One of my customer has setup Magento on their end. Now, I'm trying to access their Magento APIs to fetch product information. They have provided me the Magento hostname, consumerkey, and consumersecret. I'm using Java / Scribe 1.3.7 for accessing the APIs. This is my code:
public final class MagentoThreeLeggedOAuth extends DefaultApi10a {
private static final String BASE_URL = "http://example.com/";
@Override
public String getRequestTokenEndpoint() {
return BASE_URL + "oauth/initiate";
}
@Override
public String getAccessTokenEndpoint() {
return BASE_URL + "oauth/token";
}
@Override
public String getAuthorizationUrl(Token requestToken) {
return BASE_URL + "admin/oauth_authorize?oauth_token="
+ requestToken.getToken(); //this implementation is for admin roles only...
}
}
public final class MagentoAuth {
/**
* @param args
*/
public static void main(String[] args) {
final String MAGENTO_API_KEY = "abcdefghij";
final String MAGENTO_API_SECRET = "qwertyuiop";
final String MAGENTO_REST_API_URL = "http://example.com/magento/api/rest";
// three-legged oauth
OAuthService service = new ServiceBuilder()
.provider(MagentoThreeLeggedOAuth.class)
.apiKey(MAGENTO_API_KEY)
.apiSecret(MAGENTO_API_SECRET)
.debug()
.build();
System.out.println("" + service.getVersion());
Scanner in = new Scanner(System.in);
System.out.println("Magento's OAuth Workflow");
System.out.println();
// Obtain the Request Token
System.out.println("Fetching the Request Token...");
Token requestToken = service.getRequestToken();
System.out.println("Got the Request Token!");
System.out.println();
System.out.println("Fetching the Authorization URL...");
String authorizationUrl = service.getAuthorizationUrl(requestToken);
System.out.println("Got the Authorization URL!");
System.out.println("Now go and authorize Main here:");
System.out.println(authorizationUrl);
System.out.println("And paste the authorization code here");
System.out.print(">>");
Verifier verifier = new Verifier(in.nextLine());
System.out.println();
System.out.println("Trading the Request Token for an Access Token...");
Token accessToken = service.getAccessToken(requestToken, verifier);
System.out.println("Got the Access Token!");
System.out.println("(if your curious it looks like this: "
+ accessToken + " )");
System.out.println();
OAuthRequest request = new OAuthRequest(Verb.GET, MAGENTO_REST_API_URL+ "/products");
service.signRequest(accessToken, request);
Response response = request.send();
System.out.println();
System.out.println(response.getCode());
System.out.println(response.getBody());
System.out.println();
}
}
When I try to run the program, I get the following error:
1.0
Magento's OAuth Workflow
Fetching the Request Token...
obtaining request token from http://example.com/oauth/initiate
setting oauth_callback to oob
generating signature...
using base64 encoder: DatatypeConverter
base string is: POST&http%3A%2F%2Fexample.com%2Foauth%2Finitiate&oauth_callback%3Doob%26oauth_consumer_key%3Dabcdefghij%26oauth_nonce%3D2387862876%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1437522397%26oauth_version%3D1.0
signature is: 7DHYSmiU9JMnek04Pd8JwtbaeP4=
appended additional OAuth parameters: { oauth_callback -> oob , oauth_signature -> 7DHYSmiU9JMnek04Pd8JwtbaeP4= , oauth_version -> 1.0 , oauth_nonce -> 2387862876 , oauth_signature_method -> HMAC-SHA1 , oauth_consumer_key -> abcdefghij , oauth_timestamp -> 1437522397 }
using Http Header signature
sending request...
response status code: 400
response body: oauth_problem=parameter_absent&oauth_parameters_absent=oauth_consumer_key
Exception in thread "main" org.scribe.exceptions.OAuthException: Response body is incorrect. Can't extract token and secret from this: 'oauth_problem=parameter_absent&oauth_parameters_absent=oauth_consumer_key'
What is the problem here? Does it have anything to do with the code? Or does my customer have to do something on their end? I installed Magento locally, and I'm able to get the access token using this code. I do not want to go back to my customer without first understanding what the problem is.
Thanks.
