AnsweredAssumed Answered

How can I rebuild oauth_signature to match Canvas oauth_signature?

Question asked by Jhonathan Arenas on Mar 20, 2018
Latest reply on Mar 22, 2018 by James Jones

Hello,

 

I am trying to use my app as a provider which receives all oauth data via post request  i.e. `oauth_consumer_key`, `oauth_nonce`, `oauth_signature_method`, `oauth_timestamp`, `oauth_version` and `oauth_signature`. Additionally, other bunch of data such as `context_id`, `context_label`, `context_title`, etc (not going to list them all).

 

In order to certify that request as a trusted one I have to rebuild the oauth_signature from the data received by post and the shared key both Canvas and My app have.

 

My question is: What fields do I have to include in the signature base string apart from the ones prefixed with `oauth_` to match the signature Canvas is sending.

 

This is the signature base string I am generating:

 

POST&http%3A%2F%2Fbob-env-boxofbooks.192.168.99.100.nip.io%2Fbook%2FE3FEE800-063F-11E8-AF6B1AC201329256%2Fwebreader&oauth_consumer_key%3Dboxofbooks%26oauth_nonce%3DBOQjQaiz5n9U7hYE462GhmFNtMaLyUJiQyx4t4EIPQ%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1521526505%26oauth_version%3D1.0.

 

Thanks in advance for any help.

Outcomes