I am using the Ruby Oauth 1.0 library in my script (non-rails) that calls a Flickr 3rd party API which needs authorization. I have been having trouble getting the authorization of my request token. I continually get back 401 Unauthorized. My confusion stems from the use of callbacks, session and redirects being used in a ruby script. How is this supposed to work in a regular Ruby script that is not in itself a webserver/rails app? I have gotten the authentication to work manually in Postman but in order to get the authorization verifier, I have to open a browser and paste the callback as the URL and then copy the verifier that appears in the URL.
I would seem that since I am not authenticating at a website that the callback, redirect_to and session would not be needed.
Is there a way to get this working in my script without a callback and redirect?
I tried the following with the results included.
A snippet is listed below of what I'm trying to do.
require 'oauth'
require 'byebug'
callback_url = "localhost URL"
# Create a new OAuth::Consumer instance by passing it a configuration hash:
consumer_key = "a2e299ac1d635a7c9f2d7c7b70588679"
consumer_secret = "235de478b9a078ae"
@oauth_consumer = OAuth::Consumer.new(consumer_key, consumer_secret,
{ :site => "https://flickr.com",
# { :site => "https://flickr.com/services",
:scheme => :header,
:http_method => :get,
:request_token_path => "request_token URL",
:access_token_path => "access_token URL",
:authorize_path => "authorize URL",
:body_hash_enabled => false,
:debug_output => true
})
@request_token = @oauth_consumer.get_request_token(oauth_callback: callback_url)
session = {}
session[:token] = @request_token
session[:token_secret] = @request_token
# redirect_to @request_token.authorize_url(oauth_callback: callback_url) # redirect_to not available in ruby script
puts "request token: #{session[:token]}"
puts "request token secret: #{session[:token_secret]}"
auth_str = @request_token.authorize_url(oauth_callback: callback_url)
# When user returns create an access_token
hash = { oauth_token: session[:token], oauth_token_secret: session[:token_secret] }
@request_token = OAuth::RequestToken.from_hash(@oauth_consumer, hash)
@access_token = @request_token.get_access_token
@recognitions = @access_token.get("login URL")
type here
I see the following results.
reading 28 bytes...
-> "oauth_problem=token_rejected"
read 28 bytes
Conn close
Traceback (most recent call last):
2: from flickr_client.rb:38:in `<main>'
1: from /Users/bhunsake/.rbenv/versions/2.7.7/lib/ruby/gems/2.7.0/gems/oauth-1.1.0/lib/oauth/tokens/request_token.rb:28:in `get_access_token'
/Users/bhunsake/.rbenv/versions/2.7.7/lib/ruby/gems/2.7.0/gems/oauth-1.1.0/lib/oauth/consumer.rb:268:in `token_request': 401 Unauthorized (OAuth::Unauthorized)
I have found a simple answer to my own question. Apparently the Ruby Auth Consumer object takes care of any authorization/authentication when no login verification is needed. In this case with Flickr, I just needed to add the Consumer (API) Key as shown below.
require 'oauth'
consumer_key = "a2e299ac1d635a7c9f2d7c7b70588679"
consumer_secret = "235de478b9a078ae"
consumer = OAuth::Consumer.new(consumer_key, consumer_secret,
:site => "https://www.flickr.com/services")
response = consumer.request(:get, '/rest/?method=flickr.photos.getRecent&api_key=a2e299ac1d635a7c9f2d7c7b70588679&per_page=10&format=json&nojsoncallback=1', nil, {}, {})
puts response.body