I have done code to access yahoo weather API with oath by following all steps provided by yahoo in documentation as
1) Create Yahoo account
2) Create App
3) White list App
4) C# code to access yahoo weather API with oath
I am getting Unauthorized access exception while requesting API.
Here is the code :
public class WeatherYdn
{
public static void Main(string[] args)
{
const string appId = "YOUR-WHITELISTED-APPID";
const string consumerKey = "YOUR-CONSUMER-KEY";
const string consumerSecret = "YOUR-SECRET-KEY";
const string url = "https://weather-ydn-yql.media.yahoo.com/forecastrss";
string timestamp = StringHelper.GenerateTimeStamp();
String oauthNonce = StringHelper.GenerateNonce();
IList<string> parameters = new List<string>();
parameters.Add("oauth_consumer_key=" + consumerKey);
parameters.Add("oauth_nonce=" + oauthNonce);
parameters.Add("oauth_signature_method=HMAC-SHA1");
parameters.Add("oauth_timestamp=" + timestamp);
parameters.Add("oauth_version=1.0");
// Make sure value is encoded
parameters.Add("location=" + HttpUtility.UrlEncode("pune,in", Encoding.UTF8));
parameters.Add("format=json");
((List<string>) parameters).Sort();
StringBuilder parametersList = new StringBuilder();
for (int i = 0; i < parameters.Count; i++)
{
parametersList.Append(((i > 0) ? "&" : "") + parameters.ElementAt(i));
}
var signatureString = "GET&" +
HttpUtility.UrlEncode(url,Encoding.UTF8) + "&" +
HttpUtility.UrlEncode(parametersList.ToString(), Encoding.UTF8);
string signature = null;
try
{
string secretAccessKey = consumerSecret;
byte[] secretKey = Encoding.UTF8.GetBytes(secretAccessKey);
HMACSHA1 hmac = new HMACSHA1(secretKey);
hmac.Initialize();
byte[] bytes = Encoding.UTF8.GetBytes(signatureString);
byte[] rawHmac = hmac.ComputeHash(bytes);
signature = Convert.ToBase64String(rawHmac);
}
catch (Exception e)
{
Console.WriteLine("Unable to append signature");
}
string authorizationLine = "OAuth " +
"oauth_consumer_key=\"" + consumerKey + "\", " +
"oauth_nonce=\"" + oauthNonce + "\", " +
"oauth_timestamp=\"" + timestamp + "\", " +
"oauth_signature_method=\"HMAC-SHA1\", " +
"oauth_signature=\"" + signature + "\", " +
"oauth_version=\"1.0\"";
HttpWebRequest request = (HttpWebRequest) WebRequest.Create(url + "?location=pune,in&format=json");
request.Headers.Add("Authorization", authorizationLine);
request.Headers.Add("Yahoo-App-Id", appId);
request.ContentType = "application/json; charset=UTF-8";
request.Accept = "application/json";
HttpWebResponse response = (HttpWebResponse) request.GetResponse();
Stream receiveStream = response.GetResponseStream();
StreamReader readStream = new StreamReader(receiveStream, Encoding.UTF8);
Console.WriteLine(readStream.ReadLine());
}
}
In which line you get the error? The GetResponse() returns it?
I think that the credentials you are using (appId,consumerKey,consumerSecret) are invalid!
public string appId = "Your app-id";
public string consumerKey = "Your-consumer key";
public string consumerSecret = "Your Consumer Secret key";
// GET: api/Random
[HttpGet("{CityName}")]
public async Task<IActionResult> GetAsync([FromUri] string CityName)
{
string urlss = "https://weather-ydn-yql.media.yahoo.com/forecastrss?location=";
string url = urlss + CityName+ "&format=json&u=c";
JObject jresult;
using (var client = new HttpClient())
{
try
{
var webClient = new WebClient();
webClient.Headers.Add(AssembleOAuthHeader());
var d = webClient.DownloadString(url);
jresult = JObject.Parse(d);
var json_jsonstring = Newtonsoft.Json.JsonConvert.SerializeObject(jresult);
return Ok(json_jsonstring);
}
catch (HttpRequestException httpRequestException)
{
return BadRequest($"Error getting weather from Yahoo Weather: {httpRequestException.Message}");
}
}
}
public string AssembleOAuthHeader()
{
return "Authorization: OAuth " +
"realm=\"yahooapis.com\"," +
"oauth_consumer_key=\"" + consumerKey + "\"," +
"oauth_nonce=\"" + Guid.NewGuid() + "\"," +
"oauth_signature_method=\"PLAINTEXT\"," +
"oauth_timestamp=\"" + ((DateTime.UtcNow.Ticks - new DateTime(1970, 1, 1).Ticks) / (1000 * 10000)) +
"\"," +
"oauth_version=\"1.0\"," +
"oauth_signature=\"" + consumerSecret + "%26\"," +
"oauth_callback=\"oob\"";
}
For yahoo weather new authentication you can use this python library
yahoo-weather
I think your code is fine. The problem lies with a poorly implemented URL Decode on Yahoo's end. Java URL Encode encodes with uppercase while .net HTTPUtility.URLEncode encodes in lower case. I created an extension method for a string that will rectify the problem and URL Encode in a way that the Yahoo API can handle. After doing that all worked well (I had the exact same problem you did).
<Extension>
Public Function UppercaseURLEncode(ByVal sourceString As String) As String
Dim temp As Char() = HttpUtility.UrlEncode(sourceString).ToCharArray()
For i As Integer = 0 To temp.Length - 2
If temp(i).ToString().Equals("%", StringComparison.OrdinalIgnoreCase) Then
temp(i + 1) = Char.ToUpper(temp(i + 1))
temp(i + 2) = Char.ToUpper(temp(i + 2))
End If
Next
Return New String(temp)
End Function
//Here Is The Working Code :
public class YWSample
{
const string cURL = "https://weather-ydn-yql.media.yahoo.com/forecastrss";
const string cAppID = "Your-App-ID";
const string cConsumerKey = "Your-Consumer-Key";
const string cConsumerSecret = "Your-Consumer-Secret";
const string cOAuthVersion = "1.0";
const string cOAuthSignMethod = "HMAC-SHA1";
const string cWeatherID = "woeid=727232"; // Amsterdam, The Netherlands
const string cUnitID = "u=c"; // Metric units
const string cFormat = "xml";
//Code to get timestamp
static string _get_timestamp()
{
var lTS = DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc);
return Convert.ToInt64(lTS.TotalSeconds).ToString();
}
//Code to get nonce
static string _get_nonce()
{
return Convert.ToBase64String(
new ASCIIEncoding().GetBytes(
DateTime.Now.Ticks.ToString()
)
);
} // end _get_nonce
static string _get_auth()
{
var lNonce = _get_nonce();
var lTimes = _get_timestamp();
var lCKey = string.Concat(cConsumerSecret, "&");
var lSign = $"format={cFormat}&" + $"oauth_consumer_key={cConsumerKey}&" + $"oauth_nonce={lNonce}&" +
$"oauth_signature_method={cOAuthSignMethod}&" + $"oauth_timestamp={lTimes}&" +
$"oauth_version={cOAuthVersion}&" + $"{cUnitID}&{cWeatherID}";
lSign = string.Concat(
"GET&", Uri.EscapeDataString(cURL), "&", Uri.EscapeDataString(lSign)
);
using (var lHasher = new HMACSHA1(Encoding.ASCII.GetBytes(lCKey)))
{
lSign = Convert.ToBase64String(
lHasher.ComputeHash(Encoding.ASCII.GetBytes(lSign))
);
} // end using
return "OAuth " +
"oauth_consumer_key=\"" + cConsumerKey + "\", " +
"oauth_nonce=\"" + lNonce + "\", " +
"oauth_timestamp=\"" + lTimes + "\", " +
"oauth_signature_method=\"" + cOAuthSignMethod + "\", " +
"oauth_signature=\"" + lSign + "\", " +
"oauth_version=\"" + cOAuthVersion + "\"";
} // end _get_auth
public static void Main(string[] args)
{
const string lURL = cURL + "?" + cWeatherID + "&" + cUnitID + "&format=" + cFormat;
var lClt = new WebClient();
lClt.Headers.Set("Content-Type", "application/" + cFormat);
lClt.Headers.Add("Yahoo-App-Id", cAppID);
lClt.Headers.Add("Authorization", _get_auth());
Console.WriteLine("Downloading Yahoo weather report . . .");
var lDataBuffer = lClt.DownloadData(lURL);
var lOut = Encoding.ASCII.GetString(lDataBuffer);
Console.WriteLine(lOut);
Console.Write("Press any key to continue . . . ");
Console.ReadKey(true);
}//end of Main
} // end YWSample
Related
I am trying to call some specific endpoint on magento from c# RestClient, with no luck. The call starts here :
private void SendDeletedProduct(string itemCode)
{
string consumerKey = ".....";
string consumerSecret = ".....";
string tokenSecret = ".....";
string tokenValue = ".....";
string url = string.Format("http://.........:8090/api/rest/pylon/{0}", itemCode);
var client = new RestClient(url);
client.Timeout = -1;
var request = new RestRequest(Method.PUT);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", GetHeader("DELETE", consumerKey, consumerSecret, tokenSecret, tokenValue, url));
IRestResponse response = client.Execute(request);
if (response.StatusCode != HttpStatusCode.OK)
{
LogError(response, string.Empty, itemCode, "Product", "DELETE");
}
}
and the header is generated here :
private string GetHeader(string method, string cKey, string cSecret, string tSecret, string tValue, string apiUrl)
{
Dictionary<string, string> oauthD = new Dictionary<string, string>();
oauthD.Add("consumerKey", cKey);
oauthD.Add("consumerSecret", cSecret);
oauthD.Add("tokenSecret", tSecret);
oauthD.Add("tokenValue", tValue);
oauthD.Add("url", apiUrl.Replace(":8090", string.Empty));
var timeStamp = ((int)(DateTime.UtcNow - new DateTime(1970, 1, 1)).TotalSeconds).ToString();
var nonce = Convert.ToBase64String(Encoding.UTF8.GetBytes(timeStamp));
var signatureBaseString = HttpUtility.UrlEncode(method + "&");
signatureBaseString += HttpUtility.UrlEncode(oauthD["url"] + "&");
signatureBaseString += HttpUtility.UrlEncode(
"oauth_consumer_key=" + oauthD["consumerKey"] + "&" +
"oauth_nonce=" + nonce + "&" +
"oauth_signature_method=HMAC-SHA1" + "&" +
"oauth_timestamp=" + timeStamp + "&" +
"oauth_token=" + oauthD["tokenValue"] + "&" +
"oauth_version=1.0");
var key = HttpUtility.UrlEncode(oauthD["consumerSecret"] + "&" + oauthD["tokenSecret"]);
var signatureEncoding = new ASCIIEncoding();
var keyBytes = signatureEncoding.GetBytes(key);
var signatureBaseBytes = signatureEncoding.GetBytes(signatureBaseString);
string signatureString;// = HMACSHA1(key, signatureBaseString);
using (var hmacsha1 = new HMACSHA1(keyBytes))
{
var hashBytes = hmacsha1.ComputeHash(signatureBaseBytes);
signatureString = Convert.ToBase64String(hashBytes);
}
signatureString = HttpUtility.UrlEncode(signatureString);
string SimpleQuote(string s) => '"' + s + '"';
string header =
"oAuth oauth_consumer_key=" + SimpleQuote(oauthD["consumerKey"]) + "," +
"oauth_nonce=" + SimpleQuote(nonce) + "," +
"oauth_signature_method=" + SimpleQuote("HMAC-SHA1") + "," +
"oauth_timestamp=" + SimpleQuote(timeStamp) + "," +
"oauth_token=" + SimpleQuote(oauthD["tokenValue"]) + "," +
"oauth_version=" + SimpleQuote("1.0") + "," +
"oauth_signature= " + SimpleQuote(signatureString);
return header;
}
Reading around the web and magento docs, i ve found a lot of possible answers but i didnt manage to get the api to respond with 200 ok. I ve tried stripping the port from the url, changing the order of the parameters in the signature string to be alphabetical, tried urlencoding with "&" symbol and leaving "&" outside of urlencode. Calling the api directly from postman works fine btw. So i figure i have something wrong in the way i produce my signature. Any help would be appreciated.
Thanks in advance!
The error was on the way i prepared the string and key for hashing. I have found a variety of steps offered by different people and i ended up mixing it up and causing me problems. In the end i came across this site which made things a lot clearer and helped me end my suffering. For any1 in my situation final working code is :
private string GetHeader(string method, string cKey, string cSecret, string tSecret, string tValue, string apiUrl)
{
Dictionary<string, string> oauthD = new Dictionary<string, string>();
oauthD.Add("consumerKey", cKey);
oauthD.Add("consumerSecret", cSecret);
oauthD.Add("tokenSecret", tSecret);
oauthD.Add("tokenValue", tValue);
oauthD.Add("url", apiUrl);
var timeStamp = ((int)(DateTime.UtcNow - new DateTime(1970, 1, 1)).TotalSeconds).ToString();
var nonce = Convert.ToBase64String(Encoding.UTF8.GetBytes(timeStamp));
string[] lexOrdering = new string[6];
lexOrdering[0] = UpperCaseUrlEncode("oauth_consumer_key=" + oauthD["consumerKey"]);
lexOrdering[1] = UpperCaseUrlEncode("oauth_version=1.0");
lexOrdering[2] = UpperCaseUrlEncode("oauth_timestamp=" + timeStamp);
lexOrdering[3] = UpperCaseUrlEncode("oauth_signature_method=HMAC-SHA1");
lexOrdering[4] = UpperCaseUrlEncode("oauth_token=" + oauthD["tokenValue"]);
lexOrdering[5] = UpperCaseUrlEncode("oauth_nonce=" + UpperCaseUrlEncode(nonce));
string orderedString = LexicographicalOrder(lexOrdering);
var key1 = Encoding.Default.GetBytes(oauthD["consumerSecret"]);
var key2 = Encoding.Default.GetBytes(oauthD["tokenSecret"]);
var key = UpperCaseUrlEncode(Encoding.UTF8.GetString(key1)) + "&" + UpperCaseUrlEncode(Encoding.UTF8.GetString(key2));
string signatureString = Hash(key, method.ToUpper() + "&" + UpperCaseUrlEncode(oauthD["url"]) + "&" + orderedString);
signatureString = UpperCaseUrlEncode(signatureString);
string header =
"OAuth oauth_consumer_key=\"" + oauthD["consumerKey"] + "\"," +
"oauth_token=\"" + oauthD["tokenValue"] + "\"," +
"oauth_signature_method=\"HMAC-SHA1\"," +
"oauth_timestamp=\"" + timeStamp + "\"," +
"oauth_nonce=\"" + UpperCaseUrlEncode(nonce) + "\"," +
"oauth_version=\"1.0\"," +
"oauth_signature=\"" + signatureString + "\"";
return header;
}
private string Hash(string Key, string Data)
{
Byte[] secretBytes = UTF8Encoding.UTF8.GetBytes(Key);
HMACSHA1 hmac = new HMACSHA1(secretBytes);
Byte[] dataBytes = UTF8Encoding.UTF8.GetBytes(Data);
Byte[] calcHash = hmac.ComputeHash(dataBytes);
String calcHashString = Convert.ToBase64String(calcHash);
return calcHashString;
}
private string UpperCaseUrlEncode(string s)
{
char[] temp = HttpUtility.UrlEncode(s).ToCharArray();
for (int i = 0; i < temp.Length - 2; i++)
{
if (temp[i] == '%')
{
temp[i + 1] = char.ToUpper(temp[i + 1]);
temp[i + 2] = char.ToUpper(temp[i + 2]);
}
}
return new string(temp).Normalize();
}
I have some code here and I am getting and error 401 unauthorized. I have checked the sign in with twitter box.
public async Task get_Oauth_token_TaskAsync()
{
//variables for action
string oauth_nonce;
string oauth_callback;
string oauth_signature_method;
string oauth_timestamp;
string oauth_consumer_key;
string oauth_signature;
string oauth_version;
string req_url;
//set values to variables
var dt = DateTime.Now;
var ticks = dt.Ticks;
var seconds = ticks / TimeSpan.TicksPerSecond;
oauth_timestamp = seconds.ToString();
oauth_callback = "http://www.localhost:55593/TwitterSync.aspx";
oauth_nonce = Convert.ToBase64String(Guid.NewGuid().ToByteArray()).Substring(0, 16).ToString(); //random string
oauth_signature_method = "HMAC-SHA1";
oauth_consumer_key = "xxxx";
oauth_version = "1.0";
req_url = "https://api.twitter.com/oauth/request_token";
oauth_signature = create_auth_Signature_Task(oauth_nonce,oauth_callback,oauth_signature_method,oauth_timestamp,oauth_consumer_key,oauth_version,req_url);
///action
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(req_url);
request.Method = "POST";
request.UserAgent = "themattharris' HTTP Client";
request.Host = "api.twitter.com";
request.Headers.Add(HttpRequestHeader.Authorization, "OAuth oauth_callback = \"" + Uri.EscapeDataString(oauth_callback) + "\"" + ",oauth_consumer_key = \"" + oauth_consumer_key + "\",oauth_nonce = " + "\"" + oauth_nonce + "\", oauth_signature = \"" + oauth_signature + "\", oauth_signature_method = \"HMAC-SHA1\", oauth_timestamp = \"" + oauth_timestamp + "\", oauth_version = \"1.0\"");
WebResponse response = await request.GetResponseAsync();
Stream str = response.GetResponseStream();
StreamReader reader = new StreamReader(str);
dynamic resp = reader.ReadToEndAsync();
}
private string create_auth_Signature_Task(string oauth_nonce, string oauth_callback,
string oauth_signature_method, string oauth_timestamp, string oauth_consumer_key, string oauth_version, string req_url)
{
string oauth_nonce_enc = Uri.EscapeDataString(oauth_nonce);
string oauth_callback_enc = Uri.EscapeDataString(oauth_callback);
string oauth_signature_method_enc = Uri.EscapeDataString(oauth_signature_method);
string oauth_timestamp_enc = Uri.EscapeDataString(oauth_timestamp);
string oauth_consumer_key_enc = Uri.EscapeDataString(oauth_consumer_key);
string oauth_version_enc = Uri.EscapeDataString(oauth_version);
string req_url_enc = Uri.EscapeDataString(req_url);
string secret = "xxxx";
string signature_base = "POST&" + req_url_enc + "&" + Uri.EscapeDataString("oauth_consumer_key=" + oauth_consumer_key_enc + "&oauth_nonce=" + oauth_nonce + "&oauth_signature_method=" + oauth_signature_method_enc + "&oauth_timestamp=" + oauth_timestamp_enc + "&oauth_version=" + oauth_version_enc);
return ShaHash(signature_base, secret);
}
private string ShaHash(string value, string key)
{
using (var hmac = new HMACSHA1(Encoding.UTF32.GetBytes(key)))
{
return ByteToString(hmac.ComputeHash(Encoding.UTF32.GetBytes(value)));
}
}
static string ByteToString(IEnumerable<byte> data)
{
return string.Concat(data.Select(b => b.ToString("x2")));
}
I did everything according to this page . Now I am just lost, any Idea why does it not work?
You are not calculating the oauth_timestamp correctly. This should be calculated as Unix time which is the number of seconds since 00:00:00 UTC on 1 Jan 1970.
int unixTimestamp = (int)DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1)).TotalSeconds;
or using .NET 4.6
long unixTimestamp = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
Also the signing key used for creating the signature should be a concatenation of the percent encoded consumer secret and the percent encoded token secret joined by an ampersand (&). In the case of obtaining a request token the token secret is not yet known so you should just use the consumer secret followed by an ampersand (&).
var signingKey = oauth_consumer_key_enc + "&";
Finally you should return the Base64 encoded string after you have computed your hash so your function becomes:
private string ShaHash(string value, string signingKey)
{
using (var hmac = new HMACSHA1(Encoding.ASCII.GetBytes(signingKey)))
{
return Convert.ToBase64String(hmac.ComputeHash(Encoding.ASCII.GetBytes(value)));
}
}
The following code I have written in C#. Can anyone please help me?
public string Verify_Credentials(string oauthconsumerkey, string oauthconsumersecret, string oauthtoken, string oauthtokensecret)
{
string oauthsignaturemethod = "HMAC-SHA1";
string oauthversion = "1.0";
string oauthnonce = Convert.ToBase64String(new ASCIIEncoding().GetBytes(DateTime.Now.Ticks.ToString()));
TimeSpan ts = DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc);
string oauthtimestamp = Convert.ToInt64(ts.TotalSeconds).ToString();
SortedDictionary<string, string> basestringParameters = new SortedDictionary<string, string>();
basestringParameters.Add("oauth_version", "1.0");
basestringParameters.Add("oauth_consumer_key", oauthconsumerkey);
basestringParameters.Add("oauth_nonce", oauthnonce);
basestringParameters.Add("oauth_signature_method", "HMAC-SHA1");
basestringParameters.Add("oauth_timestamp", oauthtimestamp);
basestringParameters.Add("oauth_token", oauthtoken);
//GS - Build the signature string
StringBuilder baseString = new StringBuilder();
baseString.Append("GET" + "&");
baseString.Append(EncodeCharacters(Uri.EscapeDataString("https://api.twitter.com/1.1/account/verify_credentials.json") + "&"));
foreach (KeyValuePair<string, string> entry in basestringParameters)
{
baseString.Append(EncodeCharacters(Uri.EscapeDataString(entry.Key + "=" + entry.Value + "&")));
}
//Since the baseString is urlEncoded we have to remove the last 3 chars - %26
string finalBaseString = baseString.ToString().Substring(0, baseString.Length - 3);
//Build the signing key
string signingKey = EncodeCharacters(Uri.EscapeDataString(oauthconsumersecret)) + "&" +
EncodeCharacters(Uri.EscapeDataString(oauthtokensecret));
//Sign the request
HMACSHA1 hasher = new HMACSHA1(new ASCIIEncoding().GetBytes(signingKey));
string oauthsignature = Convert.ToBase64String(hasher.ComputeHash(new ASCIIEncoding().GetBytes(finalBaseString)));
string responseFromServer = string.Empty;
//Tell Twitter we don't do the 100 continue thing
ServicePointManager.Expect100Continue = false;
//authorization header
HttpWebRequest hwr = (HttpWebRequest)WebRequest.Create(
#"https://api.twitter.com/1.1/account/verify_credentials.json?include_email=true");
StringBuilder authorizationHeaderParams = new StringBuilder();
authorizationHeaderParams.Append("OAuth ");
authorizationHeaderParams.Append("include_email=" + "\"" + "true" + "\",");
authorizationHeaderParams.Append("oauth_nonce=" + "\"" + Uri.EscapeDataString(oauthnonce) + "\",");
authorizationHeaderParams.Append("oauth_signature_method=" + "\"" + Uri.EscapeDataString(oauthsignaturemethod) + "\",");
authorizationHeaderParams.Append("oauth_timestamp=" + "\"" + Uri.EscapeDataString(oauthtimestamp) + "\",");
authorizationHeaderParams.Append("oauth_consumer_key=" + "\"" + Uri.EscapeDataString(oauthconsumerkey) + "\",");
if (!string.IsNullOrEmpty(oauthtoken))
authorizationHeaderParams.Append("oauth_token=" + "\"" + Uri.EscapeDataString(oauthtoken) + "\",");
authorizationHeaderParams.Append("oauth_signature=" + "\"" + Uri.EscapeDataString(oauthsignature) + "\",");
authorizationHeaderParams.Append("oauth_version=" + "\"" + Uri.EscapeDataString(oauthversion) + "\"");
hwr.Headers.Add("Authorization", authorizationHeaderParams.ToString());
hwr.Method = "GET";
hwr.ContentType = "application/x-www-form-urlencoded";
//Allow us a reasonable timeout in case Twitter's busy
hwr.Timeout = 3 * 60 * 1000;
try
{
// hwr.Proxy = new WebProxy("enter proxy details/address");
HttpWebResponse rsp = hwr.GetResponse() as HttpWebResponse;
Stream dataStream = rsp.GetResponseStream();
//Open the stream using a StreamReader for easy access.
StreamReader reader = new StreamReader(dataStream);
//Read the content.
responseFromServer = reader.ReadToEnd();
}
catch (Exception ex)
{
}
return responseFromServer;
}
private string EncodeCharacters(string data)
{
//as per OAuth Core 1.0 Characters in the unreserved character set MUST NOT be encoded
//unreserved = ALPHA, DIGIT, '-', '.', '_', '~'
if (data.Contains("!"))
data = data.Replace("!", "%21");
if (data.Contains("'"))
data = data.Replace("'", "%27");
if (data.Contains("("))
data = data.Replace("(", "%28");
if (data.Contains(")"))
data = data.Replace(")", "%29");
if (data.Contains("*"))
data = data.Replace("*", "%2A");
if (data.Contains(","))
data = data.Replace(",", "%2C");
return data;
}
Your App must be whitelisted by Twitter in order to get email from:
https://api.twitter.com/1.1/account/verify_credentials.json
So if you remove ?include_email=true part of the request url you will get a response with some fields and then you can get the screen_name of the user for example.
You can ask to be whitelisted using the form bellow (check > "I need access to special permissions"):
https://support.twitter.com/forms/platform
In my case they granted me access after some few hours...
More info: https://dev.twitter.com/rest/reference/get/account/verify_credentials
As guidance on https://developer.yahoo.com/oauth/guide/oauth-requesttoken.html, Below are what I did with OAuth to get Yahoo contact list:
Make a GET request to https://api.login.yahoo.com/oauth/v2/get_request_token
to get oauth_token and oauth_token_secret, I successfully get them.
Example url:
OAuthBase oath = new OAuthBase();
string url = "https://api.login.yahoo.com/oauth/v2/get_request_token?" +
"oauth_nonce=" + oath.GenerateNonce() +
"&oauth_timestamp=" + oath.GenerateTimeStamp() +
"&oauth_consumer_key=" + consumerKey+
"&oauth_signature_method=plaintext" +
"&oauth_signature=" + consumerSecret + "%26" + //%26 if plaintext
"&oauth_version=1.0" +
"&oauth_callback=" + "oob";
Using oauth_token of step 1. to make a GET request to https://api.login.yahoo.com/oauth/v2/request_auth?oauth_token={token}, It returned me oauth_verifier
Using paramters of step 1 and 2 to make GET request to https://api.login.yahoo.com/oauth/v2/get_token , it returned me new oauth_token , oauth_token_secret, oauth_session_handle, xoauth_yahoo_guid.
Example url:
string sig = consumerSecret + "%26" + OauthTokenSecret;
string url = "https://api.login.yahoo.com/oauth/v2/get_token?" +
"oauth_consumer_key=" + consumerKey+
"&oauth_signature_method=plaintext" +
"&oauth_signature=" + sig +
"&oauth_timestamp=" + oath.GenerateTimeStamp() +
"&oauth_version=1.0" +
"&oauth_token=" + OAuthToken +
"&oauth_nonce=" + oath.GenerateNonce() +
"&oauth_verifier=" + oauth_verifier;
The final step is to get the contact list:
I make a GET request to https://social.yahooapis.com/v1/user/{xoauth_yahoo_guid}/contacts?format=json
Example
Uri uri = new Uri(url);
string nonce = oath.GenerateNonce();
string timeStamp = oath.GenerateTimeStamp();
string normalizedUrl;
string normalizedRequestParameters;
string sig = oath.GenerateSignature(uri, clientId, clientSecret, yahooToken.OAuthToken,
yahooToken.OauthTokenSecret, "GET", timeStamp, nonce, OAuthBase.SignatureTypes.HMACSHA1,
out normalizedUrl, out normalizedRequestParameters);
Function GenerateSignature:
public string GenerateSignature(Uri url, string consumerKey, string consumerSecret, string token, string tokenSecret, string httpMethod, string timeStamp, string nonce, SignatureTypes signatureType, out string normalizedUrl, out string normalizedRequestParameters)
{
normalizedUrl = null;
normalizedRequestParameters = null;
switch (signatureType)
{
case SignatureTypes.PLAINTEXT:
return HttpUtility.UrlEncode(string.Format("{0}&{1}", consumerSecret, tokenSecret));
case SignatureTypes.HMACSHA1:
string signatureBase = GenerateSignatureBase(url, consumerKey, token, tokenSecret, httpMethod, timeStamp, nonce, HMACSHA1SignatureType, out normalizedUrl, out normalizedRequestParameters);
HMACSHA1 hmacsha1 = new HMACSHA1();
hmacsha1.Key = Encoding.ASCII.GetBytes(string.Format("{0}&{1}", UrlEncode(consumerSecret), string.IsNullOrEmpty(tokenSecret) ? "" : UrlEncode(tokenSecret)));
return GenerateSignatureUsingHash(signatureBase, hmacsha1);
case SignatureTypes.RSASHA1:
throw new NotImplementedException();
default:
throw new ArgumentException("Unknown signature type", "signatureType");
}
}
Make request:
using (var client = new WebClient())
{
string authenHeader = "OAuth " +
"realm=\"yahooapis.com\"" +
",oauth_consumer_key=\"" + consumerKey+ "\"" +
",oauth_nonce=\"" + nonce + "\"" +
",oauth_signature_method=\"HMAC-SHA1\"" +
",oauth_timestamp=\"" + timeStamp + "\"" +
",oauth_token=\"" + OAuthToken + "\"" +
",oauth_version=\"1.0\"" +
",oauth_signature=\"" + HttpUtility.UrlEncode(sig) + "\"";
client.Headers.Set("Authorization", authenHeader);
string responseString = client.DownloadString(url);
}
But Yahoo sends me (401) Unauthorized response, Could you tell me where I'm wrong ?
I realized that I am stuck at the exact same place
System.Net.WebException: The remote server returned an error: (401) Unauthorized. at ..GetEmailContacts() in ...
private ArrayList GetEmailContacts() {
OAuthBase oauth = new OAuthBase();
Uri uri = new Uri("https://social.yahooapis.com/v1/user/" + OauthYahooGuid + "/contacts?format=XML");
string nonce = oauth.GenerateNonce();
string timeStamp = oauth.GenerateTimeStamp();
string normalizedUrl;
string normalizedRequestParameters;
string sig = oauth.GenerateSignature(uri, this.sConsumerKey, this.sConsumerSecret, OauthToken, OauthTokenSecret, "GET", timeStamp, nonce, OAuthBase.SignatureTypes.HMACSHA1, out normalizedUrl, out normalizedRequestParameters);
StringBuilder sbGetContacts = new StringBuilder(uri.ToString());
try {
string returnStr = string.Empty;
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(sbGetContacts.ToString());
req.Accept = "application/xml";
req.Method = "GET";
ArrayList emails = new ArrayList();
string authHeader = "Authorization: OAuth " +
"realm=\"yahooapis.com\"" +
",oauth_consumer_key=\"" + this.sConsumerKey + "\"" +
",oauth_nonce=\"" + nonce + "\"" +
",oauth_signature_method=\"HMAC-SHA1\"" +
",oauth_timestamp=\"" + timeStamp + "\"" +
",oauth_token=\"" + OauthToken + "\"" +
",oauth_version=\"1.0\"" +
",oauth_signature=\"" + HttpUtility.UrlEncode(sig) + "\"";
req.Headers.Add(authHeader);
using (HttpWebResponse res = (HttpWebResponse)req.GetResponse()) {
:/ sighz
SO I found the issue. Ive changed the content format from XML to JSON
changed the following:
private ArrayList GetEmailContacts() {
OAuthBase oauth = new OAuthBase();
Uri uri = new Uri("https://social.yahooapis.com/v1/user/" + OauthYahooGuid + "/contacts?format=json");
string nonce = oauth.GenerateNonce();
string timeStamp = oauth.GenerateTimeStamp();
string normalizedUrl;
string normalizedRequestParameters;
string sig = oauth.GenerateSignature(uri, this.sConsumerKey, this.sConsumerSecret, OauthToken, OauthTokenSecret, "GET", timeStamp, nonce, OAuthBase.SignatureTypes.HMACSHA1, out normalizedUrl, out normalizedRequestParameters);
StringBuilder sbGetContacts = new StringBuilder(uri.ToString());
try {
string returnStr = string.Empty;
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(sbGetContacts.ToString());
req.Accept = "application/json";
req.ContentType = "application/json";
req.Method = "GET";
ArrayList emails = new ArrayList();
string authHeader = "Authorization: OAuth " +
"realm=\"yahooapis.com\"" +
",oauth_consumer_key=\"" + this.sConsumerKey + "\"" +
",oauth_nonce=\"" + nonce + "\"" +
",oauth_signature_method=\"HMAC-SHA1\"" +
",oauth_timestamp=\"" + timeStamp + "\"" +
",oauth_token=\"" + OauthToken + "\"" +
",oauth_version=\"1.0\"" +
",oauth_signature=\"" + HttpUtility.UrlEncode(sig) + "\"";
req.Headers.Add(authHeader);
using (HttpWebResponse res = (HttpWebResponse)req.GetResponse()) {
When I made that change it suddenly returned the emails and no more 406 error code.
I hope that this helps someone.. no idea as to why xml stopped working.
I am using c# code to use api, it works fine when I don't add comma(,) but with comma it return unauthorized, Is there any issue with encoding of comma?
url
https://stream.twitter.com/1.1/statuses/filter.json?track=twitter&locations=-122.75,36.8,-121.75,37.8
header parameter
basestringParameters.Add("track", "twitter");
basestringParameters.Add("locations", "-122.75,36.8,-121.75,37.8");
my base String
GET&https%3A%2F%2Fstream.twitter.com%2F1.1%2Fstatuses%2Ffilter.json&locations%3D-122.75%2C36.8%2C-121.75%2C37.8%26oauth_consumer_key%3DxtOm0eNd8pm7hv643YqjZKhjH%26oauth_nonce%3DNjM1NjgxMzQ2Nzk5MjAwOTc0%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1432519880%26oauth_token%3D603356335-N3LRAKyYobdbNB4PeMaQkjNsiHvEEcX9DKHiC93Q%26oauth_version%3D1.0%26track%3Dtwitter
authorization header
OAuthoauth_nonce="NjM1NjgxMzQ2Nzk5MjAwOTc0",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1432519880",oauth_consumer_key="xtOm0eNd8pm7hv643YqjZKhjH",oauth_token="603356335-N3LRAKyYobdbNB4PeMaQkjNsiHvEEcX9DKHiC93Q",oauth_signature="vYeOXGxuFRMiP%2BThEtFwHVG8Jvo%3D",oauth_version="1.0"
Complete code
string oauthconsumerkey = "xxxxxx";
string oauthconsumersecret = "xxxxx";
string oauthtoken = "xxxxx";
string oauthtokensecret = "xxxxx";
public void Search()
{
string url = "https://stream.twitter.com/1.1/statuses/filter.json?track=twitter";
string oauthsignaturemethod = "HMAC-SHA1";
string oauthversion = "1.0";
string oauthnonce = Convert.ToBase64String(
new ASCIIEncoding().GetBytes(DateTime.Now.Ticks.ToString()));
TimeSpan timeSpan = DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc);
string oauthtimestamp = Convert.ToInt64(timeSpan.TotalSeconds).ToString();
SortedDictionary<string, string> basestringParameters = new SortedDictionary<string, string>();
basestringParameters.Add("track", "twitter");
//basestringParameters.Add("locations", "-122.75,36.8,-121.75,37.8");
basestringParameters.Add("oauth_version", oauthversion);
basestringParameters.Add("oauth_consumer_key", oauthconsumerkey);
basestringParameters.Add("oauth_nonce", oauthnonce);
basestringParameters.Add("oauth_signature_method", oauthsignaturemethod);
basestringParameters.Add("oauth_timestamp", oauthtimestamp);
basestringParameters.Add("oauth_token", oauthtoken);
//Build the signature string
StringBuilder baseString = new StringBuilder();
baseString.Append("GET" + "&");
baseString.Append(EncodeCharacters(Uri.EscapeDataString(url.Split('?')[0]) + "&"));
foreach (KeyValuePair<string, string> entry in basestringParameters)
{
baseString.Append(EncodeCharacters(Uri.EscapeDataString(entry.Key + "=" + entry.Value + "&")));
}
//Remove the trailing ambersand char last 3 chars - %26
string finalBaseString = baseString.ToString().Substring(0, baseString.Length - 3);
//Build the signing key
string signingKey = EncodeCharacters(Uri.EscapeDataString(oauthconsumersecret)) + "&" +
EncodeCharacters(Uri.EscapeDataString(oauthtokensecret));
//Sign the request
HMACSHA1 hasher = new HMACSHA1(new ASCIIEncoding().GetBytes(signingKey));
string oauthsignature = Convert.ToBase64String(
hasher.ComputeHash(new ASCIIEncoding().GetBytes(finalBaseString)));
//Tell Twitter we don't do the 100 continue thing
ServicePointManager.Expect100Continue = false;
//authorization header
HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(EncodeCharacters(url));
StringBuilder authorizationHeaderParams = new StringBuilder();
authorizationHeaderParams.Append("OAuth ");
authorizationHeaderParams.Append("oauth_nonce=" + "\"" + Uri.EscapeDataString(oauthnonce) + "\",");
authorizationHeaderParams.Append("oauth_signature_method=" + "\"" + Uri.EscapeDataString(oauthsignaturemethod) + "\",");
authorizationHeaderParams.Append("oauth_timestamp=" + "\"" + Uri.EscapeDataString(oauthtimestamp) + "\",");
authorizationHeaderParams.Append("oauth_consumer_key=" + "\"" + Uri.EscapeDataString(oauthconsumerkey) + "\",");
if (!string.IsNullOrEmpty(oauthtoken))
authorizationHeaderParams.Append("oauth_token=" + "\"" + Uri.EscapeDataString(oauthtoken) + "\",");
authorizationHeaderParams.Append("oauth_signature=" + "\"" + Uri.EscapeDataString(oauthsignature) + "\",");
authorizationHeaderParams.Append("oauth_version=" + "\"" + Uri.EscapeDataString(oauthversion) + "\"");
webRequest.Headers.Add("Authorization", authorizationHeaderParams.ToString());
webRequest.Method = "GET";
webRequest.ContentType = "application/x-www-form-urlencoded";
//Allow us a reasonable timeout in case Twitter's busy
webRequest.Timeout = 3 * 60 * 1000;
try
{
//Proxy settings
//webRequest.Proxy = new WebProxy("enter proxy details/address");
HttpWebResponse webResponse = webRequest.GetResponse() as HttpWebResponse;
Stream dataStream = webResponse.GetResponseStream();
// Open the stream using a StreamReader for easy access.
StreamReader reader = new StreamReader(dataStream);
// Read the content.
string responseFromServer = "";
String s;
Console.WriteLine("output start");
while ((s = reader.ReadLine()) != null)
{
Debug.Write(s);
responseFromServer += s;
}
Console.WriteLine("output over");
ViewBag.Result += responseFromServer + "<br/>";
}
catch (Exception ex)
{
ViewBag.Result = ex.ToString();
}
}
private string EncodeCharacters(string data)
{
//as per OAuth Core 1.0 Characters in the unreserved character set MUST NOT be encoded
//unreserved = ALPHA, DIGIT, '-', '.', '_', '~'
if (data.Contains("!"))
data = data.Replace("!", "%21");
if (data.Contains("'"))
data = data.Replace("'", "%27");
if (data.Contains("("))
data = data.Replace("(", "%28");
if (data.Contains(")"))
data = data.Replace(")", "%29");
if (data.Contains("*"))
data = data.Replace("*", "%2A");
if (data.Contains(","))
data = data.Replace(",", "%2C");
return data;
}
Thanks!
Try to replace comma "," with "%2C"