Not able to use Magento REST APIs using OAuth

Question

I am using Magento version 1.7.0.2 and trying to use Magento Rest APIs using OAuth Integration. I have installed OAuth and following is the snippet of code that i have put in root directory of magento and i am running it in web browser by typing http://x.x.x.x:5009/oauth_customer.php

$callbackUrl = "http://x.x.x.x:5009/oauth_customer.php";
$temporaryCredentialsRequestUrl = "http://x.x.x.x:5009/oauth/initiate?oauth_callback=" . urlencode($callbackUrl);
$adminAuthorizationUrl = 'http://x.x.x.x:5009/oauth/authorize';
$accessTokenRequestUrl = "http://x.x.x.x:5009/oauth/token";
$apiUrl = "http://x.x.x.x:5009/api/rest";
$consumerKey = 'yourconsumerkey';
$consumerSecret = 'yourconsumersecret';

session_start();
if (!isset($_GET['oauth_token']) && isset($_SESSION['state']) && $_SESSION['state'] == 1)  {
    $_SESSION['state'] = 0;
}
try {
$authType = ($_SESSION['state'] == 2) ? OAUTH_AUTH_TYPE_AUTHORIZATION : OAUTH_AUTH_TYPE_URI;
$oauthClient = new OAuth($consumerKey, $consumerSecret, OAUTH_SIG_METHOD_HMACSHA1, $authType);
$oauthClient->enableDebug();

if (!isset($_GET['oauth_token']) && !$_SESSION['state']) {
    $requestToken = $oauthClient->getRequestToken($temporaryCredentialsRequestUrl);
    $_SESSION['secret'] = $requestToken['oauth_token_secret'];
    $_SESSION['state'] = 1;
    header('Location: ' . $adminAuthorizationUrl . '?oauth_token=' . $requestToken['oauth_token']);
    exit;
} else if ($_SESSION['state'] == 1) {
    $oauthClient->setToken($_GET['oauth_token'], $_SESSION['secret']);
    $accessToken = $oauthClient->getAccessToken($accessTokenRequestUrl);
    $_SESSION['state'] = 2;
    $_SESSION['token'] = $accessToken['oauth_token'];
    $_SESSION['secret'] = $accessToken['oauth_token_secret'];
    header('Location: ' . $callbackUrl);
    exit;
} else {
    $oauthClient->setToken($_SESSION['token'], $_SESSION['secret']);
    $resourceUrl = "$apiUrl/products";
    $oauthClient->fetch($resourceUrl);
    $productsList = json_decode($oauthClient->getLastResponse());
    print_r($productsList);
}
} catch (OAuthException $e) {
   print_r($e);
}

http://x.x.x.x:5009 is ip address followed 5009 where 5009 is port number specified. When we run this in the browser, i always get the following error - Invalid auth/bad request (got a 401, expected HTTP/1.1 20X or a redirect) oauth_problem=signature_invalid&debug_sbs=Bya6oE4ujTEEFLVL6Mm04PqTA4g=

I am not able to get this work.

Note - I have generated consumer key and secret key. Not sure of how created user credentials with customer access to REST API Resources fit into the above script. Also i want to know if we can use magento apis on any non magento site with oAuth integration programatically without the user having to grant access to application each time to generate request token.

Answer 1

You have to generate oauth token first. Follow this http://www.aschroder.com/2012/04/introduction-to-the-magento-rest-apis-with-oauth-in-version-1-7/ then test http://www.magentocommerce.com/api/rest/testing_rest_resources.html

If you dont want authentication you can use curl to get desired data. http://snipplr.com/view/44760/

In url pass valid magento resource url like www.yourwebsite.com/api/rest/products