OAuth access programatically to Doors/DWA
Hi, I am trying to invoke an OSLC service from Doors but I need OAuth dance before.
I get the Token successfully from: /dwa/oauth-request-token and I get an authorization URL from /dwa/oauth-authorize-token but the problem is that the URL I get:
/dwa/oauth?oauth_token=a4b085f4-c969-4d22-b888-7623f3fb28d4&oauth_verifier=RdwnBo
(where the token and the verifier will change) doesn't exist. I always get a HTTP 404.
Is it a wrong URL sent by DWA? Which one is correct?
I am using Doors Web Access 1.5.0.0 (Build 214)
Any help or comment?
Thanks a lot,
Chemi.
I get the Token successfully from: /dwa/oauth-request-token and I get an authorization URL from /dwa/oauth-authorize-token but the problem is that the URL I get:
/dwa/oauth?oauth_token=a4b085f4-c969-4d22-b888-7623f3fb28d4&oauth_verifier=RdwnBo
(where the token and the verifier will change) doesn't exist. I always get a HTTP 404.
Is it a wrong URL sent by DWA? Which one is correct?
I am using Doors Web Access 1.5.0.0 (Build 214)
Any help or comment?
Thanks a lot,
Chemi.
6 answers
When do you get 404?
Your initial token seems to be authorized successfully since you get the verifier in the URL.
You need to use the oauth_verifier along with the initial token and token_secret and send the request to oauth_access_token URI - /dwa/oauth-access-token, to get the access token and token_secret.
Hope that helps..
Thanks,
Sudarshan
Thanks for your comment Sudarshan.
I thought I should use that URL for the next step.... so I moved then to /dwa/oauth-access-token and I was able to progress I think. But now, at the end, when I invoke the final service I got:
HTTP Status 401 - Invalid signature for signature method HMAC-SHA1
Let me explain what I am trying to do and how I am doing it so perhaps you can help me further.
My objective is to invoke a service from Doors/DWA from a Java Client. And for that I need OAuth stuff to be solved first.
To develop such Java Client, I am using Apache HTTP Client and OAuth Google Code.
The steps I follow are:
1.- Login into DWA to authenticate and get the JSESSIONID Cookie.
2.- Request a OAuth Token
3.- Authorize the OAuth Token
4.- Get the access the Token
5.- Invoke my service.
I get the error in step 5.
Here are the details of each step (URL requested and HTTP Headers from the response). All of them are part of a single sequence.
1.- HTTP Authentication with the server. I request a normal page and then send the HTTP Form.
http://192.168.1.42:8080/dwa/oauth
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Content-Language: en
Content-Length: 4579
Vary: Accept-Encoding
Date: Fri, 23 Nov 2012 19:10:16 GMT
http://192.168.1.42:8080/dwa/oauth/j_acegi_security_check
HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=58AA522938F621045424FBDBF1DD1866; Path=/dwa; HttpOnly
Location: http://192.168.1.42:8080/dwa/oauth
Content-Length: 0
Date: Fri, 23 Nov 2012 19:10:16 GMT
2.- Request the OAuth Token
http://192.168.1.42:8080/dwa/oauth-request-token?oauth_consumer_key=0987654321&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1353697838&oauth_nonce=526399064300345&oauth_version=1.0&oauth_signature=gM3%2FGkgspyzWAdOaBoPtmZAnsNE%3D
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: application/x-www-form-urlencoded
Transfer-Encoding: chunked
Date: Fri, 23 Nov 2012 19:10:16 GMT
3.- Authorization
http://192.168.1.42:8080/dwa/oauth-authorize-token?oauth_token=ed357650-5871-4d4a-948a-648f8b2355fe&application_name=DWA&oauth_consumer_key=0987654321&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1353697838&oauth_nonce=526399246702730&oauth_version=1.0&oauth_signature=FjTNqwYmAcM%2BMMhPvQyn4m8fy7I%3D
HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Location: http://192.168.1.42:8080/dwa/oauth?oauth_token=ed357650-5871-4d4a-948a-648f8b2355fe&oauth_verifier=RtOfDM
Content-Length: 0
Date: Fri, 23 Nov 2012 19:10:16 GMT
4.- Access Token
http://192.168.1.42:8080/dwa/oauth-access-token?oauth_token=ed357650-5871-4d4a-948a-648f8b2355fe&oauth_verifier=RtOfDM&oauth_consumer_key=0987654321&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1353697838&oauth_nonce=526399281811730&oauth_version=1.0&oauth_signature=CogE%2BXFqRW%2BwjPU4JoxNRp05sR8%3D
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/plain;charset=utf-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Date: Fri, 23 Nov 2012 19:10:16 GMT
5.- Access to the final service
http://127.0.0.1:80/dwa/rm/dxl/helloWorld?oauth_token_secret=DKWmQip2q4ZGTYIXmJHbg0KBFWR6krhOx4W6A3qQSy6YZ4LVxiex8wJB36rJQtqBd2PM5OUWFLPSvHRycNK1omaaH7VBSzfh5XdBspg%2Bsus%3D&oauth_token=e40cc406-a5bc-4358-ba3f-63891ee78cdd&oauth_consumer_key=0987654321&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1353697838&oauth_nonce=526399319412691&oauth_version=1.0&oauth_signature=IcFAVuttEKIiwR1kSfrdxO6Zo9Q%3D
HTTP/1.1 401 Unauthorized
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=6671A97CB14F1D865078336BC581DB8B; Path=/dwa; HttpOnly
WWW-Authenticate: OAuth realm="DWA"
Content-Type: text/html;charset=utf-8
Content-Length: 1032
Date: Fri, 23 Nov 2012 19:10:16 GMT
And the error in the body is:
This request requires HTTP authentication (Invalid signature for signature method HMAC-SHA1).
Any idea or help?
Writing the post I have noticed in this last step, the server assigns a new JSESSIONID.... could it be the problem? Although the path is the same /dwa
Thanks in advance,
Chemi.
I thought I should use that URL for the next step.... so I moved then to /dwa/oauth-access-token and I was able to progress I think. But now, at the end, when I invoke the final service I got:
HTTP Status 401 - Invalid signature for signature method HMAC-SHA1
Let me explain what I am trying to do and how I am doing it so perhaps you can help me further.
My objective is to invoke a service from Doors/DWA from a Java Client. And for that I need OAuth stuff to be solved first.
To develop such Java Client, I am using Apache HTTP Client and OAuth Google Code.
The steps I follow are:
1.- Login into DWA to authenticate and get the JSESSIONID Cookie.
2.- Request a OAuth Token
3.- Authorize the OAuth Token
4.- Get the access the Token
5.- Invoke my service.
I get the error in step 5.
Here are the details of each step (URL requested and HTTP Headers from the response). All of them are part of a single sequence.
1.- HTTP Authentication with the server. I request a normal page and then send the HTTP Form.
http://192.168.1.42:8080/dwa/oauth
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Content-Language: en
Content-Length: 4579
Vary: Accept-Encoding
Date: Fri, 23 Nov 2012 19:10:16 GMT
http://192.168.1.42:8080/dwa/oauth/j_acegi_security_check
HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=58AA522938F621045424FBDBF1DD1866; Path=/dwa; HttpOnly
Location: http://192.168.1.42:8080/dwa/oauth
Content-Length: 0
Date: Fri, 23 Nov 2012 19:10:16 GMT
2.- Request the OAuth Token
http://192.168.1.42:8080/dwa/oauth-request-token?oauth_consumer_key=0987654321&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1353697838&oauth_nonce=526399064300345&oauth_version=1.0&oauth_signature=gM3%2FGkgspyzWAdOaBoPtmZAnsNE%3D
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: application/x-www-form-urlencoded
Transfer-Encoding: chunked
Date: Fri, 23 Nov 2012 19:10:16 GMT
3.- Authorization
http://192.168.1.42:8080/dwa/oauth-authorize-token?oauth_token=ed357650-5871-4d4a-948a-648f8b2355fe&application_name=DWA&oauth_consumer_key=0987654321&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1353697838&oauth_nonce=526399246702730&oauth_version=1.0&oauth_signature=FjTNqwYmAcM%2BMMhPvQyn4m8fy7I%3D
HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Location: http://192.168.1.42:8080/dwa/oauth?oauth_token=ed357650-5871-4d4a-948a-648f8b2355fe&oauth_verifier=RtOfDM
Content-Length: 0
Date: Fri, 23 Nov 2012 19:10:16 GMT
4.- Access Token
http://192.168.1.42:8080/dwa/oauth-access-token?oauth_token=ed357650-5871-4d4a-948a-648f8b2355fe&oauth_verifier=RtOfDM&oauth_consumer_key=0987654321&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1353697838&oauth_nonce=526399281811730&oauth_version=1.0&oauth_signature=CogE%2BXFqRW%2BwjPU4JoxNRp05sR8%3D
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/plain;charset=utf-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Date: Fri, 23 Nov 2012 19:10:16 GMT
5.- Access to the final service
http://127.0.0.1:80/dwa/rm/dxl/helloWorld?oauth_token_secret=DKWmQip2q4ZGTYIXmJHbg0KBFWR6krhOx4W6A3qQSy6YZ4LVxiex8wJB36rJQtqBd2PM5OUWFLPSvHRycNK1omaaH7VBSzfh5XdBspg%2Bsus%3D&oauth_token=e40cc406-a5bc-4358-ba3f-63891ee78cdd&oauth_consumer_key=0987654321&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1353697838&oauth_nonce=526399319412691&oauth_version=1.0&oauth_signature=IcFAVuttEKIiwR1kSfrdxO6Zo9Q%3D
HTTP/1.1 401 Unauthorized
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=6671A97CB14F1D865078336BC581DB8B; Path=/dwa; HttpOnly
WWW-Authenticate: OAuth realm="DWA"
Content-Type: text/html;charset=utf-8
Content-Length: 1032
Date: Fri, 23 Nov 2012 19:10:16 GMT
And the error in the body is:
This request requires HTTP authentication (Invalid signature for signature method HMAC-SHA1).
Any idea or help?
Writing the post I have noticed in this last step, the server assigns a new JSESSIONID.... could it be the problem? Although the path is the same /dwa
Thanks in advance,
Chemi.
Hummm.... after writing the post I noticed that the las URL I used was different IP then the others (I was using a TCP/IP Monitor to understand what was traveling through the net). And perhaps that was the reason a new Cookie no authenticated was issued.
After I change the IP and port to the same one than the others, it seems I receive HTTP 200. Now I have to verify if the service invoked really is working or not. I will post again in case it worked fine....
Regards,
Chemi.
After I change the IP and port to the same one than the others, it seems I receive HTTP 200. Now I have to verify if the service invoked really is working or not. I will post again in case it worked fine....
Regards,
Chemi.
Right, once I added these two header to the final HTTP Request:
Now, the issue is I need to send an XML file as body content in the request, and I have to use POST for that. But if I use POST, then I get HTTP 401 again. Here is the request:
http://192.168.1.42:8080/dwa/rm/dxl/helloWorld?oauth_token_secret=lb%2BV7u8yfMEJFN3nSeosObZ%2FlFMvh44pYNkee7U7M9Wz6ev84u5Cmww9KXopewUELT1fwnILrd4mupi7%2FfUurLr98Qd%2BYT9k8fcx7AGeegY%3D&oauth_token=bf87b673-745f-4b94-b7ff-b1da722977b8&oauth_consumer_key=0987654321&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1353757948&oauth_nonce=586672573081445&oauth_version=1.0&oauth_signature=GpOID%2FuiqRi4wLSkUESvcgJ75%2F4%3D
<?xml version="1.0" encoding="UTF-8"?>
<rdf:RDF
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:doors="http://jazz.net/doors/xmlns/prod/jazz/doors/2.0/">
<doors:Arguments>
<doors:arguments >English</doors:arguments>
</doors:Arguments>
</rdf:RDF>
And here is the response:
HTTP/1.1 401 Unauthorized
Server: Apache-Coyote/1.1
WWW-Authenticate: OAuth realm="DWA"
Content-Type: text/html;charset=utf-8
Content-Length: 1032
Date: Sat, 24 Nov 2012 11:52:23 GMT
HTTP Status 401 - Invalid signature for signature method HMAC-SHA1
So, question is... should I send anything else in the headers when using POST to get into OAuth protected services? Using GET instead of POST seems to work....
Thanks in advance,
Chemi.
Accept: application/rdf+xml
Content-Type: application/rdf+xmlI get following answer:
<?xml version="1.0"?>So this means I am successfully getting into the Doors/DWA Service using OAuth. Or I think that is the case.
<rdf:RDF
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:doors="http://jazz.net/doors/xmlns/prod/jazz/doors/2.0/">
<doors:DxlServiceResult rdf:about="http://192.168.1.42:8080/dwa/rm/dxl/helloWorld">
<doors:help></doors:help>
</doors:DxlServiceResult>
</rdf:RDF>
Now, the issue is I need to send an XML file as body content in the request, and I have to use POST for that. But if I use POST, then I get HTTP 401 again. Here is the request:
http://192.168.1.42:8080/dwa/rm/dxl/helloWorld?oauth_token_secret=lb%2BV7u8yfMEJFN3nSeosObZ%2FlFMvh44pYNkee7U7M9Wz6ev84u5Cmww9KXopewUELT1fwnILrd4mupi7%2FfUurLr98Qd%2BYT9k8fcx7AGeegY%3D&oauth_token=bf87b673-745f-4b94-b7ff-b1da722977b8&oauth_consumer_key=0987654321&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1353757948&oauth_nonce=586672573081445&oauth_version=1.0&oauth_signature=GpOID%2FuiqRi4wLSkUESvcgJ75%2F4%3D
<?xml version="1.0" encoding="UTF-8"?>
<rdf:RDF
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:doors="http://jazz.net/doors/xmlns/prod/jazz/doors/2.0/">
<doors:Arguments>
<doors:arguments >English</doors:arguments>
</doors:Arguments>
</rdf:RDF>
And here is the response:
HTTP/1.1 401 Unauthorized
Server: Apache-Coyote/1.1
WWW-Authenticate: OAuth realm="DWA"
Content-Type: text/html;charset=utf-8
Content-Length: 1032
Date: Sat, 24 Nov 2012 11:52:23 GMT
HTTP Status 401 - Invalid signature for signature method HMAC-SHA1
So, question is... should I send anything else in the headers when using POST to get into OAuth protected services? Using GET instead of POST seems to work....
Thanks in advance,
Chemi.
Got it! It was an issue using OAuth Google classes...
BTW, only GET and PUT were accepted. Once POST worked fine I got an error because just GET and PUT were accepted. Once I used PUT I got the expected answer from the Doors/DWA service....
Now it is time to clean the code... :-)
Best regards,
Chemi.
BTW, only GET and PUT were accepted. Once POST worked fine I got an error because just GET and PUT were accepted. Once I used PUT I got the expected answer from the Doors/DWA service....
Now it is time to clean the code... :-)
Best regards,
Chemi.
Hello Chemi, where did you get all this information? I know this is ages ago but I'm hoping you remember.
I'm trying to get access to Doors NG api use OSLC services and I've run across this oAuth stumbling block. I've got the oauth_token but I'm failing on authorizing with an error message of "invalid_expired_token.
I'm trying to do this all on soapUI so I can reproduce it later in middleware.