php - signature_invalid when trying to get request_token (Yahoo)

Question

I started to develop a script to get contacts from Yahoo's user. Before to get contacts, I am having problem to get request token, when I perform a request for a link like this:

<a class="yahoo" href="https://api.login.yahoo.com/oaut/v2/get_request_token?oauth_nonce=<?php echo uniqid() ?>&oauth_timestamp=<?php echo time() ?>&oauth_consumer_key=<?php echo $yahoo_consumer_key ?>&oauth_signature_method=plaintext&oauth_signature=<?php echo $yahoo_consumer_secret ?>&oauth_version=1.0&xoauth_lang_pref=en-us&oauth_callback=<?php echo urlencode('http://myfullurl.com') ?>">Get Contacts</a>

I get an HTTP header 401 Forbidden with message: oauth_problem=signature_invalid

I do not know if I am setting the link correctly but It was what I have understand through http://developer.yahoo.com/oauth/guide/oauth-sign-plaintext.html

Reference: http://developer.yahoo.com/oauth/guide/oauth-requesttoken.html

Answer 1

您的调用https://api.login.yahoo.com/oaut/v2/get_request_token必须是服务器端调用，而不是用户必须单击的链接。

如果您不知道该怎么做，您可能应该使用一些PHP OAuth 库来为您处理这个问题。

然后，正如雅虎在他们的文档中所说：

对于 get_request_token 的请求，Token Secret 不存在。仅包括 Consumer Secret，后跟“&”字符。

你oauth_signature应该是：

&oauth_signature=<?php echo $yahoo_consumer_secret . "&" ?>