I did the Oauth flow like the docs says and got the oauth_token and the oauth_token_secret, then from my nodejs server I tried this request :
request.get({
headers: {
"User-Agent": "FooBarApp/3.0",
"Authorization": {
oauth_token:"my token",
oauth_token_secret: "my secret token",
"OAuth oauth_consumer_key":"mykey",
"oauth_nonce":Date.now(),
"oauth_signature":"mypass&",
"oauth_signature_method":"PLAINTEXT",
"oauth_timestamp":Date.now(),
"oauth_verifier":"users_verifier"
},
"Content-Type": "application/x-www-form-urlencoded"
},
url: "https://api.discogs.com/oauth/identity"
I also tried to remove all parameters in "authorization" except my two tokens but nohting work. Any clues ?
The documentation is wrong and Discogs is probably too lazy to update it. I've tried to send corrections for the docs to the technical team but it's a dead end.
Their authentication mechanism IS NOT OAuth 1.0 Revision A compliant even tho they advertise otherwise.
In the meantime, here are the headers you need to make an authenticated request:
const request = require('request');
const options = {
url: 'https://api.discogs.com/oauth/identity',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Authorization': 'OAuth oauth_consumer_key="YOUR_CONSUMER_KEY", oauth_nonce="' + Date.now() + '", oauth_token="OAUTH_TOKEN_RECEIVED_FROM_STEP_4", oauth_signature="YOUR_CONSUMER_SECRET&OAUTH_TOKEN_SECRET_RECEIVED_FROM_STEP_4", oauth_signature_method="PLAINTEXT", oauth_timestamp="' + Date.now() + '"',
'User-Agent': 'YOUR_USER_AGENT/1.0'
}
};
request(options, (err, res, body) => {
if (!err && res.statusCode == 200) {
console.log(JSON.parse(body));
}
});
Good luck !