OAuth token request returns HTTP/1.1 401 Unauthorized

[OLTC-fperrin]

Hello,

I was trying to setup a OAuth integration but I can't seem to get past this problem :/
I was following a book's tutorial with sources for the mini-OAuth client from this repository:

https://github.com/ajzele/B05032-BookAppOauthClient

I then tried using the OAuth client from this repository instead:

https://gist.github.com/anupdugar/2870f28a5c108cc43df9

Whatever I do I get the following error:

Fatal error: Uncaught exception 'OAuth\Common\Http\Exception\TokenResponseException'
with message 'file_get_contents(http://magento2.local/oauth/token/request): failed to open
stream: HTTP request failed! HTTP/1.1 401 Unauthorized ' in
/var/www/magento2/vendor/lusitanian/oauth/src/OAuth/Common/Http/Client/StreamClient.php:73
Stack trace: #0 
var/www/magento2/vendor/lusitanian/oauth/src/OAuth/OAuth1/Service/AbstractService.php(52):
OAuth\Common\Http\Client\StreamClient->retrieveResponse(Object(OAuth\Common\Http\Uri\Uri),
Array, Array) #1 /var/www/magento2/authInterface/checklogin.php(19):
OAuth\OAuth1\Service\AbstractService->requestRequestToken() #2 {main} thrown in
/var/www/magento2/vendor/lusitanian/oauth/src/OAuth/Common/Http/Client/StreamClient.php on line 73

From what I gather from googling it, it might have something to do with the fact that I'm not using HTTPS for the tests ?

Any help would be appreciated

Thanks

[OLTC-fperrin]

Here are some more info on the request:

$headers = array(
    "Authorization" =>  'Authorization: OAuth oauth_callback="http%3A%2F%2Fwww.magento2.local", oauth_consumer_key="d4pqd0icypwsy67ltbjbvdrgscvg4uvp", oauth_nonce="HNwXbDXQx5z55wCr3mfwMH7Oss8B7eAE", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1454058970", oauth_version="1.0", oauth_signature="a2ULL3tTdOOrkBOYOiSfxX5wcew%3D"',
    "Content-Type" =>  "Content-Type: application/x-www-form-urlencoded",
    "Host" =>  "Host: www.magento2.local",
    "Connection" =>  "Connection: close",
    "Content-length" =>  "Content-length: 0",
);
$context = stream_context_create(
    array(
        'http' => array(
            'method'           => 'POST',
            'header'           => implode("\r\n", array_values($headers)),
            'content'          => "",
            'protocol_version' => '1.1',
            'user_agent'       => "PHPoAuthLib",
            'max_redirects'    => 5,
            'timeout'          => 15
        ),
    )
);
$response = file_get_contents('http://www.magento2.local/oauth/token/request', false, $context);

These values were extracted from /vendor/lusitanian/oauth/src/OAuth/Common/Http/Client/StreamClient::retrieveResponse() method.

Still unauthorized... :/

Warning: file_get_contents(http://www.magento2.local/oauth/token/request): failed to open stream: HTTP request failed! HTTP/1.1 401 Unauthorized in /var/www/magento2/authInterface/TestToken.php on line 23
bool(false)

[ktomk]

Please read the message:

HTTP/1.1 401 Unauthorized

Please provide the according entries form your web-server logfiles (access and error logs normally) that are related to your request. They contain more information.

[OLTC-fperrin]

Here are the logs related to the request :

access log:

127.0.0.1 - - [01/Feb/2016:11:34:39 +0100] "POST /oauth/token/request HTTP/1.1" 401 534 "-" "PHPoAuthLib"
100.0.0.1 - - [01/Feb/2016:11:34:39 +0100] "POST /pub/external-book-app/check-login.php?consumer_id=2&callback_url=http%3A%2F%2Fwww.magento2.local%2Fadmin%2Fadmin%2Fintegration%2FloginSuccessCallback%2F HTTP/1.1" 200 893 
"http://magento2.local/pub/external-book-app/identity-link-url.php?consumer_id=2&success_call_back=http%3A%2F%2Fwww.magento2.local%2Fadmin%2Fadmin%2Fintegration%2FloginSuccessCallback%2F" 
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.97 Safari/537.36"

error log:

[Mon Feb 01 11:34:40.466393 2016] [:error] [pid 32456] [client 100.0.0.1:52719] PHP Fatal error:  Uncaught exception 'OAuth\\Common\\Http\\Exception\\TokenResponseException' with message
'file_get_contents(http://www.magento2.local/oauth/token/request): failed to open stream: HTTP request failed! HTTP/1.1 401 Unauthorized'
in /var/www/magento2/vendor/lusitanian/oauth/src/OAuth/Common/Http/Client/StreamClient.php:73
Stack trace:
#0 /var/www/magento2/vendor/lusitanian/oauth/src/OAuth/OAuth1/Service/AbstractService.php(52): OAuth\\Common\\Http\\Client\\StreamClient->retrieveResponse(Object(OAuth\\Common\\Http\\Uri\\Uri), Array, Array)
#1 /var/www/magento2/pub/external-book-app/check-login.php(26): OAuth\\OAuth1\\Service\\AbstractService->requestRequestToken()
#2 {main}
thrown in /var/www/magento2/vendor/lusitanian/oauth/src/OAuth/Common/Http/Client/StreamClient.php on line 73, 
referer: http://magento2.local/pub/external-book-app/identity-link-url.php?consumer_id=2&success_call_back=http%3A%2F%2Fwww.magento2.local%2Fadmin%2Fadmin%2Fintegration%2FloginSuccessCallback%2F

[arkadiych]

Try to increase timeout to 120 and try to use CurlClient instead of StreamClient.

[OLTC-fperrin]

Ok so I tried it with CurlClient which got me past the 401 response but then I got the same issue as this post: [API] OAuth1.0 request token request failing / Consumer key has expired (even though the timezone is the same on the client and server :/)

After setting the oauth config expire to crazy high values it worked with both CurlClient and StreamClient...

Here are the values I set which I DO NOT recommend (way too high)

oauth/cleanup/cleanup_probability = 0
oauth/cleanup/expiration_period = 10000

oauth/consumer/post_timeout = 500
oauth/consumer/post_maxredirects = 5
oauth/consumer/expiration_period = 18000

[OLTC-fperrin]

Ok so I can confirm, it seems to come from the config values:
Here are the 4 scenario I just tried to verify my last post:

Scenario 1: StreamClient + Default values:

oauth/cleanup/cleanup_probability = 100
oauth/cleanup/expiration_period = 120

oauth/consumer/post_timeout = 300
oauth/consumer/post_maxredirects = 0
oauth/consumer/expiration_period = 5

Result 1: HTTP/1.1 401 Unauthorized

Scenario 2: CurlClient + Default values

oauth/cleanup/cleanup_probability = 100
oauth/cleanup/expiration_period = 120

oauth/consumer/post_timeout = 300
oauth/consumer/post_maxredirects = 0
oauth/consumer/expiration_period = 5

Result 2:

OauthClient.php
Array (
    [oauth_problem] => Consumer key has expired
)
\OAuth\Common\Http\Client\CurlClientOauthClient.php
Array (
    [oauth_problem] => Token is not the correct length
)

Scenario 3: StreamClient + Custom values

oauth/cleanup/cleanup_probability = 0
oauth/cleanup/expiration_period = 1000

oauth/consumer/post_timeout = 18000
oauth/consumer/post_maxredirects = 5
oauth/consumer/expiration_period = 500

Result 3: Integration authorized/activated

Scenario 4: CurlClient + Custom values

oauth/cleanup/cleanup_probability = 0
oauth/cleanup/expiration_period = 1000

oauth/consumer/post_timeout = 18000
oauth/consumer/post_maxredirects = 5
oauth/consumer/expiration_period = 500

Result 4: Integration authorized/activated

[andimov]

@LTC-fperrin
Thank you a lot for reporting this issue!
Please refer to the Community Forums or Magento Stack Exchange site for technical questions.