Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Problem getting access token for QuickBooks API
See original GitHub issueHi,
I’m completely baffled as to why I keep getting a signature invalid error. Below are the logs from my attempt to get an access token. The authorization seems to work fine.
One thing that seems odd that I noticed in the logs below is that when it prepares to request the access token, a few fields are None, which maybe shouldn’t be, but I’m not sure why they weren’t passed from the previous legs of the OAuth flow: nonce, realm, timestamp, resource_owner_secret
Any help would be greatly appreciated.
DEBUG 2016-04-25 18:44:30,099 requests_oauthlib.oauth1_session Parsing token from query part of url http://app.histowiz.com/orders/admin/quickbooks-updated?oauth_token=qyprdmWMFvLBw43PbcmXuisKFLcmx65GE0rhoFCX8huF6pmY&oauth_verifier=rixnbq7&realmId=1421453050&dataSource=QBO
DEBUG 2016-04-25 18:44:30,100 requests_oauthlib.oauth1_session Updating internal client token attribute.
INFO 2016-04-25 18:44:30,100 root Parsing auth response from QB: {u'oauth_verifier': u'rixnbq7', u'oauth_token': u'qyprdmWMFvLBw43PbcmXuisKFLcmx65GE0rhoFCX8huF6pmY', u'realmId': u'1421453050', u'dataSource': u'QBO'}
DEBUG 2016-04-25 18:44:30,100 requests_oauthlib.oauth1_session Fetching token from https://oauth.intuit.com/oauth/v1/get_access_token using client <Client nonce=None, signature_method=HMAC-SHA1, realm=None, encoding=utf-8, timestamp=None, resource_owner_secret=None, decoding=utf-8, verifier=rixnbq7, signature_type=QUERY, rsa_key=None, resource_owner_key=qyprdmWMFvLBw43PbcmXuisKFLcmx65GE0rhoFCX8huF6pmY, client_secret=****, callback_uri=https://app.histowiz.com/orders/admin/quickbooks-updated, client_key=qyprdbpcVtvjQk7le3cvOfHQQ6MBJP>
DEBUG 2016-04-25 18:44:30,101 requests_oauthlib.oauth1_auth Signing request <PreparedRequest [POST]> using client <Client nonce=None, signature_method=HMAC-SHA1, realm=None, encoding=utf-8, timestamp=None, resource_owner_secret=None, decoding=utf-8, verifier=rixnbq7, signature_type=QUERY, rsa_key=None, resource_owner_key=qyprdmWMFvLBw43PbcmXuisKFLcmx65GE0rhoFCX8huF6pmY, client_secret=****, callback_uri=https://app.histowiz.com/orders/admin/quickbooks-updated, client_key=qyprdbpcVtvjQk7le3cvOfHQQ6MBJP>
DEBUG 2016-04-25 18:44:30,102 requests_oauthlib.oauth1_auth Including body in call to sign: False
DEBUG 2016-04-25 18:44:30,103 requests_oauthlib.oauth1_auth Updated url: https://oauth.intuit.com/oauth/v1/get_access_token?oauth_nonce=14292045425371585741461609870&oauth_timestamp=1461609870&oauth_version=1.0&oauth_signature_method=HMAC-SHA1&oauth_consumer_key=qyprdbpcVtvjQk7le3cvOfHQQ6MBJP&oauth_token=qyprdmWMFvLBw43PbcmXuisKFLcmx65GE0rhoFCX8huF6pmY&oauth_callback=https%3A%2F%2Fapp.histowiz.com%2Forders%2Fadmin%2Fquickbooks-updated&oauth_verifier=rixnbq7&oauth_signature=F%2BJTxC%2FJQM6AuIGxRxKSGvJD9Ks%3D
DEBUG 2016-04-25 18:44:30,104 requests_oauthlib.oauth1_auth Updated headers: {'Content-Length': '0', 'Connection': 'keep-alive', 'Accept-Encoding': 'gzip, deflate', 'Accept': '*/*', 'User-Agent': 'python-requests/2.9.1'}
DEBUG 2016-04-25 18:44:30,104 requests_oauthlib.oauth1_auth Updated body: None
INFO 2016-04-25 18:44:30,105 requests.packages.urllib3.connectionpool Starting new HTTPS connection (1): oauth.intuit.com
ERROR 2016-04-25 18:44:30,457 histowiz Exception on /orders/admin/quickbooks-updated [GET]
Traceback (most recent call last):
File "/usr/local/lib/python2.7/site-packages/flask/app.py", line 1687, in wsgi_app
response = self.full_dispatch_request()
File "/usr/local/lib/python2.7/site-packages/flask/app.py", line 1360, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/usr/local/lib/python2.7/site-packages/flask/app.py", line 1358, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/local/lib/python2.7/site-packages/flask/app.py", line 1344, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/usr/local/lib/python2.7/site-packages/flask_login.py", line 758, in decorated_view
return func(*args, **kwargs)
File "/usr/local/lib/python2.7/site-packages/flask_security/decorators.py", line 170, in decorated_view
return fn(*args, **kwargs)
File "/srv/histowiz/histowiz/controllers/orders.py", line 225, in admin_quickbooks_updated
ok = qbo.update_access_tokens(request.url)
File "/srv/histowiz/histowiz/controllers/qbint.py", line 88, in update_access_tokens
tokens = session.fetch_access_token(self.access_token_url)
File "/usr/local/lib/python2.7/site-packages/requests_oauthlib/oauth1_session.py", line 302, in fetch_access_token
token = self._fetch_token(url)
File "/usr/local/lib/python2.7/site-packages/requests_oauthlib/oauth1_session.py", line 349, in _fetch_token
raise TokenRequestDenied(error % (r.status_code, r.text), r)
TokenRequestDenied: Token request failed with code 401, response was 'oauth_problem=signature_invalid'.
Issue Analytics
- State:
- Created 7 years ago
- Comments:7 (2 by maintainers)
Top Results From Across the Web
Can not get QuickBooks API accessTokenKey for OAuth 2.0 ...
I am stacked on getting accessTokenKey in order to complete configurations and start to do API requests. QuickBooks provides a tool named OAuth...
Read more >Can't get the authorization code of Quickbooks API through ...
I Turned to Curl PHP with replacing my credentials, when I visit the link I get the auth code and I could obtian...
Read more >QuickBooks OAuth: How to Set up the Online Accounting API ...
Get QuickBooks OAuth Tokens. Now, click on your application name in the dashboard. Quickbooks OAuth with-shadow. This developer page has ...
Read more >Obtaining Authorization Code From QuickBooks Online API
The suggested solution assumes that I already have the access token and refresh token. To get those tokens, you need an authorization code...
Read more >QBO Sync Error - "Refresh OAuth 2 Access token with Refresh ...
QBO Sync Error - "Refresh OAuth 2 Access token with Refresh Token failed." · Go to Settings. · Select ERP Management. · Under...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
To clarify: ideally, since we are just doing a back-office integration, we could just use a single API key forever—OAuth protocol is overkill for this since we’re not trying to provide single sign-on for our users. But Quickbooks is lame and doesn’t have a way to do API integration except with OAuth.
I tried using their refresh token API and it didn’t work. If it was my code, it’s nearly impossible to debug the refresh token API, because it has to be called within a certain range of expiration of your existing access token.
So, to work around that, I just created this admin url for re-authorizing for any admins in the system who have access to the Quickbooks online account. The idea is I will write a crontab entry to email a link to this admin url for reauthing right before the last access token is set to expire.
I have also opened a support ticket with Quickbooks, but thus far, my experience with their support and even their answers to technical questions on their forums has been pretty useless.
Ok, I figured it out: The reason it doesn’t work if you create an OAuth1Session in two separate requests is because the get request token sets a resource_owner_secret, which is no longer present if you create a new OAuth1Session from scratch. So I am saving (temporarily) this resource_owner_secret value and adding it back to the 2nd OAuth1Session I create, and the flow works now.
Thank you for your help!