POST with JSON body

[WolneyMendes]

Sorry if this is the wrong place for this kind of questions...

Is there any sample on using it as a post with json body?

Thank in advance

[ddo]

These should work

request({
	url: request_data.url,
	method: request_data.method,
	body: oauth.authorize(request_data, token),
        json: true
}, function(error, response, body) {
	//process your data here
});

or

request({
	url: request_data.url,
	method: request_data.method,
	body: JSON.stringify(oauth.authorize(request_data, token)),
        json: true
}, function(error, response, body) {
	//process your data here
});

[WolneyMendes]

Thanks for the response, I really appreciate your help!

I do not have a token but only key and secret. The GET works just fine so I know the key/secret are ok.

Is this expected to work?

var request = require('request');
var OAuth = require('oauth-1.0a');
var crypto = require('crypto');

var oauth = OAuth({
consumer: {
key: 'MyKey',
secret: 'MySecret'
},
});

var request_data = {
url: "https://x.com/v1/api",
method: 'POST',
data: {
x: "hi",
y: "hello",
}
};

request({
url: request_data.url,
method: request_data.method,
body: oauth.authorize(request_data),
json: true
}, function(error, response, body) {
//process your data here
});

[WolneyMendes]

So I did run some more tests using another application that does POST properly and here is what I notice.

Using the code above I see:

Header

{"connection":"upgrade","host":"xxx.com","x-real-ip":"34.232.143.225","content-length":"277","accept":"application/json","content-type":"application/json"}

Body

{"oauth_consumer_key":"BcIGBxdy4mwkSlzveclKso5MrdL2zMyB","oauth_nonce":"kuvW5dgtC1Au3E3UQtjUDAj8dmpdHpdp","oauth_signature_method":"PLAINTEXT","oauth_timestamp":1506593856,"oauth_version":"1.0","x":"hi","y":"hello","oauth_signature":"jQ2WNLKq63OXChUnyGSpXAt4pViVOn373sC1OoNb&"}

While the one that works:

Header

{"connection":"upgrade","host":"xxx.com","x-real-ip":"74.89.88.120","content-length":"26","content-type":"application/json; charset=utf-8","user-agent":"cmttest/1 CFNetwork/811.4.18 Darwin/16.6.0","accept":"application/json","accept-language":"en-us","authorization":"OAuth oauth_consumer_key=\"BcIGBxdy4mwkSlzveclKso5MrdL2zMyB\", oauth_nonce=\"0352A494\", oauth_signature=\"RIodbSHJeHcA%2Bj3zDIz7%2Fq%2BpGy4%3D\", oauth_signature_method=\"HMAC-SHA1\", oauth_timestamp=\"1506593871\", oauth_version=\"1.0\"","accept-encoding":"gzip, deflate"}

Body

{"x":"hi","y":"hello"}

As you can see the Authentication part ended up in the body instead of the header.

[ddo]

you mean in the header works? if you wanna use header for oauth. try this:

request({
	url: request_data.url,
	method: request_data.method,
	body: request_data.data,
        json: true,
	headers: oauth.toHeader(oauth.authorize(request_data, token))
}, function(error, response, body) {
	//process your data here
});

[WolneyMendes]

Nice... that made my requests much more alike, but I am still getting Not Authorized.

The only difference I see now is that their nonce is oauth_nonce="5D3B64AC" (like 8 hex digits) when ours is is like oauth_nonce="l9myGknlumDxzUUAaMcgolcI3F59CfN7". Perhaps they don't know how to deal with that.

Is there a way for us to control the nonce?

Thanks Again!

[WolneyMendes]

I was talking to the guys that have the server and they say that the oauth_signature is incorrect. They said that the parameters should be used in sorted matter to calculate the signature. I will try to look in to the code but do you have any idea if that is done?

[WolneyMendes]

I got it!!!

It turns out that for some reason in their side the calculation of oauth_signature does not include the content of the json object. I added to your configuration object a parameter to indicate "include it or not" the json data on the calculation and voila... it is working now.

I am far from being an specialist from oauth1 but it seems odd not to hash the json data, and I have another library in the mobile that is not including the json data when calculating the hash as well.

[ddo]

so everything fine now?

[FranklynSeabraOSF]

@WolneyMendes witch parameters did you change ? I'm having the same issue, could you post a snippet of code?

[WolneyMendes]

Hello Franklyn, What I did was to change the source code of the library to watch for a new parameter and then added code to the library to skip or not the body. Unfortunately I do not have access to the code. I am no longer part of the project. Regards

…

On Tue, Jan 11, 2022 at 10:23 Franklyn Seabra ***@***.***> wrote: @WolneyMendes <https://github.com/WolneyMendes> witch parameters did you change ? I'm having the same issue, could you post a snippet of code? — Reply to this email directly, view it on GitHub <#60 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ACYNRSONWIO5R32T5SKMHLLUVQVO3ANCNFSM4D4Z6SJQ> . Triage notifications on the go with GitHub Mobile for iOS <https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android <https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>. You are receiving this because you were mentioned.Message ID: <ddo/oauth-1 .***@***.***>