Unknown OAuth signature method trying to obtain a resource token
When trying to obtain a resource request token from Jam as described in http://help.sap.com/download/documentation/sapjam/developer/index.html#odata/concepts/Auth-OAuthDevGuide-2-getARequestTokenFromJam.html I’m getting “Unknown OAuth signature method” with an error code of 400 is returned.
As webserver for the client app I’m using the Tornado python framework and for the POST request the requests library. The client app has been registered at https://developer.sapjam.com and a consumer key and consumer secret have been obtained successfully. The signature method chosen is “HMAC-SHA1”. And the request is being made from the server registered in the callback URL.
The POST request is being made as follows:
url = “https://developer.sapjam.com/oauth/request_token/“
key = urllib.quote_plus(options.client_secret) + “&”
data = {
‘oauth_consumer_key’ : options.client_key,
‘oauth_nonce’ : str(uuid.uuid4()),
‘oauth_signature_method’ : ‘HMAC-SHA1’,
‘oauth_timestamp’ : str(int(time.time())),
‘oauth_version’ : ‘1.0’,
‘oauth_callback’ : ‘oob’
}
text = “POST&” + urllib.quote_plus(url) + “&” + urllib.quote_plus(“oauth_callback=” + data[“oauth_callback”] + “&oauth_consumer_key=” + data[“oauth_consumer_key”] + “&oauth_nonce=” + data[“oauth_nonce”]
+ “&oauth_signature_method=” + data[“oauth_signature_method”] + “&oauth_timestamp=” + data[“oauth_timestamp”] + “&oauth_version=” + data[“oauth_version”])
signature = hmac.new(key, text, hashlib.sha1)
data[“oauth_signature”] = signature.digest().encode(“base64”).rstrip(‘\n’)
headers = {
‘Authorization’ : ‘Oauth’
}
response = requests.post(url, headers=headers, data=json.dumps(data))
The exact response text obtained is:
<?xml version=”1.0″ encoding=”UTF-8″?>
<error>
<http_status>400 Bad Request</http_status>
<message category=”invalid_oauth_request”>Unknown OAuth signature method.</message>
</error>
Alternatives tried:
• PLAINTEXT as signature method (and changing the signature accordingly) has been tried without any change in the response.
• Sending the parameters in the Authorization header instead of the body was also tried but the response was the same.
• Encoding the parameters in the body with the encoding scheme used by the “application/x-www-form-urlencoded” content-type returns “OAuth authentication failed” with error code 401 instead.
Thanks in advance for any help you can provide me
Hi Michael,
You should really be posting this as a question and not a blog. I would suggest looking at the following site that has a good python example of how to do this:
mtr-design.com/blog/sap-jam-saml-authentication-using-python
If you are still stuck after looking there, please repost this as a question.
Thanks,
Adam
You may want to also try it with a tool like Postman for Chrome. I just tested it out last week and it works great with Postman. You can do this to test what you are sending in your code. Our service is a OAuth 1.0a compliant service.
Just an additional remark: Rob and Adam also ran an expert webinar about "mastering authentication for SAP Jam APIs". This webinar is available to enterprise support customers (all SAP Jam/Cloud customers) and partners (just need an SAP s user ID).
You can find the recording at
https://service.sap.com/sap/bc/bsp/spn/esa_redirect/index.htm?gotocourse=X&courseid=70309359
If you are also interested in other webinars about Jam around setup, integration, customization, as well as driving adoption, please sign up for the SAP Jam value map at http://support.sap.com/valuemaps
Hope this helps,
Ingo