azrael_11 0 Posted January 18, 2019 Hi I Create an app for windows and i try to add forecast results on it. I use the Yahoo weather api but recently even the free access goes to oauth1 Authorization. here what Yahoo wants to access forecast results. GET /forecastrss?location=sunnyvale,ca HTTP/1.1 Host: weather-ydn-yql.media.yahoo.com Yahoo-App-Id: YOUR_APP_ID Authorization: OAuth oauth_consumer_key="YOUR_CONSUMER_KEY",oauth_signature_method="HMAC-SHA1",oauth_timestamp="YOUR_TIMESTAMP",oauth_nonce="YOUR_NONCE",oauth_version="1.0",oauth_signature="YOUR_GENERATED_SIGNATURE" cache-control: no-cache I go to REST Debugger tool provide by emb I add the get method in method url like this http://weather-ydn-yql.media.yahoo.com/forecastrss?w=2502265 I select the from authentication the method oauth 1 and i put my Client-ID and the Client-Secret and select the HMAC-SHA1 from OAuth-Assistant. Now how can i add Timestamp, oauth_nonce, BCS when i execute the request i get Connection=keep-alive Date=Fri, 18 Jan 2019 08:32:06 GMT Via=http/1.1 media-router-omega65.prod.media.bf1.yahoo.com (ApacheTrafficServer [cMsSf ]) Content-Length=0 Content-Type=application/json;charset=UTF-8 Age=0 Server=ATS WWW-Authenticate=OAuth oauth_problem="OST_OAUTH_SIGNATURE_INVALID_ERROR", realm="yahooapis.com" //here i get an error X-Frame-Options=SAMEORIGIN X-Content-Type-Options=nosniff X-XSS-Protection=1; mode=block Referrer-Policy=no-referrer-when-downgrade Thank you. Share this post Link to post
azrael_11 0 Posted January 27, 2019 (edited) Finally i use the simple method of indy IdHTTP.get method to get result. But i don't know how to GENERATE SIGNATURE Any ideas... Thank you. Edited January 27, 2019 by azrael_11 Share this post Link to post
pcplayer99 11 Posted February 3, 2019 Hi, These days I'm studying MS Azure. And I have used Delphi TAzureBlobService to access Azure, and its signature result can not accepted by Azure. To access Azure, it is by REST. I found that Azure returned some error message through HTTP, in the error message, Azure said: Server used following string to sign xxxxx xxxx。 So, I use the string of the error message tell me to be a template, to create my signature string, and use the method from TAzureBlobService to calculate the signature. It works! BTW. Azure's signature is calculate by SHA2: THashSHA2.GetHMACAsBytes(StringToSign, Signkey, THashSHA2.TSHA2Version.SHA256); So, you may need to read Yahoo's information that its structure of signature string, and what calculation it use. Share this post Link to post
azrael_11 0 Posted February 6, 2019 On 2/3/2019 at 10:19 PM, pcplayer99 said: Hi, These days I'm studying MS Azure. And I have used Delphi TAzureBlobService to access Azure, and its signature result can not accepted by Azure. To access Azure, it is by REST. I found that Azure returned some error message through HTTP, in the error message, Azure said: Server used following string to sign xxxxx xxxx。 So, I use the string of the error message tell me to be a template, to create my signature string, and use the method from TAzureBlobService to calculate the signature. It works! BTW. Azure's signature is calculate by SHA2: THashSHA2.GetHMACAsBytes(StringToSign, Signkey, THashSHA2.TSHA2Version.SHA256); So, you may need to read Yahoo's information that its structure of signature string, and what calculation it use. This is the official String signature generator that taken from C++ code form Yahoo. But i cant translated to delphi code. String signature = null; try { SecretKeySpec signingKey = new SecretKeySpec((consumerSecret + "&").getBytes(), "HmacSHA1"); Mac mac = Mac.getInstance("HmacSHA1"); mac.init(signingKey); byte[] rawHMAC = mac.doFinal(signatureString.getBytes()); Encoder encoder = Base64.getEncoder(); signature = encoder.encodeToString(rawHMAC); } catch (Exception e) { System.err.println("Unable to append signature"); System.exit(0); } Thank you Share this post Link to post
pcplayer99 11 Posted February 6, 2019 Hi, These code shows how to HASH signature by SHA1, but it is not show how to combine a signature string to HASH. I have not study Yahoo, but in MS Azure, it signature string is like: GET x-ms-date:Wed, 30 Jan 2019 15:12:26 GMT x-ms-version:2015-02-21 /devstoreaccount1/devstoreaccount1/pcplayer1 comp:list restype:container timeout:30 And MS said that between every line, there is a LF(#10 or $A) but no Return(#13 or $D) char. So, you must know how Yahoo's signature string create. Share this post Link to post
azrael_11 0 Posted February 7, 2019 18 hours ago, pcplayer99 said: Hi, These code shows how to HASH signature by SHA1, but it is not show how to combine a signature string to HASH. I have not study Yahoo, but in MS Azure, it signature string is like: GET x-ms-date:Wed, 30 Jan 2019 15:12:26 GMT x-ms-version:2015-02-21 /devstoreaccount1/devstoreaccount1/pcplayer1 comp:list restype:container timeout:30 And MS said that between every line, there is a LF(#10 or $A) but no Return(#13 or $D) char. So, you must know how Yahoo's signature string create. Maybe something like this in C++ code String signatureString = "GET&" + URLEncoder.encode(url, "UTF-8") + "&" + URLEncoder.encode(parametersList.toString(), "UTF-8"); Thank you Share this post Link to post
murkan 0 Posted April 2, 2019 Yahoo Weather Api object RESTClient1: TRESTClient Authenticator = OAuth1Authenticator1 Accept = 'application/json, text/plain; q=0.9, text/html;q=0.8,' AcceptCharset = 'utf-8, *;q=0.8' BaseURL = 'https://weather-ydn-yql.media.yahoo.com/forecastrss' Params = <> RaiseExceptionOn500 = False end object RESTRequest1: TRESTRequest Client = RESTClient1 Params = < item Name = 'location' Value = ' Sunnyvale ,ca' end item Kind = pkHTTPHEADER Name = 'X-Yahoo-App-Id' Value = 'yours' end item Name = 'u' Value = 'c' end item Name = 'format' Value = 'json' end> Response = RESTResponse1 SynchronizedEvents = False end object RESTResponse1: TRESTResponse ContentType = 'application/json' end object OAuth1Authenticator1: TOAuth1Authenticator ConsumerKey = 'yours' ConsumerSecret = 'yours' end Share this post Link to post
![Delphi-PRAXiS [en]](https://en.delphipraxis.net/uploads/monthly_2018_12/logo.png.be76d93fcd709295cb24de51900e5888.png){kind=logo}
