REST API HTTP Authentication problem

Resolved martinlmedina
(@martinlmedina)

9 years, 10 months ago

Hi

I’m new using woocommerce;

I’m reading the following manual

http://woothemes.github.io/woocommerce-rest-api-docs/#authentication-over-http

I’m trying authenticate but I get the following error:

{ “Errors”: [{“code”: “WooCommerce api authentication error”, “message”: “Invalid signature – does not match the signature provided”}]}

Info:

Site:
http://redywoo.vics.srl

Example
http://redywoo.vics.srl/wc-api/v1/products

consumer key
[API keys redacted]

consumer secret key
[API keys redacted]

———————————————-

signature base string
[API keys redacted]

signature
[API keys redacted]

url
http://redywoo.vics.srl/wc-api/v1/products?oauth_consumer_key=[API keys redacted]&oauth_nonce=9062660784657346&oauth_signature=[API keys redacted]&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1439148955

———————————————-

All information provided is real; including the keys.
Once work will generate new keys.

I appreciate any help.

Martin

https://wordpress.org/plugins/woocommerce/

Viewing 7 replies - 1 through 7 (of 7 total)

Caleb Burks
(@icaleb)

Automattic Happiness Engineer

9 years, 10 months ago

Hey Martin,

First up, I would recommend deleting those keys right away. Definitely not wise to post live keys to the internet in public.

Secondly, what are you trying to do? Perhaps using one of these authentication libraries would help: http://woothemes.github.io/woocommerce-rest-api-docs/#libraries-and-tools

Thread Starter martinlmedina
(@martinlmedina)

9 years, 10 months ago

Caleb thanks for the advice, but it is a test environment.

I’m trying to authenticate to access via http api rest, to list products, create products etc.

I followed step by step tutorial instructions but have not been successful.

So i show all of the information necessary to access, to see if anyone knows’m making mistake.

Plugin Contributor Mike Jolley
(@mikejolley)

9 years, 10 months ago

There are additional notes on signature generation in that doc. Most people make the mistake of not ordering the vars alphabetically before generating it.

Thread Starter martinlmedina
(@martinlmedina)

9 years, 10 months ago

I also took additional notes.
As you can see in the URL; The parameters are in alphabetical order.

oauth_consumer_key=[API keys redacted]
oauth_nonce=9062660784657346
oauth_signature=[API keys redacted]
oauth_signature_method=HMAC-SHA1
oauth_timestamp=1439148955

Caleb Burks
(@icaleb)

Automattic Happiness Engineer

9 years, 10 months ago

Hard to say what is going wrong in your authentication. Have you tried using one of the official libraries? Could help you find the problem in your own.

Thread Starter martinlmedina
(@martinlmedina)

9 years, 10 months ago

Caleb I have not tried the official libraries; I’ve only tested via http.
I’m developing a plsql to WooCommerce integration.
We would greatly appreciate if you can help with this.

Thread Starter martinlmedina
(@martinlmedina)

9 years, 10 months ago

the documentation is wrong; since the base string used to generate the signature is incomplete.

1-Correct base string

GET&http%3A%2F%2Fwww.example.com%2Fwc-api%2Fv2%2Fproducts&oauth_consumer_key%3D[API keys redacted]%26oauth_nonce%3Dyxakolfnjdyfnhtcqtfyeeepypjspzhj%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1469829703

2-Correct URL

http://www.example.com/wc-api/v2/products?oauth_consumer_key=abcd1234&oauth_timestamp=1469829703&oauth_nonce=yxakolfnjdyfnhtcqtfyeeepypjspzhj&oauth_signature_method=HMAC-SHA1&oauth_signature=%5BBase64 and Percent encode base string]

Thks

Viewing 7 replies - 1 through 7 (of 7 total)

The topic ‘REST API HTTP Authentication problem’ is closed to new replies.