Build OAuth request in PHP

I am trying to retrieve a FIT file but am stuck structuring the request. I'm using PHP on a hosted Ubuntu server.

I have registered with Garmin Health API and have a consumer key and secret, and a user access token and secret, and a callback URL so I should be able to retrieve the data, but I have spent three days trying to build the base string to get a signature but all I get the I use it is "Invalid OAuth signature".

Garmin sends me the following JSON

{"activityFiles":[{"userId":"f3d251ed-e12f-470f-9589-3bcb8a49eda8","userAccessToken":"1033030f-5847-4d90-9e10-3bb7fe1e29f8","summaryId":"39092291772","fileType":"FIT","callbackURL":"https://healthapi.garmin.com/wellness-api/rest/activityFile?id=31174708306","startTimeInSeconds":1566006366}]}

I am unable to generate a successful signature and request header with the following variables:

$request = 'Authorization: OAuth';
$request .=' oauth_consumer_key="'.$oauth_consumer_key.'"';
$request .= ', oauth_nonce="'.$oauth_nonce.'"';
$request .= ', oauth_signature_method="HMAC-SHA1'.'"';
$request .= ', oauth_signature="'.$oauth_signature.'"';

I have tried using the PHP libraries recommended in the OAuth SDK doco:

"Note:Implementing OAuth signing manually can be quite complex. It is recommended that all partner integrations leverage an existing OAuth client library. A list of OAuth libraries that supposed OAuth v1.0 by language is maintained at https://oauth.net/1/."

but I can't get to first base on implementation as I can't interpret the user notes.

Has anyone used either of the PHP packages : "PHP OAuth client" or "OAuth component for CakePHP" ?

Top Replies

2292878 over 4 years ago +2

Alan.raceQs what did you use to authentication process? I am trying to authenticate the user at the access_token URL but I receive Invalid Signature information after agreeing at the Garmin website. Everything…

All Replies

+1 Alan.raceQs over 4 years ago

This turned out to be much more involved than it appears in the documentation. With the much appreciated assistance of an engineer at Garmin Health I finally have the incantation required to build the signature and retrieve the Fit file.

No libraries were used, it was straightforward PHP and Curl.

(The Forum prevents me from pasting the code into a Code insert as it presents a captcha screen that is too small for the images!)

0 carbwhisperer over 4 years ago in reply to Alan.raceQs

I'd be interested to see your solution, currently struggling with how to retrieve the activity files.

0 2292878 over 4 years ago

Alan.raceQs what did you use to authentication process? I am trying to authenticate the user at the access_token URL but I receive Invalid Signature information after agreeing at the Garmin website. Everything seems to be ok with HTTP header and calculated signature (base string and key)... Can you send an example of your code? This process is like a nightmare.... :(