starred/OAuthSwift
1
0
Fork 0
mirror of https://github.com/OAuthSwift/OAuthSwift.git synced 2026-04-26 20:55:57 +03:00
Code Issues 56 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #306] WordPress OAuth1 returns "No OAuth parameters supplied" #185

New issue
Closed
opened 2026-03-03 16:46:28 +03:00 by kerem · 23 comments
kerem commented 2026-03-03 16:46:28 +03:00
Owner
Copy link

Originally created by @phamdacloc on GitHub (Nov 5, 2016).
Original GitHub issue: https://github.com/OAuthSwift/OAuthSwift/issues/306

Description:

I'm running OAuth1 against wordpress but receiving 400 error code: "No OAuth parameters supplied"

requestError[Error Domain=NSURLErrorDomain Code=400 "HTTP Status 400: Bad Request, Response: No OAuth parameters supplied" UserInfo={NSErrorFailingURLKey=http://example.us/oauth1/request, NSLocalizedDescription=HTTP Status 400: Bad Request, Response: No OAuth parameters supplied, Response-Headers={
    "Access-Control-Allow-Headers" = Authorization;
    Connection = "keep-alive";
    "Content-Type" = "text/html; charset=UTF-8";
    Date = "Sat, 05 Nov 2016 14:13:54 GMT";
    "Keep-Alive" = "timeout=15";
    Server = nginx;
    "Transfer-Encoding" = Identity;
}, OAuthSwiftError.response=<NSHTTPURLResponse: 0x600000032320> { URL: http://example.us/oauth1/request } { status code: 400, headers {
    "Access-Control-Allow-Headers" = Authorization;
    Connection = "keep-alive";
    "Content-Type" = "text/html; charset=UTF-8";
    Date = "Sat, 05 Nov 2016 14:13:54 GMT";
    "Keep-Alive" = "timeout=15";
    Server = nginx;
    "Transfer-Encoding" = Identity;
} }, OAuthSwiftError.response.data=<4e6f204f 41757468 20706172 616d6574 65727320 73757070 6c696564>, Response-Body=No OAuth parameters supplied}]

Here is the test functions:

class ViewController: OAuthViewController {
    
    // oauth swift object (retain)
    var oauthswift: OAuthSwift?

    lazy var internalWebViewController: WebViewController = {
        let controller = WebViewController()
        controller.view = UIView(frame: UIScreen.main.bounds) // needed if no nib or not loaded from storyboard
        controller.delegate = self
        controller.viewDidLoad() // allow WebViewController to use this ViewController as parent to be presented
        return controller
    }() 
}

extension ViewController {
    
    override func viewDidLoad() {
        super.viewDidLoad()
        
        // init now web view handler
        let _ = internalWebViewController.webView
        
        self.navigationItem.title = "OAuth"
        let tableView: UITableView = UITableView(frame: self.view.bounds, style: .plain)
        tableView.delegate = self
        tableView.dataSource = self
        self.view.addSubview(tableView)
        
        self.doOAuthWordpress()
    }
    
    // MARK: Fitbit
    func doOAuthWordpress(){
        let oauthswift = OAuth1Swift(
            consumerKey:    "xxx", // Hard coded for now
            consumerSecret: "yyy", // Hard coded for now
            requestTokenUrl: "http://example.us/oauth1/request",
            authorizeUrl:    "http://example.us/oauth1/authorize",
            accessTokenUrl:  "http://example.us/oauth1/access"
        )
        
        self.oauthswift = oauthswift
        oauthswift.authorizeURLHandler = getURLHandler()
        
        let _ = oauthswift.authorize(
            withCallbackURL: URL(string: "oauth-swift://oauth-callback/wordpress")!,
            success: { credential, response, parameters in
                self.showTokenAlert(name: "WPTesting", credential: credential)
            },
            failure: { error in
                print(error.description)
            }
        )
    }
    
    // MARK: handler
    
    func getURLHandler() -> OAuthSwiftURLHandlerType {
        if internalWebViewController.parent == nil {
            self.addChildViewController(internalWebViewController)
        }
        return internalWebViewController
    }
    
    func showTokenAlert(name: String?, credential: OAuthSwiftCredential) {
        var message = "oauth_token:\(credential.oauthToken)"
        if !credential.oauthTokenSecret.isEmpty {
            message += "\n\noauth_toke_secret:\(credential.oauthTokenSecret)"
        }
        self.showAlertView(title: name ?? "Service", message: message)
        
    }
    
    func showAlertView(title: String, message: String) {
        let alert = UIAlertController(title: title, message: message, preferredStyle: UIAlertControllerStyle.alert)
        alert.addAction(UIAlertAction(title: "Close", style: UIAlertActionStyle.default, handler: nil))
        self.present(alert, animated: true, completion: nil)
    }
    
}

OAuth Provider (WordPress):

WP REST API - OAuth 1.0a Server

OAuth Version:

  • Version 1
  • Version 2

OS (Please fill the version) :

  • iOS :
  • OSX :
  • TVOS :
  • WatchOS :

Installation method:

  • Carthage
  • CocoaPods
  • Manually

Library version:

  • head
  • v1.0.0
  • v0.6
  • other: (Please fill in the version you are using.)

Xcode version:

  • 8.0 (Swift 3.0)

  • 8.0 (Swift 2.3)

  • 7.3.1

  • other: (8.1)

  • objective c

Originally created by @phamdacloc on GitHub (Nov 5, 2016). Original GitHub issue: https://github.com/OAuthSwift/OAuthSwift/issues/306 ### Description: I'm running OAuth1 against wordpress but receiving 400 error code: "No OAuth parameters supplied" ``` requestError[Error Domain=NSURLErrorDomain Code=400 "HTTP Status 400: Bad Request, Response: No OAuth parameters supplied" UserInfo={NSErrorFailingURLKey=http://example.us/oauth1/request, NSLocalizedDescription=HTTP Status 400: Bad Request, Response: No OAuth parameters supplied, Response-Headers={ "Access-Control-Allow-Headers" = Authorization; Connection = "keep-alive"; "Content-Type" = "text/html; charset=UTF-8"; Date = "Sat, 05 Nov 2016 14:13:54 GMT"; "Keep-Alive" = "timeout=15"; Server = nginx; "Transfer-Encoding" = Identity; }, OAuthSwiftError.response=<NSHTTPURLResponse: 0x600000032320> { URL: http://example.us/oauth1/request } { status code: 400, headers { "Access-Control-Allow-Headers" = Authorization; Connection = "keep-alive"; "Content-Type" = "text/html; charset=UTF-8"; Date = "Sat, 05 Nov 2016 14:13:54 GMT"; "Keep-Alive" = "timeout=15"; Server = nginx; "Transfer-Encoding" = Identity; } }, OAuthSwiftError.response.data=<4e6f204f 41757468 20706172 616d6574 65727320 73757070 6c696564>, Response-Body=No OAuth parameters supplied}] ``` Here is the test functions: ``` class ViewController: OAuthViewController { // oauth swift object (retain) var oauthswift: OAuthSwift? lazy var internalWebViewController: WebViewController = { let controller = WebViewController() controller.view = UIView(frame: UIScreen.main.bounds) // needed if no nib or not loaded from storyboard controller.delegate = self controller.viewDidLoad() // allow WebViewController to use this ViewController as parent to be presented return controller }() } extension ViewController { override func viewDidLoad() { super.viewDidLoad() // init now web view handler let _ = internalWebViewController.webView self.navigationItem.title = "OAuth" let tableView: UITableView = UITableView(frame: self.view.bounds, style: .plain) tableView.delegate = self tableView.dataSource = self self.view.addSubview(tableView) self.doOAuthWordpress() } // MARK: Fitbit func doOAuthWordpress(){ let oauthswift = OAuth1Swift( consumerKey: "xxx", // Hard coded for now consumerSecret: "yyy", // Hard coded for now requestTokenUrl: "http://example.us/oauth1/request", authorizeUrl: "http://example.us/oauth1/authorize", accessTokenUrl: "http://example.us/oauth1/access" ) self.oauthswift = oauthswift oauthswift.authorizeURLHandler = getURLHandler() let _ = oauthswift.authorize( withCallbackURL: URL(string: "oauth-swift://oauth-callback/wordpress")!, success: { credential, response, parameters in self.showTokenAlert(name: "WPTesting", credential: credential) }, failure: { error in print(error.description) } ) } // MARK: handler func getURLHandler() -> OAuthSwiftURLHandlerType { if internalWebViewController.parent == nil { self.addChildViewController(internalWebViewController) } return internalWebViewController } func showTokenAlert(name: String?, credential: OAuthSwiftCredential) { var message = "oauth_token:\(credential.oauthToken)" if !credential.oauthTokenSecret.isEmpty { message += "\n\noauth_toke_secret:\(credential.oauthTokenSecret)" } self.showAlertView(title: name ?? "Service", message: message) } func showAlertView(title: String, message: String) { let alert = UIAlertController(title: title, message: message, preferredStyle: UIAlertControllerStyle.alert) alert.addAction(UIAlertAction(title: "Close", style: UIAlertActionStyle.default, handler: nil)) self.present(alert, animated: true, completion: nil) } } ``` ### OAuth Provider (WordPress): WP REST API - OAuth 1.0a Server ### OAuth Version: - [x] Version 1 - [ ] Version 2 ### OS (Please fill the version) : - [x] iOS : - [ ] OSX : - [ ] TVOS : - [ ] WatchOS : ### Installation method: - [ ] Carthage - [ ] CocoaPods - [x] Manually ### Library version: - [ ] head - [x] v1.0.0 - [ ] v0.6 - [ ] other: (Please fill in the version you are using.) ### Xcode version: - [ ] 8.0 (Swift 3.0) - [ ] 8.0 (Swift 2.3) - [ ] 7.3.1 - [x] other: (8.1) - [ ] objective c
kerem 2026-03-03 16:46:28 +03:00
kerem commented 2026-03-03 16:46:29 +03:00
Author
Owner
Copy link

@phimage commented on GitHub (Nov 5, 2016):

did you try with other API (python, php?)
are your wordpress well setup for oauth

try in a .htaccess file

RewriteRule ^index\.php$ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
<!-- gh-comment-id:258621024 --> @phimage commented on GitHub (Nov 5, 2016): did you try with other API (python, php?) are your wordpress well setup for oauth try in a .htaccess file ``` RewriteRule ^index\.php$ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L] ```
kerem commented 2026-03-03 16:46:29 +03:00
Author
Owner
Copy link

@phamdacloc commented on GitHub (Nov 5, 2016):

No I haven't tried with other languages other than Swift. However, I did tried with Postman and it worked. On WordPress, I installed WP REST API and WP REST API - OAuth 1.0a Server plugins.

<!-- gh-comment-id:258634587 --> @phamdacloc commented on GitHub (Nov 5, 2016): No I haven't tried with other languages other than Swift. However, I did tried with Postman and it worked. On WordPress, I installed `WP REST API` and `WP REST API - OAuth 1.0a Server` plugins.
kerem commented 2026-03-03 16:46:29 +03:00
Author
Owner
Copy link

@phamdacloc commented on GitHub (Nov 5, 2016):

How exactly do I edit .htaccess file? Here is the old .htaccess

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule> 
# END WordPress

With your suggestion, am I suppose to add it to the end like below?

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
RewriteRule ^index\.php$ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
</IfModule> 
# END WordPress
<!-- gh-comment-id:258635572 --> @phamdacloc commented on GitHub (Nov 5, 2016): How exactly do I edit .htaccess file? Here is the old .htaccess ``` # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> # END WordPress ``` With your suggestion, am I suppose to add it to the end like below? ``` # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] RewriteRule ^index\.php$ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L] </IfModule> # END WordPress ```
kerem commented 2026-03-03 16:46:29 +03:00
Author
Owner
Copy link

@phimage commented on GitHub (Nov 5, 2016):

332750b9f6 just tested now into the demo app
no problem...

using master head version (now oauthSwift >1.1.0)
after creating the "Application" into wordpress admin

<!-- gh-comment-id:258649658 --> @phimage commented on GitHub (Nov 5, 2016): 332750b9f64d8580fd0be0af7a2b5babd3d6e9f6 just tested now into the demo app no problem... using master head version (now oauthSwift >1.1.0) after creating the "Application" into wordpress admin
kerem commented 2026-03-03 16:46:29 +03:00
Author
Owner
Copy link

@phamdacloc commented on GitHub (Nov 6, 2016):

I tried the latest OAuthSwift tip 1.1.0 on my Wordpress site. The current demo project has both Allow Arbitrary Loads and Allow Arbitrary Loads in Web Content turned on under App Transport Security Settings. With those, I still received:
App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file.
However, when I added NSExceptionAllowsInsecureHTTPLoads under the Exception Domains then the warning goes away. But i'm still struck with OAuthSwiftError error -11
What does -11 exception means in this case as I'm not able to get a success oauthswift.authorize() call.

/Users/phamdacloc/Library/Developer/CoreSimulator/Devices/61D233FA-25C2-4C5E-9267-B99D13804064/data/Containers/Data/Application/AB0C2D1D-B7FA-4C2A-B257-81123A780722/Documents/.oauth/Services.plist
2016-11-06 09:06:30.879261 OAuthSwiftDemo[8877:571269] [] nw_host_stats_add_src recv too small, received 24, expected 28
2016-11-06 09:06:30.881917 OAuthSwiftDemo[8877:571269] [] ____nwlog_simulate_crash_inner_block_invoke dlopen CrashReporterSupport failed
2016-11-06 09:06:30.882109 OAuthSwiftDemo[8877:571269] [] __nwlog_err_simulate_crash simulate crash failed "nw_socket_set_common_sockopts setsockopt SO_NOAPNFALLBK failed: [42] Protocol not available"
2016-11-06 09:06:30.882767 OAuthSwiftDemo[8877:571269] [] nw_socket_set_common_sockopts setsockopt SO_NOAPNFALLBK failed: [42] Protocol not available, dumping backtrace:
        [x86_64] libnetcore-856.20.4
    0   libsystem_network.dylib             0x00000001087ee682 __nw_create_backtrace_string + 123
    1   libnetwork.dylib                    0x0000000108acb932 nw_socket_add_input_handler + 3100
    2   libnetwork.dylib                    0x0000000108aa94f4 nw_endpoint_flow_attach_protocols + 3768
    3   libnetwork.dylib                    0x0000000108aa8511 nw_endpoint_flow_setup_socket + 563
    4   libnetwork.dylib                    0x0000000108aa7270 -[NWConcrete_nw_endpoint_flow startWithHandler:] + 2612
    5   libnetwork.dylib                    0x0000000108ac244d nw_endpoint_handler_path_change + 1261
    6   libnetwork.dylib                    0x0000000108ac1e7c nw_endpoint_handler_start + 570
    7   libnetwork.dylib                    0x0000000108ad9ae5 nw_endpoint_resolver_start_next_child + 2240
    8   libdispatch.dylib                   0x000000010856b980 _dispatch_call_block_and_release + 12
    9   libdispatch.dylib                   0x00000001085950cd _dispatch_client_callout + 8
    10  libdispatch.dylib                   0x0000000108572e6b _dispatch_queue_serial_drain + 236
    11  libdispatch.dylib                   0x0000000108573b9f _dispatch_queue_invoke + 1073
    12  libdispatch.dylib                   0x00000001085763b7 _dispatch_root_queue_drain + 720
    13  libdispatch.dylib                   0x000000010857608b _dispatch_worker_thread3 + 123
    14  libsystem_pthread.dylib             0x000000010893e4de _pthread_wqthread + 1129
    15  libsystem_pthread.dylib             0x000000010893c341 start_wqthread + 13
The operation couldn’t be completed. (OAuthSwiftError error -11.)
<!-- gh-comment-id:258691301 --> @phamdacloc commented on GitHub (Nov 6, 2016): I tried the latest OAuthSwift tip 1.1.0 on my Wordpress site. The current demo project has both `Allow Arbitrary Loads` and `Allow Arbitrary Loads in Web Content` turned on under `App Transport Security Settings`. With those, I still received: `App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file.` However, when I added `NSExceptionAllowsInsecureHTTPLoads` under the `Exception Domains` then the warning goes away. But i'm still struck with **OAuthSwiftError error -11** What does -11 exception means in this case as I'm not able to get a success `oauthswift.authorize()` call. ``` /Users/phamdacloc/Library/Developer/CoreSimulator/Devices/61D233FA-25C2-4C5E-9267-B99D13804064/data/Containers/Data/Application/AB0C2D1D-B7FA-4C2A-B257-81123A780722/Documents/.oauth/Services.plist 2016-11-06 09:06:30.879261 OAuthSwiftDemo[8877:571269] [] nw_host_stats_add_src recv too small, received 24, expected 28 2016-11-06 09:06:30.881917 OAuthSwiftDemo[8877:571269] [] ____nwlog_simulate_crash_inner_block_invoke dlopen CrashReporterSupport failed 2016-11-06 09:06:30.882109 OAuthSwiftDemo[8877:571269] [] __nwlog_err_simulate_crash simulate crash failed "nw_socket_set_common_sockopts setsockopt SO_NOAPNFALLBK failed: [42] Protocol not available" 2016-11-06 09:06:30.882767 OAuthSwiftDemo[8877:571269] [] nw_socket_set_common_sockopts setsockopt SO_NOAPNFALLBK failed: [42] Protocol not available, dumping backtrace: [x86_64] libnetcore-856.20.4 0 libsystem_network.dylib 0x00000001087ee682 __nw_create_backtrace_string + 123 1 libnetwork.dylib 0x0000000108acb932 nw_socket_add_input_handler + 3100 2 libnetwork.dylib 0x0000000108aa94f4 nw_endpoint_flow_attach_protocols + 3768 3 libnetwork.dylib 0x0000000108aa8511 nw_endpoint_flow_setup_socket + 563 4 libnetwork.dylib 0x0000000108aa7270 -[NWConcrete_nw_endpoint_flow startWithHandler:] + 2612 5 libnetwork.dylib 0x0000000108ac244d nw_endpoint_handler_path_change + 1261 6 libnetwork.dylib 0x0000000108ac1e7c nw_endpoint_handler_start + 570 7 libnetwork.dylib 0x0000000108ad9ae5 nw_endpoint_resolver_start_next_child + 2240 8 libdispatch.dylib 0x000000010856b980 _dispatch_call_block_and_release + 12 9 libdispatch.dylib 0x00000001085950cd _dispatch_client_callout + 8 10 libdispatch.dylib 0x0000000108572e6b _dispatch_queue_serial_drain + 236 11 libdispatch.dylib 0x0000000108573b9f _dispatch_queue_invoke + 1073 12 libdispatch.dylib 0x00000001085763b7 _dispatch_root_queue_drain + 720 13 libdispatch.dylib 0x000000010857608b _dispatch_worker_thread3 + 123 14 libsystem_pthread.dylib 0x000000010893e4de _pthread_wqthread + 1129 15 libsystem_pthread.dylib 0x000000010893c341 start_wqthread + 13 The operation couldn’t be completed. (OAuthSwiftError error -11.) ```
kerem commented 2026-03-03 16:46:29 +03:00
Author
Owner
Copy link

@phimage commented on GitHub (Nov 6, 2016):

please read code to know -11 meaning
OAuthSwiftError => request error, with inside a cause NSError

Did you see your wordpress into webview to login? (please when you describe a problem, describe all the scenario...) have you access to it from simulator
try osx demo

<!-- gh-comment-id:258692118 --> @phimage commented on GitHub (Nov 6, 2016): please read code to know -11 meaning OAuthSwiftError => request error, with inside a cause NSError Did you see your wordpress into webview to login? (please when you describe a problem, describe all the scenario...) have you access to it from simulator try osx demo
kerem commented 2026-03-03 16:46:29 +03:00
Author
Owner
Copy link

@phamdacloc commented on GitHub (Nov 6, 2016):

No I did not see any internal webview that would display the wordpress login. As described above, the code took the failure path on function authorize(withCallbackURL callbackURL: URL, success: @escaping TokenSuccessHandler, failure: FailureHandler?) -> OAuthSwiftRequestHandle?

I will try the osx demo.

<!-- gh-comment-id:258692594 --> @phamdacloc commented on GitHub (Nov 6, 2016): No I did not see any internal webview that would display the wordpress login. As described above, the code took the failure path on function `authorize(withCallbackURL callbackURL: URL, success: @escaping TokenSuccessHandler, failure: FailureHandler?) -> OAuthSwiftRequestHandle?` I will try the osx demo.
kerem commented 2026-03-03 16:46:29 +03:00
Author
Owner
Copy link

@phamdacloc commented on GitHub (Nov 6, 2016):

osx demo has the same request error: (OAuthSwiftError error -11.)
Do you mind share the .htaccess file you used that gave you a successful run?
Thanks

<!-- gh-comment-id:258693114 --> @phamdacloc commented on GitHub (Nov 6, 2016): osx demo has the same request error: (OAuthSwiftError error -11.) Do you mind share the .htaccess file you used that gave you a successful run? Thanks
kerem commented 2026-03-03 16:46:29 +03:00
Author
Owner
Copy link

@phimage commented on GitHub (Nov 6, 2016):

no .htaccess, it was a sugestion due to google result
just a fresh wordpress installation

try to update your wordpress and plugins...
I will stop to help without more information. I cannot reproduce your issue

<!-- gh-comment-id:258695326 --> @phimage commented on GitHub (Nov 6, 2016): no .htaccess, it was a sugestion due to google result just a fresh wordpress installation try to update your wordpress and plugins... I will stop to help without more information. I cannot reproduce your issue
kerem commented 2026-03-03 16:46:30 +03:00
Author
Owner
Copy link

@phamdacloc commented on GitHub (Nov 6, 2016):

My site is a fresh install too. I've also installed the two plugins:
WordPress REST API (Version 2) <-- 2.0-beta15
WordPress REST API - OAuth 1.0a Server <-- 0.3.0

This still left me with OAuthSwiftError error -11.

Is anyone other than phimage had a successful authentication with their wordpress?

<!-- gh-comment-id:258696337 --> @phamdacloc commented on GitHub (Nov 6, 2016): My site is a fresh install too. I've also installed the two plugins: WordPress REST API (Version 2) <-- 2.0-beta15 WordPress REST API - OAuth 1.0a Server <-- 0.3.0 This still left me with OAuthSwiftError error -11. Is anyone other than phimage had a successful authentication with their wordpress?
kerem commented 2026-03-03 16:46:30 +03:00
Author
Owner
Copy link

@phamdacloc commented on GitHub (Nov 7, 2016):

Looking through OAuthSwift code, particularly OAuthSwiftClient.post() function, I noticed the OAuthSwift.Headers and body arguments were nil. I can't find anywhere in the code which actually sets OAuthSwift.Headers. Is that expected when you're trying to post a token request operation? If I understand correctly, OAuthSwiftClient.post() is only sending the oauth_callback but not the consumer key nor consumer secret.

One other note, in Postman, I have to tick Add empty params to signature for the request to be successful. Is that something required in OAuthSwift as well?

Thanks

<!-- gh-comment-id:258744133 --> @phamdacloc commented on GitHub (Nov 7, 2016): Looking through OAuthSwift code, particularly `OAuthSwiftClient.post()` function, I noticed the `OAuthSwift.Headers` and `body` arguments were `nil`. I can't find anywhere in the code which actually sets `OAuthSwift.Headers`. Is that expected when you're trying to post a token request operation? If I understand correctly, `OAuthSwiftClient.post()` is only sending the `oauth_callback` but not the consumer key nor consumer secret. One other note, in Postman, I have to tick `Add empty params to signature` for the request to be successful. Is that something required in OAuthSwift as well? Thanks
kerem commented 2026-03-03 16:46:30 +03:00
Author
Owner
Copy link

@phimage commented on GitHub (Nov 7, 2016):

If your are successfully logged , post request send the token and token secret (not consumer key and secret)

post functions have parameters, there is plenty of example into demo app
and it's work like other API.

You can fill body yourself or parameters with a dictionary , and parameters will be converted into an "application/x-www-form-urlencoded" body

<!-- gh-comment-id:258770172 --> @phimage commented on GitHub (Nov 7, 2016): If your are successfully logged , post request send the token and token secret (not consumer key and secret) post functions have parameters, there is plenty of example into demo app and it's work like other API. You can fill body yourself or `parameters` with a dictionary , and parameters will be converted into an "application/x-www-form-urlencoded" body
kerem commented 2026-03-03 16:46:30 +03:00
Author
Owner
Copy link

@phamdacloc commented on GitHub (Nov 7, 2016):

I never had a successful logged on, this is where I'm stuck at. OAuth1 protocol requires three steps:

  1. request
  2. authorize
  3. access

OAuthSwift execute the first step by sending a POST request to /oauth1/request endpoint. When sending the POST request, the following info should be sent:

oauth_consumer_key
oauth_consumer_secret
oauth_timestamp
oauth_nonce
oauth_signature
oauth_signature_method
oath_callback
oauth_version (optional)

This is where i'm lost because when I set the breakpoint at OAuthSwiftClient.post() for the /oauth1/request endpoint, the only data is see is oath_callback while OAuthSwift.Headers and body were both nil.

<!-- gh-comment-id:258832462 --> @phamdacloc commented on GitHub (Nov 7, 2016): I never had a successful logged on, this is where I'm stuck at. OAuth1 protocol requires three steps: 1) request 2) authorize 3) access OAuthSwift execute the first step by sending a `POST` request to `/oauth1/request` endpoint. When sending the `POST` request, the following info should be sent: ``` oauth_consumer_key oauth_consumer_secret oauth_timestamp oauth_nonce oauth_signature oauth_signature_method oath_callback oauth_version (optional) ``` This is where i'm lost because when I set the breakpoint at `OAuthSwiftClient.post()` for the `/oauth1/request` endpoint, the only data is see is `oath_callback` while `OAuthSwift.Headers` and `body` were both nil.
kerem commented 2026-03-03 16:46:30 +03:00
Author
Owner
Copy link

@phimage commented on GitHub (Nov 7, 2016):

you try to understand oauth1 to debug?

all flow is done in https://github.com/OAuthSwift/OAuthSwift/blob/master/Sources/OAuth1Swift.swift

there is

self.authorizeURLHandler.handle(queryURL)

this is where a view is presented to user to login and authorize app
put a breakpoint here

the signing process is done in request
https://github.com/OAuthSwift/OAuthSwift/blob/master/Sources/OAuthSwiftHTTPRequest.swift

<!-- gh-comment-id:258837004 --> @phimage commented on GitHub (Nov 7, 2016): you try to understand oauth1 to debug? all flow is done in https://github.com/OAuthSwift/OAuthSwift/blob/master/Sources/OAuth1Swift.swift there is ``` swift self.authorizeURLHandler.handle(queryURL) ``` this is where a view is presented to user to login and authorize app put a breakpoint here the signing process is done in request https://github.com/OAuthSwift/OAuthSwift/blob/master/Sources/OAuthSwiftHTTPRequest.swift
kerem commented 2026-03-03 16:46:30 +03:00
Author
Owner
Copy link

@phamdacloc commented on GitHub (Nov 10, 2016):

Could the OAuthSwiftError error -11 be related to my website being http and not https?

Also, I noticed when performing POST request via Postman for http://example.us/oauth/request endpoint, empty parameter must be added to the signature for it to work. If that option is left blank, I'd get OAuth signature does not match error. I'm wondering if that is related to my problem.
Thanks.

<!-- gh-comment-id:259590236 --> @phamdacloc commented on GitHub (Nov 10, 2016): Could the `OAuthSwiftError error -11` be related to my website being http and not https? Also, I noticed when performing `POST` request via Postman for http://example.us/oauth/request endpoint, empty parameter must be added to the signature for it to work. If that option is left blank, I'd get `OAuth signature does not match` error. I'm wondering if that is related to my problem. Thanks.
kerem commented 2026-03-03 16:46:30 +03:00
Author
Owner
Copy link

@phimage commented on GitHub (Nov 10, 2016):

please refer -11 as requestError. This error could be many things, you have an underlying error for that...

<!-- gh-comment-id:259603215 --> @phimage commented on GitHub (Nov 10, 2016): please refer -11 as `requestError`. This error could be many things, you have an underlying error for that...
kerem commented 2026-03-03 16:46:30 +03:00
Author
Owner
Copy link

@phamdacloc commented on GitHub (Nov 10, 2016):

Eric, the Wordpress website that you had a success request before is http or https?

<!-- gh-comment-id:259628157 --> @phamdacloc commented on GitHub (Nov 10, 2016): Eric, the Wordpress website that you had a success request before is http or https?
kerem commented 2026-03-03 16:46:30 +03:00
Author
Owner
Copy link

@phimage commented on GitHub (Nov 10, 2016):

see demo app : http://localhost/wordpress

<!-- gh-comment-id:259629997 --> @phimage commented on GitHub (Nov 10, 2016): see demo app : http://localhost/wordpress
kerem commented 2026-03-03 16:46:30 +03:00
Author
Owner
Copy link

@phamdacloc commented on GitHub (Nov 10, 2016):

Yep i saw the demo app. I wasn't sure if you entered in a different url in your services.plist file. So seems like we're having a totally different environment. Mine is on production site and yours is on a localhost development.

<!-- gh-comment-id:259631189 --> @phamdacloc commented on GitHub (Nov 10, 2016): Yep i saw the demo app. I wasn't sure if you entered in a different url in your services.plist file. So seems like we're having a totally different environment. Mine is on production site and yours is on a localhost development.
kerem commented 2026-03-03 16:46:30 +03:00
Author
Owner
Copy link

@kangho99 commented on GitHub (Dec 2, 2016):

I got into the same situation where the server returns "No OAuth parameters supplied".

If you made the same mistake I made, this should solve it:
Make sure the "callback" url in your wordpress application settings (where you get the key / secret from) and the oauth1swift.authorize() -> withCallbackURL parameter matches.

<!-- gh-comment-id:264428754 --> @kangho99 commented on GitHub (Dec 2, 2016): I got into the same situation where the server returns "No OAuth parameters supplied". If you made the same mistake I made, this should solve it: Make sure the "callback" url in your wordpress application settings (where you get the key / secret from) and the oauth1swift.authorize() -> withCallbackURL parameter matches.
kerem commented 2026-03-03 16:46:31 +03:00
Author
Owner
Copy link

@phimage commented on GitHub (Dec 2, 2016):

thanks @kangho99 for the advice

I will close (no activity since 20 day)

<!-- gh-comment-id:264446108 --> @phimage commented on GitHub (Dec 2, 2016): thanks @kangho99 for the advice I will close (no activity since 20 day)
kerem commented 2026-03-03 16:46:31 +03:00
Author
Owner
Copy link

@torrelasley commented on GitHub (Jan 6, 2017):

kangho99's answer was exactly my problem as well. You will get an OAuthSwiftError -11 if the "withCallbackURL" parameter does not match EXACTLY what is in WordPress under Users -> Applications -> App -> Callback

<!-- gh-comment-id:270824790 --> @torrelasley commented on GitHub (Jan 6, 2017): kangho99's answer was exactly my problem as well. You will get an OAuthSwiftError -11 if the "withCallbackURL" parameter does not match EXACTLY what is in WordPress under Users -> Applications -> App -> Callback
kerem commented 2026-03-03 16:46:31 +03:00
Author
Owner
Copy link

@richard-giantrobot commented on GitHub (Jan 9, 2017):

I was having the same issue on Wordpress 4.7 with WP REST API OAuth server 1.0a

Solved it by adding this line before calling the authorize function:

oauthswift.client.paramsLocation = .requestURIQuery

Where oauthswift is a OAuth1Swift instance.

Hope this helps if somebody is having this issue.

<!-- gh-comment-id:271430635 --> @richard-giantrobot commented on GitHub (Jan 9, 2017): I was having the same issue on Wordpress 4.7 with WP REST API OAuth server 1.0a Solved it by adding this line before calling the authorize function: `oauthswift.client.paramsLocation = .requestURIQuery` Where oauthswift is a OAuth1Swift instance. Hope this helps if somebody is having this issue.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
ci/action/danger
ci/action/release-drafter
pkce
ci/action/tvos
ci/travis
2.1.0
2.0.0
fix/fitbiterror
swift3
digu-demo
swift3.0objc
swift2.2
swift2.3
swift2.0
2.2.0
2.1.2
2.1.1
2.1.0
2.0.1
2.0.0
1.4.1
1.4.0
1.3.0
1.2.2
1.2.1
1.2.0
1.1.2
1.1.1
1.1.0
1.0.0
0.6.0
0.5.2
v0.5.2
0.5.1
0.5.0
0.4.8
0.4.6
v0.4.6
0.4.5
v0.4.5
0.4.4
v0.4.4
0.4.3
0.4.2
0.4.1
v0.4.1
0.4.0
v0.4.0
Swift1.x
0.3.7
v0.3.7
0.3.6
v0.3.6
0.3.5
v0.3.5
0.3.4
v0.3.4
0.3.3
v0.3.3
v0.3.2
0.3.2
0.3.1
v0.3.1
0.3.0
v0.3.0
0.2.1
0.2.0
v0.2.0
0.1.9
0.1.8
0.1.7
v0.1.7
v0.1.6
Labels
Clear labels   
bug

   
cocoapod

   
duplicate

   
enhancement

   
feature-request

   
help wanted

   
help wanted

   
invalid

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
wontfix
No labels
bug
cocoapod
duplicate
enhancement
feature-request
help wanted
help wanted
invalid
pull-request
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/OAuthSwift#185
No description provided.