OAuth 2-legged request gets "signature_invalid"

[ghazel]

Based on this working example: http://paul.donnelly.org/demos/oauth.htm
I tried to do the same thing from Ruby with the oauth gem, but I get "signature_invalid":

require 'oauth'

key = "dj0yJmk9Rm1MUU9iWmdNZ2FjJmQ9WVdrOVZWWk9Wa3h5TldFbWNHbzlNVEk0TXpNMk1EYzFPQS0tJnM9Y29uc3VtZXJzZWNyZXQmeD1kMg--"
secret = "570e2ef3db460b114e6a0a987709a0f6a90b5ec0"

consumer = OAuth::Consumer.new(key, secret, :site => "http://query.yahooapis.com")
access_token = OAuth::AccessToken.new(consumer)
r = access_token.get("/v1/yql?q=select%20*%20from%20search.news%20where%20query%3D%22obama%22&format=json&callback=myCallback")
p r.body

produces:
oauth-0.3.6/lib/oauth/consumer.rb:167:inrequest': signature_invalid (OAuth::Problem)
Perhaps I'm just forming the request improperly. Any ideas?

[ghazel]

It looks like the oauth gem does not properly handle url query parameters. I was able to generate the request by hand like this:

require 'oauth'
require 'net/http' 

key = "dj0yJmk9T0JtYWdEUXpsR3REJmQ9WVdrOVVGSXhZemQyTlRJbWNHbzlOVGsxTmpNeU1EWXkmcz1jb25zdW1lcnNlY3JldCZ4PTVm"
secret = "95bb6239f9884890882cdb823120018c0b1cce85"

consumer = OAuth::Consumer.new(key, secret)

request = OAuth::RequestProxy.proxy(
  "method" => "GET",
  "uri" => "http://query.yahooapis.com/v1/yql",
  "parameters" => {
    "oauth_consumer_key" => key,
    "oauth_signature_method" => "HMAC-SHA1",
    "oauth_nonce" => OAuth::Helper.generate_key,
    "oauth_timestamp" => OAuth::Helper.generate_timestamp,
    "callback" => "myCallback",
    "format" => "json",
    "q" => 'select * from search.news where query="obama"'
    })
request.sign!(:consumer => consumer)

x = request.signed_uri
r = Net::HTTP.get(URI.parse(x))
p r

Which is quite a bit of work to do for something so simple.

[ghost]

This bug disappeared in 0.4.1

[ghazel]

I still see this bug.

[ghost]

U used oauth 0.4.1 and this:
http://github.com/floehopper/delicious-api-via-oauth

and it worked.

[ghazel]

Can you provide an example of submitting the above YQL query, as I did in the initial bug report?

[ghost]

check out his git repo.
Look into /oauth-extensions/delicious/consumer.rb

Looks like he is not using half of the shit you put in your initial request.

But there is some extra verify shit which is not part of standard oauth.

All this stuff is beyond me for a moment, I just need to upload my bookmarks to delicious.

[ghazel]

Looking at his implementation of access_token.get : http://github.com/floehopper/delicious-api-via-oauth/blob/master/oauth-extensions/delicious/access_token.rb#L17 it looks like he just creates a URL, forming the exact style of request I made in my initial post. So, it must be that the https://api.login.yahoo.com/oauth/v2 interface is not the same as the http://query.yahooapis.com/v1/yql interface. Not surprising.

So, bug still exists.

[wkrsz]

I stumbled upon this problem too. I'm trying to implement 2-legged authentication Gmail IMAP. The API requires a query parameter to be included in the url for signing:
?xoauth_requestor_id=someuser%40example.com