We are trying to connect to another company API that uses two-way OAuth to authenticate the request and send us a response.
Currently, the code we have is sending a request, but it does not authenticate at the other end and therefore sends a UNAUTHORIZED response.
As another company said, authentication involves the following steps.
"Authentication is handled using two-way OAuth authentication:
All requests must include both an oauth_consumer_key and an oauth_signature attribute submitted via the HTTP GET method.
The oauth_consumer_key attribute will be the user name that the user uses to access our web site.
The oauth_signature attribute is obtained by signing the request with the OAuth signature method for HMAC-SHA1 encryption. The signature is generated using both the oauth_consumer_key attribute and the consumer secret. A single consumer secret is required per franchise and can be obtained upon request from test@examplerelationships.com.
OAuth libraries are available for many languages here: http://oauth.net/code/."
what we tried at our end using the Scribe java library below
public static void main(String[] args){
String oauth_consumer_key = "test@example.com";
String oauth_signature = "keyprovided";
OAuthService service = new ServiceBuilder()
.provider(Dummy.class)
.apiKey(oauth_consumer_key)
.apiSecret(oauth_signature)
.build();
OAuthRequest request = new OAuthRequest(Verb.GET,"https://example.com/api/users");
Token accessToken = new Token("","");
service.signRequest(accessToken, request);
Response response = request.send();
System.out.println(response.getHeaders());
System.out.println(response.getBody());
}
Answer 401 is currently Unauthorized. What else can I skip? What about HMAC-SHA1 encryption. I have a little idea about oauth.