6

We are using this piece of code to send request on aweber via oAuth

long unixTime = System.currentTimeMillis() / 1000L;
OAuthRequest request1 = new OAuthRequest(Verb.GET,"https://api.aweber.com/1.0/accounts/1111/lists/1111/subscribers", service);
request1.addBodyParameter("ws.op", "create");
request1.addBodyParameter("email", "account@gmail.com");
request1.addBodyParameter("name", "ankur");
request1.addBodyParameter("oauth_token_secret", "mysecret");
request1.addBodyParameter("oauth_token", "mytoken");
request1.addBodyParameter("oauth_consumer_key", "mykey");
request1.addBodyParameter("oauth_signature_method", "HMAC-SHA1");
request1.addBodyParameter("oauth_nonce", "secret");
request1.addBodyParameter("oauth_timestamp", String.valueOf(unixTime));

service.signRequest(accessToken, request1);
Response response1 = request1.send();
// Create a reader to read Twitter's stream
BufferedReader reader1 = new BufferedReader(new InputStreamReader(response1.getStream()));

String line;
while ((line = reader1.readLine()) != null) {
    System.out.println(line);
}

But we are getting this in response 

{
    "error": {
        "status": 401,
        "documentation_url": "https://labs.aweber.com/docs/troubleshooting#unauthorized",
        "message": "Invalid signature. Expected signature base string: GET%26https%3A%2F%2Fapi.aweber.com%2F1.0%2Faccounts%2F1111%2Flists%2F1111%2Fsubscribers%26oauth_consumer_key%3Dmykey%26oauth_nonce%3Dnonce%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1461676770%26oauth_token%3Dmytoken%26oauth_version%3D1.0%20https%3A%2F%2Flabs.aweber.com%2Fdocs%2Ftroubleshooting%23unauthorized",
        "type": "UnauthorizedError"
    }
}

Invalid signature. Expected signature base string

I checked my signature, Its same. Dont know why its showing different.

UPDATE - 1:

Lots of guys saying my key and access token is invalid, But In my code I am hitting first account URL after that trying to hit another.

like this

  OAuth1AccessToken  accessToken= new OAuth1AccessToken("oauth_token","oauth_token_secret","oauth_token_secret=oauth_token_secret&oauth_token=oauth_token");
  final OAuthRequest request = new OAuthRequest(Verb.GET, ACCOUNT_RESOURCE_URL, service);
  service.signRequest(accessToken, request);

  final Response response = request.send();
  System.out.println("Got it! Lets see what we found...");
  System.out.println();
  System.out.println(response.getBody());

  System.out.println();
  System.out.println("Thats it man! Go and build something awesome with AWeber and ScribeJava! :) 11111111");

and here is the log 

  Got it! Lets see what we found...

 {"total_size": 1, "start": 0, "entries": [{"http_etag": "\"8c4c161ee1fd3dfg596911c82e9f2feff145907dec2-ca5feee2b7fbb6febfca8af554fg1541ea960aaedb\"", "lists_collection_link": "https://api.aweber.com/1.0/accounts/xxxx/lists", "self_link": "https://api.aweber.com/1.0/accounts/xxxx", "resource_type_link": "https://api.aweber.com/1.0/#account", "id": xxxx, "integrations_collection_link": "https://api.aweber.com/1.0/accounts/xxxx/integrations"}], "resource_type_link" : "https://api.aweber.com/1.0/#accounts"}

After this I am running my top code, So is there anything wrong with my key then why its working for first part of code?

vzamanillo
  • 9,905
  • 1
  • 36
  • 56
Renu Thakur
  • 551
  • 11
  • 35

2 Answers2

5

Root cause Analysis: Invalid signature

This error is raised when the signature of your request doesn't match what we'd expect it to be. Common causes of this error are incorrect or missing token secret keys (either consumer, request token, or access token) or an incorrect OAuth 1.0A implementation in your applications.

Here access token has a expiry time. after a expiry time, the access token will not work.

There is another restriction also. There are limits on the number of refresh tokens that will be issued; one limit per client/user combination, and another per user across all clients.

So, in your case it may also happen that you have already crossed your limit of creating refresh token.

For solution, you can follow my another answer: Google Play Developer API - Query purchase token returns Invalid Value

For troubleshooting your problem, you can follow this:

  1. Verify that your consumer secret is correct by logging onto your labs account and copy and pasting the consumer key into your application.
  2. Issue new request tokens and/or access tokens and try again.
  3. Verify that your application is properly implementing the OAuth 1.0A standard with respect to the server base string.
  4. Refer to RFC5849 OAuth 1.0A Specification Section 3.4.1 for more details.
Community
  • 1
  • 1
SkyWalker
  • 28,384
  • 14
  • 74
  • 132
  • Sorry, but my client is not giving his labs account credential, And this is working first time so i dont think consumer key has an issue. – Renu Thakur Apr 29 '16 at 06:46
  • So, you can make a POST request with a Content-Type other than `application/x-www-form-urlencode`. and let me know. – SkyWalker Apr 29 '16 at 06:48
-1

Consumer key is invalid

What is it? This error is raised when your consumer key is invalid. The most common cause for this error is a typographical error in consumer key copied from your labs account.

Troubleshooting Checklist Copy and paste your consumer key from your labs account into your application and try again. If using the distributed authentication method, make sure you are properly parsing out the Consumer Key from the returned authorization code. https://labs.aweber.com/docs/troubleshooting#unauthorized

Community
  • 1
  • 1
Sachit karki
  • 90
  • 9
  • Consumer key is valid. I am first hitting https://api.aweber.com/1.0/accounts/ then getting id and account URL with same consumer key. If this is invalid then how its working before? – Renu Thakur Apr 29 '16 at 06:07