Announcement Announcement Module
Collapse
No announcement yet.
Override the oauth_signature_method for connection factories Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Override the oauth_signature_method for connection factories

    I'm trying to override the oauth_signature_method for the Dropbox Connection factory but so far I can't find any info on how to override this from "HMAC*" to "PLAINTEXT".

    Has anyone got any insight to this?

  • #2
    Are you writing your own Dropbox module or are you working with the one at https://github.com/vbfischer/spring-social-dropbox ?

    You can't override the signature method from the connection factory. That's a lower level detail that's handled in OAuth1Template (actually, even a bit deeper in SigningSupport). You'll need to create a custom subclass of OAuth1Template and reference that new implementation from the service provider.

    But my curiosity demands that I ask: Why do you want it to be PLAINTEXT? Doesn't Dropbox support HMAC_SHA1? Why would you want to go back to the less-secure PLAINTEXT? To be honest, I wasn't even aware that any providers even supported anything other than HMAC_SHA1 (even though the spec says they may support PLAINTEXT and RSA_SHA1).

    Comment


    • #3
      Yes I'm using the vbfischer plugin but each time I try and access an API call (e.g. getItemMetadataPath()) I get a 403 Forbidden.

      I read somewhere (and I can't find the link now) this was because Dropbox only supports PLAINTEXT.

      The URI for the oauth looks fine, but I just can't use any of the API after connecting.

      2013-03-06 11:59:49 DEBUG ConnPoolByRoute:679 - Notifying no-one, there are no waiting threads
      2013-03-06 11:59:49 DEBUG ExceptionHandlerExceptionResolver:132 - Resolving exception from handler [public java.lang.String au.org.ikeda.filer.controller.DropboxController.li stFolder(java.lang.String,org.springframework.ui.M odel)]: org.springframework.web.client.HttpClientErrorExce ption: 403 Forbidden
      2013-03-06 11:59:49 DEBUG ResponseStatusExceptionResolver:132 - Resolving exception from handler [public java.lang.String au.org.ikeda.filer.controller.DropboxController.li stFolder(java.lang.String,org.springframework.ui.M odel)]: org.springframework.web.client.HttpClientErrorExce ption: 403 Forbidden
      2013-03-06 11:59:49 DEBUG DefaultHandlerExceptionResolver:132 - Resolving exception from handler [public java.lang.String au.org.ikeda.filer.controller.DropboxController.li stFolder(java.lang.String,org.springframework.ui.M odel)]: org.springframework.web.client.HttpClientErrorExce ption: 403 Forbidden
      2013-03-06 11:59:49 DEBUG DispatcherServlet:943 - Could not complete request
      org.springframework.web.client.HttpClientErrorExce ption: 403 Forbidden
      at org.springframework.web.client.DefaultResponseErro rHandler.handleError(DefaultResponseErrorHandler.j ava:88)
      at org.springframework.web.client.RestTemplate.handle ResponseError(RestTemplate.java:532)
      at org.springframework.web.client.RestTemplate.doExec ute(RestTemplate.java:488)

      Comment


      • #4
        Well it looks like I just wasn't using it properly. I've fixed the issue (I think it had something to do with the way I was accessing directories) and can now upload and list files.

        Oh and I created my own docs on this.

        Comment


        • #5
          So, to be clear...did it end up working with HMAC_SHA1? I got to thinking a bit later that even the authorization shouldn't have worked if DropBox doesn't support HMAC_SHA1, because that's used for encoding even during the authorization flow. So, if it was working for you during authorization, it should've worked at API-binding time.

          You say you created your own docs? Did you make those available somewhere? Perhaps you could submit a pull request back to vbfischer for inclusion in his module? Or since he's been fairly silent on GitHub since Nov 29th, maybe you could just make your fork of his project available for others to use.

          Comment


          • #6
            That's correct Craig it did end up working with HMAC_SHA1. The page on DropBox that mentions the use of PLAINTEXT is: https://www.dropbox.com/developers/blog/20

            Clearly, I just glanced over the article and made some assumptions.

            Right now I'm prototyping spring-social in general and yes have started creating some docs on not only setting up the project but also how to properly use the Drop Box plugins. Currently it's on my private GitHub Wiki for the project which, as I progress I'll open up - or hit me up and I can give you some working progress.

            At the end of the day understanding how the paths are relative in certain circumstances is what is missing. The project also includes some account integration with an external account system.

            Comment

            Working...
            X