What is the correct way to call the mediatype.post method with OAuth2 authentication?

T

to2n2015-11-30 19:08:34

Classmates

to2n, 2015-11-30 19:08:34

var data = JSON.stringify({ media: { type: 'text', text: text }});

                    var p = {
                        application_key: scope.AppInfo.PublicKey,
                        attachment: data,
                        method: 'mediatopic.post',
                        type: 'USER'
                    };

                    var sigParams = params(p, false);

                    var sigParamsCleared = sigParams.replace(/&/g, '');

                    var sigParamsClearedWithSecret = sigParamsCleared + scope.AppInfo.PrivateKey;

                    p.sig = md5(sigParamsClearedWithSecret);
                    p.access_token = scope.AuthInfo.access_token;

                    var request = 'http://api.ok.ru/fb.do?' + params(p);

                    return $http.post(request);

md5 produces the same result as in "API Request Calculator", but the method call returns
PARAM_SIGNATURE : Invalid signature f7ef9370223d9bd93a3ebc073e303c4c, calculated by string application_key=******************** ************attachment={"media":{"type":"text","text":"Shorter news1\nYes! Very short!"}}method=mediatopic. posttype=USER********SECRET KEY*******

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

V

Vjacheslav Kanivetc, 2015-12-01
@to2n

At first glance, instead of the application secret
var sigParamsClearedWithSecret = sigParamsCleared + scope.AppInfo.PrivateKey;
there must be a secret session key (which was obtained via OAUTH) which, judging by the variables, probably lies in scope.AuthInfo.*Key. Try:
var sigParamsClearedWithSecret = sigParamsCleared + scope.AuthInfo.PrivateKey;