Results 1 to 5 of 5

Thread: Missing signature method with OAuth1.0

  1. Mar 21st, 2012, 06:19 PM #1
    binnyg
    binnyg is offline Junior Member
    Join Date
    Nov 2011
    Posts
    10

    Default Missing signature method with OAuth1.0

    I have a spring social enabled app which I built using spring-social-samples as a reference. I successfully integrated facebook and Twitter but I am having trouble integrated with Sparklr(code) and I am getting the following error.

    [DEBUG] ProtectedResourceProcessingFilter - org.springframework.security.oauth.provider.Invali dOAuthParametersException: Missing signature method.

    Here is the (code) which is throwing this error.

    Spring-security-oauth comes with Sparklr(Service provider) and Tonr(Consumer). Everything works as expected when I try to authorize Tonr user against Sparklr. It fails when I try to authorize my app user against Sparklr.

    Question really is, how is method signature sent? Is this some kind of configuration error in my app?

    Thank you.
    Reply With Quote Reply With Quote
  2. Mar 22nd, 2012, 09:18 AM #2
    habuma
    habuma is offline Senior Member
    Join Date
    Aug 2004
    Posts
    1,099

    Default

    This is really more of a Spring Security OAuth question. Moving this thread to that forum.
    Craig Walls
    Spring Social Project Lead
    Reply With Quote Reply With Quote
  3. Mar 22nd, 2012, 10:03 AM #3
    Dave Syer
    Dave Syer is offline Senior Member
    Join Date
    Jun 2005
    Posts
    4,241

    Default

    I don't know much about OAuth 1.0 really, but from the spec it looks like oauth_signature_method is a mandatory parameter. Are you sending it? You should be able to tell by looking at the request in a debug tool (e.g. TCP monitor proxy). If you aren't sending it then there must be a problem at the client end. If you are sending it and it isn't being found on the server then it could be a problem on the server.
    Last edited by Dave Syer; Mar 22nd, 2012 at 10:03 AM. Reason: spelling
    Reply With Quote Reply With Quote
  4. Mar 22nd, 2012, 10:14 AM #4
    binnyg
    binnyg is offline Junior Member
    Join Date
    Nov 2011
    Posts
    10

    Default

    Spring Social is doing the heavy lifting for me as I am using it as a consumer. Spring social takes care of constructing the required request headers before sending a request. I am debugging it but not sure if I misconfigured something in Spring-Social. I will check the headers and will post my findings.
    Reply With Quote Reply With Quote
  5. Mar 22nd, 2012, 11:32 AM #5
    binnyg
    binnyg is offline Junior Member
    Join Date
    Nov 2011
    Posts
    10

    Default

    One difference that I see between working and non working case is, with spring social oauth_callback and consumer_key are sent as part of request for confirm_access where as with spring-security-consumer(tonr) only the oauth_token is sent.

    Spring-social is sending
    Location: http://localhost:8888/sparklr/oauth/confirm_access?oauth_token=d5d77f82-e998-490a-9d32-1feae874c5a7&oauth_callback=http%3A%2F%2Flocalhost %3A8080%2Fspring-social-showcase%2Fconnect%2Fssr&oauth_consumer_key=ssr-consumer-key

    Tonr is sending
    http://localhost:9090/sparklr/oauth/...e-4a8f7dc9b8a1

    Does it ring any bells?
    Last edited by binnyg; Mar 22nd, 2012 at 11:34 AM. Reason: Trying to display full URL
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules