Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Invalid Signature - provided signature does not match

See original GitHub issue

Here is my code. I am trying my angularJS app to interact with the Woocommerce API over HTTP (NOT HTTPS).

`var oauth = OAuth({ consumer:{ public: ck, secret: cs }, signature_method: ‘HMAC-SHA1’, last_ampersand: false });

var request_data = {
  url: url,
  method: 'GET'
};

var token = {
  public: '370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb',
  secret: 'LswwdoUaIvS8ltyTt5jkRh4J50vUPVVHtR2YPi5kE'
};

$http({
  url: request_data.url,
  method: request_data.method,
  params: oauth.authorize(request_data, token)
}).then(function(data){
  console.log(data);
}, function(error){
  console.log(error);
})`

I always get the following error.

errors: [ { code: "woocommerce_api_authentication_error", message: "Invalid Signature - provided signature does not match" } ]

Any help is highly appreciated.

Issue Analytics

State:
Created 8 years ago
Comments:7 (1 by maintainers)

Top GitHub Comments

2reactions

nursahketenecommented, Oct 31, 2017

Yes. this is weird. I don’t know if you have resolved it or not!

0reactions

cacpmwcommented, Mar 4, 2022

I am getting Invalid Signature - provided signature does not match.

I have no Idea why this is happening. I use the same cs & ck on insomnia and it works…

import { Request } from "express";
import crypto from 'crypto';

import IOAuth1Provider from "../interfaces/IOAuth1Provider";
import OAuth from "oauth-1.0a";

export default class OAuth1Provider implements IOAuth1Provider {
    oauth: OAuth;

    constructor() {
        this.oauth = new OAuth({
            consumer: { key: `${process.env.WP_CONSUMER_KEY}`, secret: `${process.env.WP_CONSUMER_SECRET}` },
            signature_method: 'HMAC-SHA1',
            hash_function(base_string, key) {
                return crypto
                    .createHmac('sha1', key)
                    .update(base_string)
                    .digest('base64')
            },
        })
    }
    makeHeader(request: Request): OAuth.Header {
        return this.oauth.toHeader(this.oauth.authorize(request));
    }

}