Android Question oAuth 1.0 & FatSecrect API, Invalid Signature issue

[sktanmoy]

I was working with FatSecure API. That needs oAuth1.0 API. However I'm getting invalid signature issue. Let me know what I've done.

Sub Process_Globals
   Private Hreq As HttpRequest
   Public DataMap As Map
   Private Auth As OAuth
   Private Client As HttpJob
End Sub

Private Sub Prepare_oAuth
   DataMap.Initialize
   Hreq.InitializeGet("http://platform.fatsecret.com/rest/server.api")
  
   Auth.Initialize("35dab80065e5.......", "d92ca7fa50d743399f................")
   Auth.Sign(Hreq)
  
   Dim Headers As String = Auth.GetAuthorizationHeaderValue(Hreq)
   If Headers.Contains("oauth_nonce") Then
  
     Headers = Headers.SubString2(6, Headers.Length)
     Log(Headers)
    
     Dim values() As String
     values = Regex.Split(",", Headers)
    
     For Each value As String In values
       Dim Data() As String
       Data = Regex.Split("=", value)
       DataMap.Put(Data(0).Trim, Data(1).Replace("""", "").Trim)
       Log("Key: " & Data(0).Trim)
       Log("Val: " & Data(1).Replace("""", "").Trim)
     Next
    
   End If
  
End Sub



Sub Search_food(Text As String)
   Prepare_oAuth
   Dim Sig As String
   Sig = DataMap.Get("oauth_signature")
   
   Dim Su As StringUtils
   Sig = Su.DecodeUrl(Sig, "UTF-8")
   
   Dim Url As String
   Url ="http://platform.fatsecret.com/rest/server.api?method=foods.search&oauth_consumer_key=" & DataMap.Get("oauth_consumer_key") & "&oauth_signature=" & Sig & "&oauth_version=" & DataMap.Get("oauth_version") & "&oauth_nonce=" & DataMap.Get("oauth_nonce") & "&oauth_timestamp=" & DataMap.Get("oauth_timestamp") & "&oauth_signature_method=" & DataMap.Get("oauth_signature_method") & "&format=json" & "&search_expression=" & Text
   Log(Url)
   
   Client.Initialize("Search", "Dashboard")
   'Client.Download2("http://platform.fatsecret.com/rest/server.api",Array As String("method", "foods.search", "oauth_consumer_key", DataMap.Get("oauth_consumer_key"), "oauth_signature", Sig, "oauth_version", DataMap.Get("oauth_version"),"oauth_nonce", DataMap.Get("oauth_nonce"),"oauth_timestamp", DataMap.Get("oauth_timestamp"), "oauth_signature_method", DataMap.Get("oauth_signature_method"), "format", "json", "search_expression", Text ))
   Client.PostString("http://platform.fatsecret.com/rest/server.api", "method=foods.search&oauth_consumer_key=" & DataMap.Get("oauth_consumer_key") & "&oauth_signature=" & Sig & "&oauth_version=" & DataMap.Get("oauth_version") & "&oauth_nonce=" & DataMap.Get("oauth_nonce") & "&oauth_timestamp=" & DataMap.Get("oauth_timestamp") & "&oauth_signature_method=" & DataMap.Get("oauth_signature_method") & "&format=json" & "&search_expression=" & Text )
End Sub

And when I'm calling Search_food("Chicken"), I'm getting error like this

{ "error": {"code": 8, "message": "Invalid signature: oauth_signature 'ABBJMTXsKQRigN3z1Yxi83O2O8Q='" }}

I need your help where the mistake I did.

Thanks

 

[Erel]

Can you post a link to their documentation about the authorization?

 

[sktanmoy]

Here is the link: http://platform.fatsecret.com/api/Default.aspx?screen=rapiauth

 

[Erel]

According to their documentation you need to build a base string first. I'm not sure whether this string is considered the token or not.

 

[sktanmoy]

I found https://github.com/Braunson/diex3/blob/master/fatsecret.php and worked for me. So tried to convert the code into Basic this way

Base = Su.EncodeUrl("GET", "UTF8") & "&http%3A%2F%2Fplatform.fatsecret.com%2Frest%2Fserver.api&"

	Params = "format=json&method=foods.search&oauth_consumer_key=35dab80065e5.....&oauth_nonce=" & Rnd(11111,99999999999) & "&oauth_signature_method=HMAC-SHA1&oauth_timestamp=" &DateTime.Now & "&oauth_version=1.0&search_expression=" & Su.EncodeUrl(Text, "UTF8")
	Params2 = Su.EncodeUrl(Params, "UTF8")
	Base = Base & Params2
	
	
	Dim Mac1 As Mac
	Dim Bconv As ByteConverter
	Dim Data, Sigdata As Byte
	Data = Bconv.StringToBytes(Base, "UTF8")
	Log(Data)
	
	Mac1.Initialise("HMACSHA1", "d92ca7fa50d743....")
	Mac1.Update(Data)
	Sigdata = Mac1.Sign
	
	Sig = Su.EncodeBase64(Sigdata)
	
	Dim URL As String
	URL = "http://platform.fatsecret.com/rest/server.api?" & Params & "&oauth_signature=" & Su.EncodeUrl(Sig, "UTF8")
	
	Log(URL)

However I stack in sha1 encryption. Can you please help me?

 

[Erel]

Use MessageDigest from the Encryption library: https://www.b4x.com/android/help/encryption.html#messagedigest