skip to Main Content

I have issue with Magento. Everything worked well(I don’t change anything) but now something going wrong with OAuth part.

I have an error on response statusCode 400 with message oauth_problem=Signature+method+HMAC-SHA1+is+not+supported

According to the docs https://devdocs.magento.com/guides/v2.4/get-started/authentication/gs-authentication-oauth.html#pre-auth-token

oauth_signature_method The name of the signature method used to sign the request. Must be the value HMAC-SHA1.

It is strange😳

Some info:
URL -> http://54.83.101.160/oauth/token/request

Method -> POST

Headers -> Authorization: OAuth oauth_consumer_key="1hs2nh9pldf6lwjj837pvh9zjcjgx6f7", oauth_nonce="NFxgRXVTHWb17yQVUyqv5MoNybiY3mX1", oauth_signature="HNko7Bhsxv3IMXRM1qtT1%2Bm4Tyc%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1653582260", oauth_version="1.0"

I’m using package oauth-1.0a(npm)

Code:

const OAuth = require('oauth-1.0a');

const OAUTH_METHOD = 'POST';
const OAUTH_SIGNATURE_METHOD = 'HMAC-SHA1';

const OAUTH_REQUEST_HEADERS = (url, consumerKey, consumerSecret) => {
  const oauth = OAuth({
    consumer: {
      key: consumerKey,
      secret: consumerSecret,
    },
    signature_method: OAUTH_SIGNATURE_METHOD,
    hash_function: sha1HashFunction,
  });
  return oauth.toHeader(oauth.authorize({ url, method: OAUTH_METHOD }));
};

const getRequestToken = (host, { consumerKey, consumerSecret }) => {
  const url = `${host}/oauth/token/request`;

  return axios.post(url, {}, {
    headers: OAUTH_REQUEST_HEADERS(url, consumerKey, consumerSecret),
  });
};

Help 🙏

2

Answers


  1. Chosen as BEST ANSWER

    I don't know is going on with Magento documentation. I believe they should update it. So just change hmac-sha1 to hmac-sha256 https://github.com/request/request/issues/2627


  2. The documentation has been updated and reflects it correctly. It must be "HMAC-SHA256"

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search