Announcement Announcement Module
No announcement yet.
Missing signature method with OAuth1.0 Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Missing signature method with OAuth1.0

    I have a spring social enabled app which I built using spring-social-samples as a reference. I successfully integrated facebook and Twitter but I am having trouble integrated with Sparklr(code) and I am getting the following error.

    [DEBUG] ProtectedResourceProcessingFilter - dOAuthParametersException: Missing signature method.

    Here is the (code) which is throwing this error.

    Spring-security-oauth comes with Sparklr(Service provider) and Tonr(Consumer). Everything works as expected when I try to authorize Tonr user against Sparklr. It fails when I try to authorize my app user against Sparklr.

    Question really is, how is method signature sent? Is this some kind of configuration error in my app?

    Thank you.

  • #2
    This is really more of a Spring Security OAuth question. Moving this thread to that forum.


    • #3
      I don't know much about OAuth 1.0 really, but from the spec it looks like oauth_signature_method is a mandatory parameter. Are you sending it? You should be able to tell by looking at the request in a debug tool (e.g. TCP monitor proxy). If you aren't sending it then there must be a problem at the client end. If you are sending it and it isn't being found on the server then it could be a problem on the server.
      Last edited by Dave Syer; Mar 22nd, 2012, 10:03 AM. Reason: spelling


      • #4
        Spring Social is doing the heavy lifting for me as I am using it as a consumer. Spring social takes care of constructing the required request headers before sending a request. I am debugging it but not sure if I misconfigured something in Spring-Social. I will check the headers and will post my findings.


        • #5
          One difference that I see between working and non working case is, with spring social oauth_callback and consumer_key are sent as part of request for confirm_access where as with spring-security-consumer(tonr) only the oauth_token is sent.

          Spring-social is sending
          Location: http://localhost:8888/sparklr/oauth/...r-consumer-key

          Tonr is sending

          Does it ring any bells?
          Last edited by binnyg; Mar 22nd, 2012, 11:34 AM. Reason: Trying to display full URL