Home/ Questions/Q 7521201
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-30T02:11:48+00:00

When I request from LinkedIn a request token to https://api.linkedin.com/uas/oauth/requestToken , I get the

  • 0

When I request from LinkedIn a request token to https://api.linkedin.com/uas/oauth/requestToken, I get the following error:

oauth_problem=signature_invalid&oauth_problem_advice=com.linkedin.security.auth.pub.LoginDeniedInvalidAuthTokenException%20while%20obtaining%20request%20token%20for%20%3APOST%26https%253A%252F%252Fapi.linkedin.com%252Fuas%252Foauth%252FrequestToken%26oauth_callback%253Doob%2526oauth_consumer_key%253DI9DvH3zT4c-sjmrQTmo_AeJOfi8v8n1ChYHYAV8A3siVLyu1qLZqPq_HiGecD0bp%2526oauth_nonce%253D2958724240022%2526oauth_signature_method%253DHMAC-SHA1%2526oauth_timestamp%253D1308562221%2526oauth_version%253D1.0%0AOAU%3AI9DvH3zT4c-sjmrQTmo_AeJOfi8v8n1ChYHYAV8A3siVLyu1qLZqPq_HiGecD0bp%7C%2A01%7C%2A01%7C%2A01%3A1308562221%3AkPisU0TwUgiNIYpigUrKITMwo7c%3D

This is a HTTP 401 Unauthorized response.

The Exception:

net.oauth.exception.OAuthException: HTTP/1.0 401 Unauthorized
oauth_problem=signature_invalid&oauth_problem_advice=com.linkedin.security.auth.pub.LoginDeniedInvalidAuthTokenException%20while%20obtaining%20request%20token%20for%20%3APOST%26https%253A%252F%252Fapi.linkedin.com%252Fuas%252Foauth%252FrequestToken%26oauth_callback%253Doob%2526oauth_consumer_key%253DI9DvH3zT4c-sjmrQTmo_AeJOfi8v8n1ChYHYAV8A3siVLyu1qLZqPq_HiGecD0bp%2526oauth_nonce%253D2958724240022%2526oauth_signature_method%253DHMAC-SHA1%2526oauth_timestamp%253D1308562221%2526oauth_version%253D1.0%0AOAU%3AI9DvH3zT4c-sjmrQTmo_AeJOfi8v8n1ChYHYAV8A3siVLyu1qLZqPq_HiGecD0bp%7C%2A01%7C%2A01%7C%2A01%3A1308562221%3AkPisU0TwUgiNIYpigUrKITMwo7c%3D
    at net.oauth.consumer.OAuth1Consumer.requestUnauthorizedToken(OAuth1Consumer.java:133)
    at com.neurologic.example.LinkedInExample.requestUnauthorizedRequestToken(LinkedInExample.java:39)
    at com.neurologic.example.LinkedInExample.main(LinkedInExample.java:57)

The example source code to connect to LinkedIn:

/**
 * 
 */
package com.neurologic.example;

import net.oauth.consumer.OAuth1Consumer;
import net.oauth.exception.OAuthException;
import net.oauth.provider.OAuth1ServiceProvider;
import net.oauth.signature.impl.OAuthHmacSha1Signature;
import net.oauth.token.v1.AccessToken;
import net.oauth.token.v1.AuthorizedToken;
import net.oauth.token.v1.RequestToken;

/**
 * @author Buhake Sindi
 * @since 14 June 2011
 *
 */
public class LinkedInExample {

    private static final String LINKEDIN_API_URL = "https://api.linkedin.com";
    private static final String API_KEY = "ENTER-API-KEY-HERE";
    private static final String API_SECRET  = "ENTER-API-SECRET-HERE";
    private static final String CALLBACK_URL = "oob";
    private OAuth1Consumer consumer;


    /**
     * 
     */
    public LinkedInExample() {
        super();
        // TODO Auto-generated constructor stub
        consumer = new OAuth1Consumer(API_KEY, API_SECRET, new OAuth1ServiceProvider(LINKEDIN_API_URL + "/uas/oauth/requestToken", LINKEDIN_API_URL + "/uas/oauth/authorize", LINKEDIN_API_URL + "/uas/oauth/accessToken"));
    }

    public RequestToken requestUnauthorizedRequestToken() throws OAuthException {
        return consumer.requestUnauthorizedToken(LINKEDIN_API_URL, CALLBACK_URL, null, new OAuthHmacSha1Signature());
    }

    public String getAuthorizationUrl(RequestToken token) throws OAuthException {
        return consumer.createOAuthUserAuthorizationUrl(token, null);
    }

    public AccessToken requestAccessToken(AuthorizedToken authorizedToken, RequestToken requestToken) throws OAuthException {
        return consumer.requestAccessToken(LINKEDIN_API_URL, requestToken, authorizedToken, new OAuthHmacSha1Signature());
    }

    /**
     * @param args
     */
    public static void main(String[] args) {
        // TODO Auto-generated method stub
        try {
            LinkedInExample example = new LinkedInExample();
            RequestToken rt = example.requestUnauthorizedRequestToken();

            //Now that we have request token, let's authorize it....
            String url = example.getAuthorizationUrl(rt);

            //Copy the URL to your browser and make sure that OAuth 1 Servlet is running....
        } catch (OAuthException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
    }

}

My library: JOAuth (version 1.2.1). What have I done wrong to return a com.linkedin.security.auth.pub.LoginDeniedInvalidAuthTokenException advice from LinkedIn?

Thanks

PS: OAuth 1 works perfectly with Twitter (tested), hence I don’t understand what’s going on. Also, LinkedIn uses OAuth 1.0 Revision A, which JOAuth conforms (as well as RFC5849).

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I’ve figured it out. The problem was with normalizing the Base String URI. The path of the URI must not be in lowercase (in which mine did). I’ve fixed the issue. The issue was in method found in net.oauth.util.OAuth1Util.normalizeUrl() method.

    • 0