phpcakephpoauthoslc

OAuth Signature not working for OSLC HTTP Post


I am trying to Post to an IBM RRC (Rational Requirements Composer) instance. I have Authenticated via OAuth and all of my Get commands appear to be functioning properly. However when I submit a Post the server's response is:

Oauth authentication is required.

Below are examples of both the Get and Post commands I am using:

THIS WORKS

array(
  'method' => 'GET',
  'uri' => array(
    'host' => '*****',
    'port' => '*****',
    'scheme' => 'http',
    'user' => null,
    'pass' => null,
    'path' => '/rm/types/_lGrbJfq9EeKAc-rpp0B9jg',
    'query' => array(),
    'fragment' => null
   ),
   'version' => '1.1',
   'body' => '',
   'line' => 'GET /rm/types/_lGrbJfq9EeKAc-rpp0B9jg HTTP/1.1',
   'header' => 'Host: SERVERNAME
     Connection: close
     User-Agent: CakePHP
     OSLC-Core-Version: 2.0
     Accept: application/rdf+xml
     Content-Type: application/rdf+xml
     Authorization: OAuth realm="http://SERVERNAME/rm",oauth_consumer_key="49cfd21d97cf4808b730f072c902cef7",oauth_signature_method="HMAC-SHA1",oauth_signature="HjgQTj8a%2BK4VrqmaU3yiFa4rQgQ%3D",oauth_timestamp="1378405866",oauth_nonce="e91dd2cca23f429e6e45a049bb856817",oauth_token="1d45c97961754fa4b4813fd9e756c5e9",oauth_version="1.0"',
  'raw' => 'GET /rm/types/_lGrbJfq9EeKAc-rpp0B9jg HTTP/1.1
    Host: SERVERNAME
    Connection: close
    User-Agent: CakePHP
    OSLC-Core-Version: 2.0
    Accept: application/rdf+xml
    Content-Type: application/rdf+xml
    Authorization: OAuth realm="http://SERVERNAME/rm",oauth_consumer_key="49cfd21d97cf4808b730f072c902cef7",oauth_signature_method="HMAC-SHA1",oauth_signature="HjgQTj8a%2BK4VrqmaU3yiFa4rQgQ%3D",oauth_timestamp="1378405866",oauth_nonce="e91dd2cca23f429e6e45a049bb856817",oauth_token="1d45c97961754fa4b4813fd9e756c5e9",oauth_version="1.0"',
  'redirect' => false,
  'cookies' => array(),
  'proxy' => array(),
  'auth' => array()
)

THIS DOESN'T WORK

array(
  'method' => 'POST',
  'uri' => array(
    'host' => '*****',
    'port' => '*****',
    'scheme' => 'http',
    'user' => null,
    'pass' => null,
    'path' => '/rm/requirementFactory',
    'query' => array(
      'projectURL' => 'http://SERVERPATH/jts/process/project-areas/_mBD3pfLZEeKeebKxZeYY6w'
    ),
    'fragment' => null
  ),
  'version' => '1.1',
  'body' => '<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:dc="http://purl.org/dc/terms/"xmlns:public_rm_10="http://www.ibm.com/xmlns/rm/public/1.0/" xmlns:calm="http://jazz.net/xmlns/prod/jazz/calm/1.0/" xmlns:rm="http://www.ibm.com/xmlns/rdm/rdf/"xmlns:acp="http://jazz.net/ns/acp#" xmlns:rm_property="http://SERVERPATH/rm/types/" xmlns:oslc="http://open-services.net/ns/core#" xmlns:nav="http://jazz.net/ns/rm/navigation#" xmlns:oslc_rm="http://open-services.net/ns/rm#"><rdf:Description rdf:about=""><rdf:type rdf:resource="http://open-services.net/ns/rm#Requirement"/><dc:description rdf:parseType="Literal">WPDP Project Document</dc:description><dc:title rdf:parseType="Literal">Mod Test</dc:title><oslc:instanceShape rdf:resource="http://SERVERPATH/rm/types/_lGrbJfq9EeKAc-rpp0B9jg"/></rdf:Description></rdf:RDF>',
  'line' => 'POST /rm/requirementFactory?projectURL=http%3A%2F%2FSERVERPATH%2Fjts%2Fprocess%2Fproject-areas%2F_mBD3pfLZEeKeebKxZeYY6w HTTP/1.1',
  'header' => 'Host: SERVERPATH
    Connection: close
    User-Agent: CakePHP
    OSLC-Core-Version: 2.0
    Accept: application/rdf+xml
    Content-Type: application/rdf+xml
    Authorization: OAuth realm="http://SERVERPATH/rm",oauth_consumer_key="49cfd21d97cf4808b730f072c902cef7",oauth_signature_method="HMAC-SHA1",oauth_signature="CW0FodwyctuRSyDTebrBfsPxAek%3D",oauth_timestamp="1378405206",oauth_nonce="abffa897607dbc1ee2a39aadf19918eb",oauth_token="1d45c97961754fa4b4813fd9e756c5e9",oauth_version="1.0"
    Content-Length: 869',
  'raw' => 'POST /rm/requirementFactory?projectURL=http%3A%2F%2FSERVERPATH%2Fjts%2Fprocess%2Fproject-areas%2F_mBD3pfLZEeKeebKxZeYY6w HTTP/1.1
    Host: SERVERPATH
    Connection: close
    User-Agent: CakePHP
    OSLC-Core-Version: 2.0
    Accept: application/rdf+xml
    Content-Type: application/rdf+xml
    Authorization: OAuth realm="http://SERVERPATH/rm",oauth_consumer_key="49cfd21d97cf4808b730f072c902cef7",oauth_signature_method="HMAC-SHA1",oauth_signature="CW0FodwyctuRSyDTebrBfsPxAek%3D",oauth_timestamp="1378405206",oauth_nonce="abffa897607dbc1ee2a39aadf19918eb",oauth_token="1d45c97961754fa4b4813fd9e756c5e9",oauth_version="1.0"
    Content-Length: 869

    <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:dc="http://purl.org/dc/terms/"xmlns:public_rm_10="http://www.ibm.com/xmlns/rm/public/1.0/" xmlns:calm="http://jazz.net/xmlns/prod/jazz/calm/1.0/" xmlns:rm="http://www.ibm.com/xmlns/rdm/rdf/"xmlns:acp="http://jazz.net/ns/acp#" xmlns:rm_property="http://SERVERPATH/rm/types/" xmlns:oslc="http://open-services.net/ns/core#" xmlns:nav="http://jazz.net/ns/rm/navigation#" xmlns:oslc_rm="http://open-services.net/ns/rm#"><rdf:Description rdf:about=""><rdf:type rdf:resource="http://open-services.net/ns/rm#Requirement"/><dc:description rdf:parseType="Literal">WPDP Project Document</dc:description><dc:title rdf:parseType="Literal">Mod Test</dc:title><oslc:instanceShape rdf:resource="http://SERVERPATH/rm/types/_lGrbJfq9EeKAc-rpp0B9jg"/></rdf:Description></rdf:RDF>',
  'redirect' => false,
  'cookies' => array(),
  'proxy' => array(),
  'auth' => array()
)

I would expect that if the OAuth token or signature was invalid I would get an error explaining that, this error seems to indicate that the OAuth information is missing completely.


Solution

  • I discovered the problem with some help from IBM.

    The POST URL I was sending contains a parameter of projectURL. This parameter must be broken out of the URL and included in the base string for OAuth to function properly.

    Also the realm should be the full url without the parameter, in this case http://SERVERPATH/rm/requirementFactory not http://SERVERPATH/rm.

    This site is very useful in discovering issues with OAuth signatures:

    http://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iv-signing-requests/

    You can insert your own variables and token information into the site by clicking on the + signs and the outputs adjust to show you what your signature and base string should be.