Home/ Questions/Q 8075691
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-05T15:04:34+00:00

String baseString=POST&; String subBaseString = oauth_consumer_key=+oauth_consumer_key+&oauth_nonce=+nonce+&oauth_signature_method=+oauth_signature_method; subBaseString += &oauth_timestamp=+ oauth_timestamp+&oauth_token=+oauth_token+&oauth_version=1.0; baseString += URLEncoder.encode(baseRequest, UTF-8);

  • 0
String baseString="POST&";
String subBaseString = "oauth_consumer_key="+oauth_consumer_key+"&oauth_nonce="+nonce+"&oauth_signature_method="+oauth_signature_method;
subBaseString += "&oauth_timestamp="+  oauth_timestamp+"&oauth_token="+oauth_token+"&oauth_version=1.0";
baseString += URLEncoder.encode(baseRequest, "UTF-8");
baseString += "&" +  URLEncoder.encode(subBaseString, "UTF-8");

String result;
try {

    SecretKeySpec signingKey = new SecretKeySpec(oauth_consumer_key.getBytes(), oauth_signature_method);

    Mac mac = Mac.getInstance(oauth_signature_method);
    mac.init(signingKey);

    byte[] rawHmac = mac.doFinal(baseString.getBytes());

    // base64-encode the hmac
    result = Base64.encode(rawHmac);

} catch (Exception e) {
    throw new SignatureException("Failed to generate HMAC : " + e.getMessage());
}

This is my oauth_signature generation code….

but getting error..

{“error”: “OAuthError in API v1+. Request mis-signed: Invalid or Missing Signature”}

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    OAuth signatures, nonces, and timestamps are all security measures that are necessary if you’re using plain HTTP. But since the Dropbox API can be used over HTTPS, you can drop all that complexity and just use the PLAINTEXT signature mode is much simpler.

    Here’s some example Java code that does the job. (It puts the OAuth information in the “Authorization” HTTP header, but you can URL parameters instead if you want.)

     /**
  * @param token
  *    For all "real" API endpoints, pass in the access token here.
  *    For "/oauth/access_token", pass in the request token here.
  *    (For "/oauth/request_token", use {@link #buildInitialOAuthHeader}.)
  */
 public static HttpHeader buildOAuthHeader(AppInfo appInfo, Token token)
 {
     StringBuilder buf = new StringBuilder();
     buf.append("OAuth ");
     buf.append("oauth_token=\"").append(token.key).append("\"");
     buf.append(", oauth_consumer_key=\"").append(appInfo.key).append("\"");
     buf.append(", oauth_signature_method=\"PLAINTEXT\"");
     buf.append(", oauth_signature=\"").append(appInfo.secret).append("&").append(token.secret).append("\"");
     return new HttpHeader("Authorization", buf.toString());
 }

 /**
  * For "/oauth/request_token".
  */
 public static HttpHeader buildInitialOAuthHeader(AppInfo appInfo)
 {
     StringBuilder buf = new StringBuilder();
     buf.append("OAuth ");
     buf.append(" oauth_consumer_key=\"").append(appInfo.key).append("\"");
     buf.append(", oauth_signature_method=\"PLAINTEXT\"");
     buf.append(", oauth_signature=\"").append(appInfo.secret).append("&\"");
     return new HttpHeader("Authorization", buf.toString());
 }
    • 0