Flickr API issue - oauth_problem=token_used

Question

I am confused regarding some of my FLICKR API requests. I authorize the user and exchange the authorization for the access token. I can do any API call that requires the signed signature, such as flickr.tags.getListUser or flickr.photos.search and it will return photos that only that user has permission to see.

However, I'm having trouble with calls such as flickr.test.login or flickr.tags.getMostFrequentlyUsed. I always get oauth_problem=token_used, which I think is odd because I can use the token on any signed call. I figure I must be signing it incorrectly. I tried not passing the oauth_token, and oauth_secret, and it complains that it wants the oauth_token. But when I try to pass the oauth_token with the oauth_secret, I get the "token_used" error. I also tried leaving the secret blank, I tried using the oauth_verification instead. Nothing is working.

Here is a sample URL I am passing for flickr.test.login:

http://api.flickr.com/services/rest/?method=flickr.test.login&oauth_consumer_key=eac3ded0aaaf2388b83dd43e19b5f1f7&oauth_nonce=69D345C629AC9E9F000AEEAE7A8DB85C052DFF77&oauth_signature=GWNAv%2FiHbp0oQiBBs5c4dCrYPsQ%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1395259828&oauth_token=72157642604970135-bd22ef7d2a5a2231&oauth_version=1.0 

Answer 1

I was having this same problem. The library I was using (ObjectiveFlickr) maintains a context which has a data structure for holding OAuth token and secret. Unfortunately as part of the OAuth "dance", those same fields are used in one step to hold the request token and secret and it is up to the user to replace them with the OAuth token and secret later on when they are granted.

The moral of the story is that if you are seeing this error, you are making an API request using an already-used request token instead of OAuth token.