02-25-2015 05:52
02-25-2015 05:52
Hello,
i have stored the authenticated user accestoken and tokensecret in my database.
Now i want to get their activity data with them, but i get errors.
1.) I make a GET httprequest to this address: https://api.fitbit.com/1/user/2SNG7Q/activities/date/2015-02-01.json I think its correct.
2.) I need to generate signature to the request, the key for that is: "&" character + the token secret - as in the fitbit api debug tool, G section.
3.) after that, i'm generating the exact same base string as i can find in the debug tool.
The 2 different things are:
-i need to include my consumer_key to the Authentication header - its not in Api request CURL. (If i exclude it, then i get error : "Invalid consumer key: ")
-i need to encode the signature
Everything is the same and i get invalid signature errors.
Here is my request:
base string:
GET&https%3A%2F%2Fapi.fitbit.com%2F1%2Fuser%2F2SNG7Q%2Factivities%2Fdate%2F2015-02-01.json&oauth_consumer_key%3D824d4b38500e4b90bd02655c29338e93%26oauth_nonce%3Dfreeubi%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1424872048%26oauth_token%3Db79177daad8fa20ebbde9432fcd1ee58%26oauth_version%3D1.0
key: &585564dfa86fd68f5529ddbf006f86b8
signature:
LEUMEWZoKrLSwX3fTX5y8LcO6+4=
Request authentication header:
OAuth oauth_consumer_key="824d4b38500e4b90bd02655c29338e93", oauth_signature="LEUMEWZoKrLSwX3fTX5y8LcO6+4=", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1424872048", oauth_nonce ="freeubi", oauth_version="1.0"
Error: Invalid signature: LEUMEWZoKrLSwX3fTX5y8LcO6 4=
02-25-2015 07:59 - edited 02-25-2015 08:00
02-25-2015 07:59 - edited 02-25-2015 08:00
I see that in your request you're missing oauth token secret.
It is required to sign your request when you making user-sensitive api requests.
Also I"d suggest you to make sure you can make requests with Fitbit debug tool by just executing culr commands. Once you succeed you just need to adjust your code to generate the same request as Fitbit debug tool does.
02-25-2015 08:27
02-25-2015 08:27
Thanks!
I just included the oauth token secret, and now i'm getting:
{"errors": [{"errorType": "oauth","fieldName": "oauth_access_token","message": "Invalid signature or token 'adrqMe88+qxFR4bSGAH4CGjow5s=' or token 'cbc5f37086088438e901ee8d504f215b'"}],"success": false}
+just refreshed the accestoken and tokensecret, but thats not the problem.
02-25-2015 08:29
02-25-2015 08:29
Try to make sure you can make API request just with Fitbit Debug tool.
Once you do that jsut compare sode by side values generated by Fitbit Debug tool and values egnerated by your code.
02-25-2015 10:44
02-25-2015 10:44
I cant make the request with the tool, i got the same error.
Invalid signature or token 'zDUHt+pKYwYZXKy2DYdEfsJmTUQ=' or token 'cbc5f37086088438e901ee8d504f215b'"
As the tool generate the correct signature, then what can be the problem?
02-25-2015 10:49
02-25-2015 10:49
@freeubi wrote:
I cant make the request with the tool, i got the same error.
Invalid signature or token 'zDUHt+pKYwYZXKy2DYdEfsJmTUQ=' or token 'cbc5f37086088438e901ee8d504f215b'"
As the tool generate the correct signature, then what can be the problem?
I checked the token you posted and its not a valid token.
02-26-2015 01:10 - edited 02-26-2015 01:18
02-26-2015 01:10 - edited 02-26-2015 01:18
I rechecked the workflow, and this token is what i get on F state (and this is the only state that i got the encoded_user_id).
Other thing that i noticed:
-it works when the user re-authenticate the app (starting from state A), but dont when i want to use later the saved token and tokensecret.
I tried to access to the user data, same error.