I rechecked the workflow, and this token is what i...

freeubi · ‎02-25-2015

Hello,
i have stored the authenticated user accestoken and tokensecret in my database.
Now i want to get their activity data with them, but i get errors.

1.) I make a GET httprequest to this address: https://api.fitbit.com/1/user/2SNG7Q/activities/date/2015-02-01.json I think its correct.
2.) I need to generate signature to the request, the key for that is: "&" character + the token secret - as in the fitbit api debug tool, G section.
3.) after that, i'm generating the exact same base string as i can find in the debug tool.

The 2 different things are:
-i need to include my consumer_key to the Authentication header - its not in Api request CURL. (If i exclude it, then i get error : "Invalid consumer key: ")
-i need to encode the signature

Everything is the same and i get invalid signature errors.

Here is my request:
base string:
GET&https%3A%2F%2Fapi.fitbit.com%2F1%2Fuser%2F2SNG7Q%2Factivities%2Fdate%2F2015-02-01.json&oauth_consumer_key%3D824d4b38500e4b90bd02655c29338e93%26oauth_nonce%3Dfreeubi%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1424872048%26oauth_token%3Db79177daad8fa20ebbde9432fcd1ee58%26oauth_version%3D1.0

key: &585564dfa86fd68f5529ddbf006f86b8

signature:
LEUMEWZoKrLSwX3fTX5y8LcO6+4=

Request authentication header:
OAuth oauth_consumer_key="824d4b38500e4b90bd02655c29338e93", oauth_signature="LEUMEWZoKrLSwX3fTX5y8LcO6+4=", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1424872048", oauth_nonce ="freeubi", oauth_version="1.0"

Error: Invalid signature: LEUMEWZoKrLSwX3fTX5y8LcO6 4=

ibahdanau · ‎02-25-2015

I see that in your request you're missing oauth token secret.

It is required to sign your request when you making user-sensitive api requests.

Also I"d suggest you to make sure you can make requests with Fitbit debug tool by just executing culr commands. Once you succeed you just need to adjust your code to generate the same request as Fitbit debug tool does.

Ivan Bahdanau
Senior Software Developer at Fitbit

freeubi · ‎02-25-2015

Thanks!

I just included the oauth token secret, and now i'm getting:

{"errors": [{"errorType": "oauth","fieldName": "oauth_access_token","message": "Invalid signature or token 'adrqMe88+qxFR4bSGAH4CGjow5s=' or token 'cbc5f37086088438e901ee8d504f215b'"}],"success": false}

+just refreshed the accestoken and tokensecret, but thats not the problem.

ibahdanau · ‎02-25-2015

Try to make sure you can make API request just with Fitbit Debug tool.

Once you do that jsut compare sode by side values generated by Fitbit Debug tool and values egnerated by your code.

Ivan Bahdanau
Senior Software Developer at Fitbit

freeubi · ‎02-25-2015

I cant make the request with the tool, i got the same error.

Invalid signature or token 'zDUHt+pKYwYZXKy2DYdEfsJmTUQ=' or token 'cbc5f37086088438e901ee8d504f215b'"

As the tool generate the correct signature, then what can be the problem?

SunsetRunner · ‎02-25-2015

@freeubi wrote:

I cant make the request with the tool, i got the same error.

Invalid signature or token 'zDUHt+pKYwYZXKy2DYdEfsJmTUQ=' or token 'cbc5f37086088438e901ee8d504f215b'"

As the tool generate the correct signature, then what can be the problem?

I checked the token you posted and its not a valid token.

freeubi · ‎02-26-2015

I rechecked the workflow, and this token is what i get on F state (and this is the only state that i got the encoded_user_id).

Other thing that i noticed:
-it works when the user re-authenticate the app (starting from state A), but dont when i want to use later the saved token and tokensecret.

I tried to access to the user data, same error.

Join us on the Community Forums!

Community Guidelines

Learn the Basics

Join the Community!

Not finding your answer on the Community Forums?

Go to the Help Site

Contact Support

Get activity data

freeubi

ibahdanau

freeubi

ibahdanau

freeubi

SunsetRunner

freeubi