I followed these steps "http://developer.yahoo.com/oauth/guide/oauth-auth-flow.html" and I got oauth token and GUID from authenticated user. Now I am trying retrieve all contacts through GUID as I have seen on searchs for web using this url "http://social.yahooapis.com/v1/user/GUID_HERE/contacts" and passing authorization data via headers but I just get this response:
<?xml version='1.0' encoding='UTF-8'?><yahoo:errorxmlns:yahoo='http://yahooapis.com/v1/base.rng' xml:lang='en-US'><yahoo:description>Please provide valid credentials. OAuth oauth_problem="signature_invalid", realm="yahooapis.com"</yahoo:description></yahoo:error><!-- ws129.socdir.sp2.yahoo.com uncompressed/chunked Tue Aug 28 06:22:40 PDT 2012 -->
I am performing the request using cURL (PHP) like is written here "http://developer.yahoo.com/oauth/guide/oauth-make-request.html" (I have checked and I am using my consumer secret as ouath_signature):
$header = array(
'GET http://social.yahooapis.com/v1/user/' . $guid[1] . '/contacts',
'Authorization: OAuth realm="yahooapis.com", '.
'oauth_consumer_key="'.$yahoo_consumer_key.'", '.
'oauth_nonce="'.uniqid().'", '.
'oauth_signature_method="HMAC-SHA1", '.
'oauth_timestamp="'.time().'", '.
'oauth_token="'.$ouathToken[1].'", '.
'oauth_version="1.0", '.
'oauth_signature="'.$yahoo_consumer_secret.'"');
curl_setopt_array($ch, array(
CURLOPT_RETURNTRANSFER => true,
CURLOPT_FOLLOWLOCATION => TRUE,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => 0,
//CURLOPT_HTTPGET => true,
CURLOPT_URL => 'http://social.yahooapis.com/v1/user/' . $guid[1] . '/contacts',
CURLOPT_HTTPHEADER => $header
));
Anyone can help?
The OAuth Signature isn't just the consumer secret. Yahoo has some documentation on how sign the request and that's what goes in the oauth_signature field.
Seems the signature created is wrong.For create signature first create base string which is created by normalizing your url.
For more details about base string visit http://developer.yahoo.com/oauth/guide/oauth-signing.html. http://oauth.net/core/1.0/#anchor16
After creating a base string create a signature key which is developed by concatenating COSUMER SECRET and token secret with &.Like this,
$signatureKey = CONSUMER_SECRET."&".{yourtokensecret};
Then for create signature try this code: $signature = urlencode(base64_encode(hash_hmac('sha1',{baseString}, $signatureKey, true)));
There is an excellent signing function available here.