My code is this:
from flask import Flask, render_template, request
import requests
import random
import hmac
import base64
import time # Import the time module for timestamp
from requests_oauthlib import OAuth1
from urllib.parse import quote
app = Flask(__name__)
# Replace these with your actual key values
consumer_key = "xxxxx"
consumer_secret = "xxxxx"
@app.route('/')
def index():
return render_template('index.html')
@app.route('/process_tokens', methods=\['POST'\])
def process_tokens():
request_token = request.form\['request_token'\]
oauth_verifier = request.form\['oauth_verifier'\]
# Step 3: Acquire User Access Token
access_token_url = "https://connectapi.garmin.com/oauth-service/oauth/access_token"
# Create OAuth1 instance for token exchange
auth = OAuth1(
consumer_key,
client_secret=consumer_secret,
resource_owner_key=request_token,
verifier=oauth_verifier,
signature_method="HMAC-SHA1",
nonce=str(random.randint(100000000, 999999999)), # Use only digits for the nonce
)
# Build the request URL
url = access_token_url
# Include the OAuth parameters in the request
params = {
"oauth_consumer_key": consumer_key,
"oauth_nonce": str(random.randint(100000000, 999999999)),
"oauth_signature_method": "HMAC-SHA1",
"oauth_timestamp": str(int(time.time())), # Import time for the timestamp
"oauth_token": request_token,
"oauth_verifier": oauth_verifier,
"oauth_version": "1.0",
}
# Sort parameters alphabetically
params_str = "&".join([f"{quote(key)}={quote(params[key])}" for key in sorted(params.keys())])
# Construct the signature base string
signature_base_string = f"POST&{quote(url, safe='')}&{quote(params_str, safe='')}"
# Update the auth instance with the sorted parameters and signature base string
auth.resource_owner_key = request_token
auth.verifier = oauth_verifier
auth.signature_base_string = signature_base_string
# Calculate HMAC-SHA1 signature
consumer_secret_encoded = quote(consumer_secret, safe='')
key = f"{consumer_secret_encoded}&".encode()
signature = hmac.new(key, signature_base_string.encode(), 'sha1')
signature_base64 = base64.b64encode(signature.digest()).decode()
auth.signature = quote(signature_base64, safe='')
# Make the request
response = requests.post(url, auth=auth, data=params)
# Check if the request was successful
if response.status_code == 200:
access_token_data = dict(param.split("=") for param in response.text.split("&"))
user_access_token = access_token_data["oauth_token"]
user_access_token_secret = access_token_data["oauth_token_secret"]
# Perform actions to add the user to your app in Garmin
# You can customize this part based on your application's logic
return f"User added to your app! User Access Token: {user_access_token}"
else:
return f"Error acquiring User Access Token. Response: {response.text}"
if __name__ == '__main__':
app.run(debug=True)
I am getting this error:
Error acquiring User Access Token. Response:
HTTP Status 401 – Unauthorized
Type Status ReportMessage Invalid signature for signature method HMAC-SHA1
Description The request has not been applied to the target resource because it lacks valid authentication credentials for that resource.
Garmin Connect API Server
I think it could be request user access token or signature or the order of the signature or the encoding/decoding. Not sure.