Question

Until few days ago everything worked fine. But after some changes on FitBit new user can not get OAuth handshake anymore. The problem is when I receive temporary tokens and make call to finish handshake and receive credentials.

So in first step I get:

TOKEN: 1a227cfde686220183763946a98173bc and VERIFIER: p2g5ims7o4ffscev603rbif05g

and in second step I use theme to make call to https://api.fitbit.com/oauth/access_token ...

Signature Base String is:

POST&https%3A%2F%2Fapi.fitbit.com%2Foauth%2Faccess_token&oauth_consumer_key%3D7c5e888aa3dd4d17a26d82a7f541b278%26oauth_token%3D1a227cfde686220183763946a98173bc%26oauth_nonce%3D5hw45lgu%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1391094796%26oauth_verifier%3Dp2g5ims7o4ffscev603rbif05g%26oauth_version%3D1.0

And by that I receive header (with signature calculated using the same function as in first step)

Authorizing with HEADER: OAuth oauth_consumer_key="7c5e888aa3dd4d17a26d82a7f541b278",oauth_token="1a227cfde686220183763946a98173bc",oauth_nonce="5hw45lgu",oauth_signature="X4udgn9A7Q2xI%2FN38QELl%2BIDVqM%3D",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1391094796",oauth_verifier="p2g5ims7o4ffscev603rbif05g",oauth_version="1.0"

That should work but I get 401 error saying:

{"errors":[{"errorType":"oauth","fieldName":"oauth_access_token","message":"Invalid signature or token 'JNGSIMomid/oghtWGrz7crC6KhM=' or token '6c45d0ce39195e848da14cad0a4f9719'"}],"success":false}

I have been working od that for 7 hours now ... and as far as I can see everything is OK ... Error is saying about field name oauth_access_token ... This fields doesn't even exist. I tried anyway and recived error saying that security is not OK ...

Any Idea?

No correct solution

OTHER TIPS

I had the same problem. After doing some research I noticed that the API has changed and the lib I was using was out dated. To fix that, I updated my lib and did some code changes. Here is the link of a .Net implementation after the change: https://github.com/aarondcoleman/Fitbit.NET/wiki/Breaking-Change-on-1-24-2014-as-a-result-of-OAuth-update-in-Fitbit-API

Regards,

Fredy

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top