I have issue with Magento. Everything worked well(I don’t change anything) but now something going wrong with OAuth part.
I have an error on response statusCode 400 with message oauth_problem=Signature+method+HMAC-SHA1+is+not+supported
According to the docs https://devdocs.magento.com/guides/v2.4/get-started/authentication/gs-authentication-oauth.html#pre-auth-token
oauth_signature_method The name of the signature method used to sign the request. Must be the value HMAC-SHA1.
It is strange😳
Some info:
URL -> http://54.83.101.160/oauth/token/request
Method -> POST
Headers -> Authorization: OAuth oauth_consumer_key="1hs2nh9pldf6lwjj837pvh9zjcjgx6f7", oauth_nonce="NFxgRXVTHWb17yQVUyqv5MoNybiY3mX1", oauth_signature="HNko7Bhsxv3IMXRM1qtT1%2Bm4Tyc%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1653582260", oauth_version="1.0"
I’m using package oauth-1.0a(npm)
Code:
const OAuth = require('oauth-1.0a');
const OAUTH_METHOD = 'POST';
const OAUTH_SIGNATURE_METHOD = 'HMAC-SHA1';
const OAUTH_REQUEST_HEADERS = (url, consumerKey, consumerSecret) => {
const oauth = OAuth({
consumer: {
key: consumerKey,
secret: consumerSecret,
},
signature_method: OAUTH_SIGNATURE_METHOD,
hash_function: sha1HashFunction,
});
return oauth.toHeader(oauth.authorize({ url, method: OAUTH_METHOD }));
};
const getRequestToken = (host, { consumerKey, consumerSecret }) => {
const url = `${host}/oauth/token/request`;
return axios.post(url, {}, {
headers: OAUTH_REQUEST_HEADERS(url, consumerKey, consumerSecret),
});
};
Help 🙏
2
Answers
I don't know is going on with Magento documentation. I believe they should update it. So just change hmac-sha1 to hmac-sha256 https://github.com/request/request/issues/2627
The documentation has been updated and reflects it correctly. It must be "HMAC-SHA256"