I call the Magento API with the following Autherization as header,
auth = "OAuth oauth_consumer_key=**********************,oauth_consumer_secret=****************,oauth_token=************,oauth_token_secret=**************,oauth_signature_method=HMAC-SHA1,oauth_timestamp=" + ConstantFunctions.GetTimeStamp() + ",oauth_nonce=" + ConstantFunctions.GetNonce() + ",oauth_signature=*******************) ;
While I call the API,
Getting error oauth_problem=signature_invalid
.All other parameters validate successfully but got an error in the signature,
I try the following code to generate the signature,
public static String GETHMACSHA1(String value, String key)
throws UnsupportedEncodingException, NoSuchAlgorithmException,
InvalidKeyException {
String type = "HmacSHA1";
SecretKeySpec secret = new SecretKeySpec(key.getBytes(), type);
Mac mac = Mac.getInstance(type);
mac.init(secret);
byte[] bytes = mac.doFinal(value.getBytes());
return bytesToHex(bytes);
}
private final static char[] hexArray = "0123456789abcdef".toCharArray();
private static String bytesToHex(byte[] bytes) {
char[] hexChars = new char[bytes.length * 2];
int v;
for (int j = 0; j < bytes.length; j++) {
v = bytes[j] & 0xFF;
hexChars[j * 2] = hexArray[v >>> 4];
hexChars[j * 2 + 1] = hexArray[v & 0x0F];
}
return new String(hexChars);
}
I pass the oauth_consumer_secret
and oauth_token_secret
as the parameter to get signature . But its still get the same error.
How to generate the signature in android and which value I need to pass to get the same?
We didn't need to pass all the attribute as auth, retrofit itself handle this, we need to pass only the CONSUMER_KEY, CONSUMER_SECRET, ACCESS_TOKEN and TOKEN_SECRET.
By following this
ApiUtils class will be like,
Kotlin
}
Android Java
and for RetrofitClient Class
Kotlin
Android java
For Oauth i dont think you should be passing CS and TS . You need to concatenate a set of URL-encoded attributes and parameters to construct the signature base string. please refer - devdocs.magento.com/guides/v2.0/get-started/authentication/
the url should contains the above params before encoding.
i did a similar Oauth authentication in Woocommerce API for android please refer this gist url for more info.
https://gist.github.com/Muneefm/f4c08b2aa3accd57fa890156f74e619a
in this check the method called
getLoginUrl()
. in which i have concatenate the url.