Yelp V2 API using SignPost with Java - INVALID_SIGNATURE

Trying to call v2 api from a Java (Android) application using SignPost oauth library. I extracted my code in a standalone version that can be run from the command line (without Android dependencies). Please take a look and let me know what I am doing wrong.

You can run the example directly by typing: java -jar YelpV2Test.jar I also included a zip file, which is the source code, and requires a library like the Eclipse project. We also insert the code directly below.

Both the JAR executable and the source ZIP file can be downloaded from my Google Shared Docs .

I tried switching from GET to POST and got the same result. No problem using API v1. Any help in resolving this will be appreciated!

- Start of code -

import java.io.IOException; import java.io.UnsupportedEncodingException; import java.net.MalformedURLException; import java.net.URLEncoder; import oauth.signpost.OAuthConsumer; import oauth.signpost.commonshttp.CommonsHttpOAuthConsumer; import oauth.signpost.exception.OAuthCommunicationException; import oauth.signpost.exception.OAuthExpectationFailedException; import oauth.signpost.exception.OAuthMessageSignerException; import oauth.signpost.signature.HmacSha1MessageSigner; import oauth.signpost.signature.QueryStringSigningStrategy; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; import org.apache.http.client.HttpClient; import org.apache.http.client.methods.HttpGet; import org.apache.http.impl.client.DefaultHttpClient; import org.apache.http.util.EntityUtils; public class RunMe { public final String CONSUMER_KEY = "PbSjw9p08To_HZnFYqpRZg"; public final String CONSUMER_SECRET = "_raqYwj6njZ15sXj4z-CYEDHiHQ"; public final String TOKEN = "ARfbDucxkBi89lBHARTgygLkcMw9h8eW"; public final String TOKEN_SECRET = "rzvmIKVC4WQsdZV1lM5naZ5IQ8g"; public final String YWSID = "iXUUomsyqBkdXaypz7539A"; public final String ENCODING_SCHEME = "UTF-8"; public void start() { String lat = "30.361471"; String lng = "-87.164326"; String category = "banks"; String radius = "10"; String limit = "15"; String offset = "0"; String sort = "0"; String service = "http://api.yelp.com/v2/search"; try { String query = String .format(service + "?ll=%s&category_filter=%s&radius_filter=%s&limit=%s&offset= %s&sort=%s", URLEncoder.encode(lat + "," + lng, ENCODING_SCHEME), URLEncoder.encode(category, ENCODING_SCHEME), URLEncoder.encode(radius, ENCODING_SCHEME), URLEncoder.encode(limit, ENCODING_SCHEME), URLEncoder.encode(offset, ENCODING_SCHEME), URLEncoder.encode(sort, ENCODING_SCHEME)); OAuthConsumer consumer = new CommonsHttpOAuthConsumer(CONSUMER_KEY, CONSUMER_SECRET); consumer.setTokenWithSecret(TOKEN, TOKEN_SECRET); consumer.setMessageSigner(new HmacSha1MessageSigner()); consumer.setSendEmptyTokens(true); consumer.setSigningStrategy(new QueryStringSigningStrategy()); String signedQuery = consumer.sign(query); System.out.println(getClass().getName() + ">> " + "Signed query: " + signedQuery); HttpGet request = new HttpGet(signedQuery); HttpClient httpClient = new DefaultHttpClient(); HttpResponse response = (HttpResponse) httpClient.execute(request); HttpEntity entity = response.getEntity(); String result = EntityUtils.toString(entity); System.out.println(getClass().getName() + ">> " + "Result: " + result); } catch (UnsupportedEncodingException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (MalformedURLException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (OAuthMessageSignerException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (OAuthExpectationFailedException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (OAuthCommunicationException e) { // TODO Auto-generated catch block e.printStackTrace(); } } /** * @param args */ public static void main(String[] args) { // TODO Auto-generated method stub new RunMe().start(); } } 

- End of code -

The results that I see from this test are as follows:

$ java -jar YelpV2Test.jar

RunMe → signed request: http://api.yelp.com/v2/search?ll=30.361471%2C-87.164326&category_filter=banks&radius_filter=10&limit=15&offset=0&sort=0&oauth_signature=cf5C3%2BjIfTvNIQee1buzWk2%2Fz%2BE%3D&oauth_token=ARfbDucxkBi89lBHARTgygLkcMw9h8eW&oauth_consumer_key= PbSjw9p08To_HZnFYqpRZg & oauth_version = 1.0 & oauth_signature_method = HMAC-SHA1 & oauth_timestamp = 1296021631 & oauth_nonce = 4831286657125973388

RunMe → Result: {"error": {"text": "Signature was invalid", "id": "INVALID_SIGNATURE", "description": "Invalid signature. Expected signature base string: GET & http% 3A% 2F% 2Fapi .yelp.com% 2Fv2% 2Fsearch & category_filter% 3Dbanks% 26limit% 3D15% 26ll% 3D30.361471% 252C-87,164326% 26oauth_consumer_key% 3DPbSjw9p08To_HZnFYqpRZg% 26oauth_nonce% 3D4831286657125973388% 26oauth_signature_method% 3DHMAC- SHA1% 26oauth_timestamp% 3D1296021631% 26oauth_token% 3DARfbDucxkBi89lBHARTgygLkcMw9h8eW % 26oauth_version% 3D1.0% 26offset% 3D0% 26radius_filter% 3D10% 26sort% 3D0 "}}