Hi all,

Right now I am trying to get the validation process for an iframe app working, but it seems to be a very difficult one and none of the posted threads did help me so far. Just in a few words what I am doing:

- Using http://oauth.googlecode.com/svn/code/php/ revision 992 in PHP (seems to be the same files as in the myspace php rest api, anyway, i have same results with both)

- I created a base_string and a signature with some fixed parameters with the oauth tool from myspace to debug against this until it works.

1.RequestURI=
http://pong3d.myspace.socialapps.pedigital.de/test.php?oauth_consumer_key=http://www.myspace.com/471271498&oauth_nonce=test3&oauth_signature=nV0HziID0CHuM2ySuncU+mUlRis=&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1241444554&oauth_token=test1

2.BaseString=
GET&http%3A%2F%2Fpong3d.myspace.socialapps.pedigital.de%2Ftest.php&oauth_consumer_key%3Dhttp%253A%252F%252Fwww.myspace.com%252F471271498%26oauth_nonce%3Dtest3%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1241444554%26oauth_token%3Dtest1

3.Signature=
nV0HziID0CHuM2ySuncU+mUlRis=

- I created the base string using the oauth class mentioned above while calling the URL ("1.RequestURI") from the oauth tool and get EXACTLY the same base string, as i get with the myspace oauth tool, so thats fine!

- So everything fine until now, next step is to validate the signature and that is where it becomes difficult

Just call the URL mentioned above ("http://pong3d.myspace.socialapps.pedigital.de/test.php?oauth_consumer_key=http://www.myspace.com/471271498&oauth_nonce=test3&oauth_signature=nV0HziID0CHuM2ySuncU+mUlRis=&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1241444554&oauth_token=test1")  with your browser and you can directly see my debug output.

So right now I don't know how to go on in debugging. Base-Strings are exactly matching and key&secret are the same for generated signature and signature from oauth tool for 100% (checked it so often) BUT signatures do not match in any case! (check this by calling the URL above)

So from my point of view, the only thing that could go wrong is the base64_encode( hash_hmac(...))

What do you think of this problem? I am happy about everything that could help.

Thanks in advance and best regards,

Frederik

 Which library are you using?

Hello Ronda,

Thanks for your response!

I am using http://oauth.googlecode.com/svn/code/php/ revision 992 which is a officially supported OAUTH class for php. It seems to be almost the same OAuth.php file as the one included in the myspace php rest api. I also tested with the myspace php rest api, same problem here.

Best,

Frederik

Thanks for the info. Let me look into it :)

 Hey, have you seen our SDKs?

http://wiki.developer.myspace.com/index.php?title=Category:MySpaceID_SDK

(I know it says MySpaceID, but it works with local apps as well)

 

Let me know if this helps. 

Rhonda