I want to use the Magento 1.x REST API to obtain all the products from the webshop. It uses OAUTH1 but I have some trouble getting it to work using PHP and Guzzle. I have the following information:
$consumerKey = '..';
$consumerSecret = '..';
$token = '..';
$tokenSecret = '..';
Using Postman I can already obtain all the products so I know for sure that the values are correct. My question now is how do I create the signature? I have the following code but it seems to be wrong:
private function buildSignature()
{
$nonce = uniqid(mt_rand(1, 1000));
$timestamp = time();
$consumerKey = 'xx';
$consumerSecret = 'xx';
$token = 'xx';
$tokenSecret = 'xx';
$base = 'GET&'. rawurlencode('https://www.magentoshop.com/api/rest/products') .'&'.
rawurlencode('oauth_consumer_key='. $consumerKey) .'&'.
rawurlencode('oauth_nonce='. $nonce) .'&'.
rawurlencode('oauth_signature_method=HMAC-SHA1') .'&'.
rawurlencode('oauth_timestamp='. $timestamp) .'&'.
rawurlencode('oauth_token='. $token) .'&'.
rawurlencode('oauth_version=1.0')
;
$key = rawurlencode($consumerSecret) .'&'. rawurlencode($tokenSecret);
return base64_encode(hash_hmac('sha1', $base, $key, true));
}
The response I get is always: "{"messages":{"error":[{"code":401,"message":"oauth_problem=signature_invalid"}]}}"
What am I doing wrong?