Goodreads Developers discussion
questions
>
Can't get user id from api/auth_user in Node
date
newest »
newest »
Can you paste your entire code sample (please remove your access token and secret keys though)?Is there a link to the docs for the node module you're using you can link us to?
I'm having the same issue in Python. Using the same session, I can add a book to a shelf but I cannot view auth_user.Code:
CONSUMER_KEY = 'snap'
CONSUMER_SECRET = 'crackle'
ACCESS_TOKEN = 'fizzle'
ACCESS_TOKEN_SECRET = 'pop'
new_session = OAuth1Session(
consumer_key= CONSUMER_KEY,
consumer_secret= CONSUMER_SECRET,
access_token= ACCESS_TOKEN,
access_token_secret= ACCESS_TOKEN_SECRET,
)
response = new_session.get('http://www.goodreads.com/api/auth_user')
print response
print response.content
data = {'name' : 'to-read', 'book_id': 631932}
response2 = new_session.post('http://www.goodreads.com/shelf/add_to...', data)
print response2
print response2.content
---
>>>Response [401]
>>>Invalid OAuth Request
>>>Response [201]
>>><?xml version="1.0" encoding="UTF-8"?>
>>>
>>> 2014-10-14T21:41:26+00:00
>>> 810241764
>>> 3
>>> 1080253484
>>> 2014-10-14T21:41:26+00:00
>>> 117089621
>>> to-read
>>> true
>>>
I'm baffled. Any help is appreciated.
edit: removed carrots so response code text would be visible.
I suspect this behavior is caused by lingering cookies when performing the add_to_shelves call. This is likely a bug on our end, because add_to_shelves should not allow cookies for authentication.the /api/auth_user call as I can see it is maybe incomplete. Can you verify if your code is actually sending a nonce, signature method (should be HMAC-SHA1), timestamp as well as the oauth signature?
For instance:
{
"Accept-Encoding" = "gzip"
"Accept-Language" = "en;q=1";
Authorization = "OAuth realm=\"\", oauth_consumer_key=\"THEKEY\", oauth_token=\"MYTOKEN\", oauth_signature_method=\"HMAC-SHA1\", oauth_signature=\"THESIGNATURE\", oauth_timestamp=\"1414693791\", oauth_nonce=\"THENONCE\", oauth_version=\"1.0\"";
"Content-Type" = "application/x-www-form-urlencoded";
}
Hi Mandeep,
Our docs should explain exactly how to use OAuth with our api. Check out https://www.goodreads.com/api/oauth_e... for some examples in Ruby and Python that might help you.
Our docs should explain exactly how to use OAuth with our api. Check out https://www.goodreads.com/api/oauth_e... for some examples in Ruby and Python that might help you.
Hi, I'm trying to do the same but with android using okhttp-signpost library, it works perfectly with any endpoint different from auth.user, I guess it's a bug, here is my request
GET http://www.goodreads.com/api/auth_user HTTP/1.1
Authorization: OAuth oauth_consumer_key="7Q3mP6LBIrfxCFbXdl4w", oauth_nonce="3567116573884553527", oauth_signature="vYC1JhpKaR0ljX6dtUwwVbwXAEY%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1474033453", oauth_token="M35c5pbXU66WeCTodFZwNQ", oauth_version="1.0"
Connection: Keep-Alive
User-Agent: okhttp/3.3.0
Host: www.goodreads.com
And for another method (which it actually works)
GET http://www.goodreads.com/review/list/... HTTP/1.1
Authorization: OAuth oauth_consumer_key="7Q3mP6LBIrfxCFbXdl4w", oauth_nonce="-519316146621704088", oauth_signature="ST7DSgBMg886MUKmfsK6g%2Bh3JdY%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1474033559", oauth_token="M35c5pbXU66WeCTodFZwNQ", oauth_version="1.0"
Connection: Keep-Alive
User-Agent: okhttp/3.3.0
Host: www.goodreads.com
Those request were extracted by using OWASP ZAP application.
So I guess it must be a bug or there's something that must be done different in order to use auth_user method.
Is there another way to get user's id?
Thanks in advance.
I'm so happy to learn that 4 years later, there's still 0 activity on this issue.
statusCode: 401, data: 'Invalid OAuth Request'
I've been working on this all day, and I can't figure out what the issue is. Using the oauth node module, my code looks like this:
oa.get('https://www.goodreads.com/api/auth_user', this.options.accessToken,
this.options.accessSecret, callback);
Any help would be much appreciated. Thanks!