access_token fail #1
Comments
|
Very cool, I'll give this a look. I haven't played with the Etrade API in a while, but it's worth picking it up again to try this out! |
|
Yeah, feel free to close out this issue if you don't feel like picking it back up. Just thought you'd like to know you're not crazy. There actually does seem to be a bug in the OAuth library. : ) |
|
I'll keep this open to remind me to look at this when I have some. Greatly appreciated for sharing this with me ❤️ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I came across your library while trying to troubleshoot the exact same problem myself. I learned that the github.com/dghubble/oauth1 library does not parameter-encode the Consumer Secret and the Request Token Secret per the OAuth 1 spec. The library probably works fine with any services that do not include special characters in their secrets, but etrade does include them. So, the key generation for HMAC signing is currently invalid in this library, which is why you're getting the access_token failure.
I've opened this pull request to fix the library. However, you can also temporarily work around the issue by manually invoking
oauth1.PercentEncode(secret)everywhere you pass a secret to the library (though note that, if dghubble accepts my pull request, the workaround will break). For example:oauth1.NewConfig(consumerKey, oauth1.PercentEncode(consumerSecret))config.AccessToken(requestToken, oauth1.PercentEncode(requestTokenSecret), verifierCode)It looks like you currently just print
accessSecret, but when you use it to create thehttpClient, I think you'll want to escape it there:The text was updated successfully, but these errors were encountered: