This is a static archive of our old OpenStreetMap Help Site. Please post any new questions and answers at community.osm.org.

OAuth request token url returns “500 Internal Server Error”

0

Hi

I am developing an Android app to upload GPX traces to OpenStreetMaps. I have registered my app and now I am testing it. But I don't manage to get a token. When I try it both servers (test and production) return the same error: 500 I have been googling a lot, I found this issue: https://github.com/openstreetmap/openstreetmap-website/issues/2222 And I registered a new app, but it fails too.

Thank you for your help.

Jesus Picornell

asked 04 Jan '21, 16:48

GlobalSpark's gravatar image

GlobalSpark
11113
accept rate: 0%

1

According to https://github.com/openstreetmap/openstreetmap-website/issues/1049#issuecomment-136450085 the problem is not an unknown client but an invalid signature.

(05 Jan '21, 06:48) scai ♦

Hi, I am testing Openstreetmaps OAuth using an Android app. This is the related code:

    ...
    OkHttpClient client = new OkHttpClient();

    String url3 = "https://master.apis.dev.openstreetmap.org/oauth/request_token";

    RequestBody formBody = new FormBody.Builder()
            .add("consumer_key", client_id)
            .add("consumer_secret", client_secret)
            .add("callback", "https://spark71.com")
            .build(); 
    Request request = new Request.Builder()
            .url(url3)
            .post(formBody)
            .build();

    client.newCall(request)
            .enqueue(new Callback() {
                @Override
                public void onFailure(final Call call, IOException e) {

...

Thank you

Jesus Picornell

(06 Jan '21, 19:31) GlobalSpark

One Answer:

1

You are being extremely thin with details, well actually you are giving us none.

Literally 100's of contributors use OAuth to authorize their apps for OpenStreetMap (note no "s") every day, so it clearly does work.

If you really want help, then you should at least

  • include a pointer to your source code repository or an extract o the relevant code
  • indicate which framework/library you are using.

UPDATE

You don't seem to be actually signing the request. While it is completely possible to do implement https://tools.ietf.org/html/rfc5849#section-3.1 yourself, you are going to be far better off using a library that does this for you. For example signpost or any other library that supports OAuth 1.0a.

PS: if you choose signpost you will need https://github.com/pakerfeldt/okhttp-signpost for use with OkHttp.

answered 05 Jan '21, 20:25

SimonPoole's gravatar image

SimonPoole ♦
44.7k13326701
accept rate: 18%

edited 07 Jan '21, 09:47

Source code available on GitHub .