OAuth 1.0 Access Token Request is returning parameter absent
We’re trying to generate a token for Jazz using OAuth 1.0, but we’re stuck when performing the last step.
For this, we mainly looked into these 2 resources: <o:p> </o:p>
OAuth Core 1.0 <o:p> </o:p>
ELMandOAuth10a < Deployment < TWiki (jazz.net) <o:p> </o:p>
<o:p> </o:p>
We have a obtained a consumer key and consumer secret and according to the documentation we have to perform the following steps: <o:p> </o:p>
- Obtain request token: <o:p> </o:p>
curl --location --request GET 'https://server/domain/oauth-request-token?oauth_signature_method=HMAC-SHA1&oauth_consumer_key=cons_key&oauth_signature=P9RgokFJD6hgcvlpKHHjCIjwsQo=&oauth_timestamp=1688715450&oauth_nonce=68575481&oauth_callback=oob&oauth_version=1.0' \ <o:p> </o:p>
--header 'Accept: application/rdf+xml' \ <o:p> </o:p>
-header 'Authorization: OAuth oauth_consumer_key="cons_key",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1689054590",oauth_nonce="uTXXqd7rgT5",oauth_version="1.0",oauth_signature="6PxVmV1nYytUTL6El934loejVVQ%3D"' \ <o:p> </o:p>
response: 200 OK <o:p> </o:p>
response body: oauth_token=3f66534e27bb40ba90c5d12ebd69e50a&oauth_token_secret=p3IlaIiQVGO8LKKwqu5QEpLedneg0JrfnrRvj4DDYs <o:p> </o:p>
For generating the signature we created a script in java and we are encrypting using the consumer secret as a private key. <o:p> </o:p>
<o:p> </o:p>
- Authorize the token obtained previously: <o:p> </o:p>
<o:p> </o:p>
curl --location --request GET 'https://server/domain/oauth-authorize?oauth_token=3f66534e27bb40ba90c5d12ebd69e50a&oauth_token_secret=p3IlaIiQVGO8LKKwqu5QEpLedneg0JrfnrRvj4DDYs' \ <o:p> </o:p>
--header 'Authorization: Basic with username and password <o:p> </o:p>
response: 200 OK <o:p> </o:p>
response body: <h4>You have allowed the server " OIDC test for Token Based Authentication" to collaborate <o:p> </o:p>
with the server "https://server/domain/" using the "userID" user ID. <o:p> </o:p>
</h4> <o:p> </o:p>
<o:p> </o:p>
- Obtain Access token (where we have the problem): <o:p> </o:p>
<o:p> </o:p>
curl --location --request POST 'https://server/domain/oauth-access-token?oauth_signature_method=HMAC-SHA1&oauth_consumer_key=cons_key&oauth_nonce=28467620&oauth_timestamp=1688975760&oauth_token=3f66534e27bb40ba90c5d12ebd69e50a&oauth_version=1.0&oauth_signature=6dBHo8t5nDHa1euKmSowq/u81o0=' \ <o:p> </o:p>
--header 'Accept: application/rdf+xml' \ <o:p> </o:p>
--header 'Content-Type: application/x-www-form-urlencoded' \ <o:p> </o:p>
--header 'Authorization: OAuth oauth_consumer_key="cons_key",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1689065610",oauth_nonce="TcKkh7y8DLV",oauth_version="1.0",oauth_signature="ggYfo6yr3VP35KcGV5sSY%2F6nLZc%3D"' \ <o:p> </o:p>
<o:p> </o:p>
response: 400 Bad Request <o:p> </o:p>
response body: oauth_problem=parameter_absent <o:p> </o:p>
<o:p> </o:p>
<o:p> </o:p>
We cannot figure out what is missing. <o:p> </o:p>
<o:p> </o:p>
Your help will be much appreciated. <o:p> </o:p>
Best regards,
Ana
Comments
Ralph Schoon
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER Jul 11 '23, 5:42 a.m.Have you looked at these?
Ana-Maria Rosu
Jul 12 '23, 2:29 a.m.Hi Ralph,
Ralph Schoon
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER Jul 12 '23, 2:36 a.m.This is what I can find for OAuth 1: https://www.google.com/search?q=OAuth+1.0+site%3Ajazz.net
I had my own struggles with OAuth and can probably not solve your problem, however, I knew there are a few documentations around and try to point you to other resources.
Ian Barnard
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER Jul 12 '23, 3:28 a.m.There is some detailed information here https://michaelrowe01.com/index.php/day-job/ibm-elm/api-authentication-method-in-elm-oauth-1-0a/
1 vote