So I'm trying to create a signature to access Magento APIs via Integration but I don't get a valid oauth signature (Magento uses oauth1).
On using the same timestamp and nonce in postman I get the proper oauth signature. Why doesn't this produce a signature equivalent to that?
hmac=OpenSSL::HMAC.digest('sha1',secret_key, base_string)
signature = Base64 encode64(hmac)
The base string:
oauth_consumer_key=params[:oauth_consumer_key]
oauth_signature_method='HMAC-SHA1'
oauth_nonce=Random.rand(100000).to_s
oauth_timestamp=Time.now.to_i.to_s
oauth_version='1.0'
parameters ='oauth_consumer_key=' +
oauth_consumer_key +
'&oauth_nonce=' +
oauth_nonce +
'&oauth_signature_method=' +
oauth_signature_method +
'&oauth_timestamp=' +
oauth_timestamp +
'&oauth_version=' +
oauth_version
url = "http://localhost/demowebsite/oauth/token/request"
base_string = 'POST&' +CGI.escape(url) + '&' + CGI.escape(parameters)
#as I have no token yet
secret_key = oauth_consumer_secret +'&'+''
#POST&http%3A%2F%2Flocalhost%2Fdemowebsite%2Foauth%2Ftoken%2Frequest&oauth_consumer_key%3Dqv4w11m4o5f8vqx2uhfzovrc6veevg5u%26oauth_nonce%3D94770%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1591680691%26oauth_version%3D1.0
Thanks in advance
Usually the base_string is the culprit. If you put the sample base string here, I can help you further