more OAuth woes...

[zsleo]

Danijel,

Hope your holiday is going well - lots of sunscreen and cocktails being consumed.

Thanks for your help on my OAuth issues. I now have a strange issue in that I have to construct an OAuth header part based upon an XML that I sent in the body of the HTTP transmission.

To construct and transmit I am doing the following in the BeginRequest of the TRtcDataRequest:

  lv_SL := TStringList.Create;
  {Simplified version}
  lv_SL.Add('<?xml version="1.0" encoding="UTF-8" standalone="yes"?>');
  lv_SL.Add('<ShoppingCartRequest>');
  lv_SL.Add('  <OAuthToken>' + lv_CartOAuthToken + '</OAuthToken>');
  lv_SL.Add('  <ShoppingCart>' { } );
  lv_SL.Add('    <CurrencyCode>' + lv_CartCurrencyCode + '</CurrencyCode>');
  lv_SL.Add('    <Subtotal>' + lv_CartSubTotal + '</Subtotal>');
  lv_SL.Add('  </ShoppingCart>');
  lv_SL.Add('</ShoppingCartRequest>');

  with TRtcDataClient(Sender) do
  begin
    Request.ContentType := 'text/xml';
    Request.Host := ServerAddr;
    s := 'oauth_signature="' + URL_EncodeAll(lv_Oauth_BS_Sig) + '"';
    s := s + ',oauth_body_hash="' + URL_EncodeAll(lv_oauth_body_hash) + '"';
    s := s + ',oauth_version="1.0"';
    s := s + ',oauth_nonce="' + URL_EncodeAll(lv_Nonce) + '"';
    s := s + ',oauth_signature_method="RSA-SHA1"';
    s := s + ',oauth_consumer_key="' + URL_EncodeAll(gv_oauth_consumer_key) + '"';
    s := s + ',oauth_timestamp="' + lv_TS + '"';
    Request['Authorization'] := 'OAuth ' + s;

    Request.ContentType := 'application/xml';

    Write(lv_SL.Text);
    Flush;

  end;

My question: am I assigning the body content type correctly and am I assigning and delivering the body itself correctly?

Reason I ask the question is that I am receiving error "The oauth_body_hash parameter does not match body contents and is invalid."

I know the OAuth part is correct because I an getting exact same values from the Java sample app.

Regards

Zane

[D.Tkalcec (RTC)]

I don't see any obvious wrong usage of RTC components, but the error message you are receiving sounds like the hash value wasn't created from the same string you are sending in the content body (Write method). As far as I know, hash values are created from binary data. Adding or changing a single character in the original data will make the hash value invalid.

Best Regards,
Danijel Tkalcec

[zsleo]

Thanks for responding so quickly.

The hash is being created correctly. I have run the same source strings in both the Delphi and Java apps and they produce identical results.

Again, than you. I just wanted to cross all bases.

Zane

[D.Tkalcec (RTC)]

Are you taking possible String corruptions into account? While the String type is Unicode in Delphi 2009 and later, the Write method of RTC components will ONLY send the lower 8 bits of each character, ignoring higher  bits. I haven't tried sending a Unicode String in Java, but since Java is 100% Unicode, it is possible that Java would perform some kind of character encoding automatically (maybe to UTF8) when sending out a Unicode String. Another possible source of errors are encoding routines.

PS. If you have a working Java Client, you should check the exact HTTP headers and content body sent from a Java client. Maybe some characters are encoded differently (or not encoded at all) in Java, or the String being sent out from Delphi is being corrupted (8-bit characters).

Best Regards,
Danijel Tkalcec

[zsleo]

I did not realize that Rtc is sending (lower) 8-bit.

I tried

 lv_BA := Utf8EncodeEx(s); {lv_BA == RtcByteArray}

 WriteEx(lv_BA);

but the same invalid hash result.