3

I am integrating my web app with AppDirect, for this I created a java rs API using jersey.

When I subscribe to an event, I get a map containing the oauth values (key and secret) to sign my request and an event url to which I issue a sign fetch to.

I am getting those values (oauth and eventurl) as expected.

Now when I try to issue a signed fetch using the library signpost, I use the following code:

OAuthConsumer consumer = new DefaultOAuthConsumer(consumer_key, secret);
// create an HTTP request to a protected resource
URL url = new URL(eventUrl);
HttpURLConnection request = (HttpURLConnection) url.openConnection();

// sign the request
consumer.sign(request);

// send the request
request.connect();

I get this error message:

getResponseMessage: Unauthorized
getresponsecode: 401

I also tried with the following test values:

  1. url = "https://www.appdirect.com/api/integration/v1/events/dummyOrder";
  2. dummyKey = "Dummy";
  3. dummySecret = "secret"; But I got the same result.

Please how can I fix it?

I also tried and adding this:

request.setRequestMethod("GET");         

request.setRequestProperty("Authorization", "OAuth");

request.setRequestProperty("Host", "...");

request.setRequestProperty("Content-Type", "application/xml");         

request.setRequestProperty("oauth_nonce", oauth_nonce);

request.setRequestProperty("oauth_signature", oauth_signature);

request.setRequestProperty("oauth_signature_method", oauth_signature_method);

request.setRequestProperty("oauth_timestamp", oauth_timestamp);

request.setRequestProperty("oauth_version", oauth_version);

also tried with key:secret in the Authorization property

alexbt
  • 16,415
  • 6
  • 78
  • 87
eeadev
  • 3,662
  • 8
  • 47
  • 100

1 Answers1

2

Dummy keys (oauth)

No-auth

Here is a behavior of this service when testing via Postman Chrome extension. If you are using OAuth provider, so you need to get valid api-key for AppDirect and secret.

BTW second screenshot shows you don't need to send an OAuth token to appdirect to https://www.appdirect.com/api/integration/v1/events/dummyOrder, because it authorizes any url.

So, according to your notes, you have to add proper(secret and key) and then AppDirect OAuth server will return you a valid token which you will use when addressing AppDirect's repositories. Or you may send key-secret with each request.

max.kuzmentsov
  • 766
  • 1
  • 10
  • 22
  • yes, I already use OAuthConsumer consumer = new DefaultOAuthConsumer(consumer_key, secret); I will add some code – eeadev May 31 '16 at 13:49
  • I do have a valid consumer key and secret and I am passing it in my DefaultOAuthConsumer object. Where else shall I use it? – eeadev May 31 '16 at 15:06
  • 1
    Just try the same way I tried. Use postman or another rest-client. Add credentials you used from java-code. Post the result here. – max.kuzmentsov May 31 '16 at 15:58
  • actually, it works with test keys but not with the ones that they provided are not working, thanks anyway – eeadev May 31 '16 at 16:07