testing them here. Am I doing something wrong, or is the Withings API implemented in some non-standard way, which makes it incompatible with node-oauth?

var consumerKey = "";
var consumerSecret = "";
var oauth_access_token = "";
var oauth_access_token_secret = "";
var userid = "";

var oauth = require("oauth");

var withings = new oauth.OAuth(
    "https://oauth.withings.com/account/request_token",
    "https://oauth.withings.com/account/access_token",
    consumerKey,
    consumerSecret,
    "1.0",
    null,
    "HMAC-SHA1"
);

var url = "http://wbsapi.withings.net/measure?action=getmeas&userid=" + userid;
withings.get(url, oauth_access_token, oauth_access_token_secret, function(error, response) {
    console.log(response);
});

Output:

{"status":2554}
David Jones
  • 10,117
  • 28
  • 91
  • 139

3 Answers3

4

I figured this one out. The node-oauth library assumes that most APIs expect OAuth parameters to be defined in headers. However, OAuth parameters may also be defined in the query string, which is how Withings decided to implement it. The node-oauth library defines a signUrl function for this purpose, but you must use it explicitly. Once you wrap the URL in that function, the problem is solved. Note that there is no need to pass the access tokens into the get function because the request is already signed.

var url = withings.signUrl("http://wbsapi.withings.net/measure?action=getmeas&userid=" + userid, oauth_access_token, oauth_access_token_secret);
withings.get(url, null, null, function(error, response) {
    console.log(response);
});
David Jones
  • 10,117
  • 28
  • 91
  • 139
  • If anyone encounters a signing issue with this, I used "request" to actually make the call. With the "OAuth" lib, the URL was, I suppose, encoded twice which caused an issue (I had the issue described here: https://stackoverflow.com/questions/26517181/withings-web-api-call-signature-issue) – Adlen Afane Feb 20 '18 at 17:04
0

The withings API is maybe a little special and very capricious. For example, if you don't send the options in the query string in the right order you got sometimes an error. I haven't tried with node-oauth because I work with it in angular and my friend in Rails but it's difficult to make it work.

I don't see your callback url send in the options of node-oauth have you changed it in the options of your Withings app ?

You can try to modify node-oauth to log the response of each call to Withings and look if it's the first, the second or the third who's failing.

Good luck ;)

Jowy
  • 93
  • 2
  • 9
0

check your url may be you have missed out any required params suc as acces_token.

sample URL: https://wbsapi.withings.net/measure?action=getmeas&category=1&access_token=XXXXXxxxxxxxxXXXXX&meastype=1&startdate=1543581749&enddate=1543581750

Rajan Gunasekaran
  • 11
  • 1