Auth 1.0 oauth_signature creation Android for magento API

We didn't need to pass all the attribute as auth, retrofit itself handle this, we need to pass only the CONSUMER_KEY, CONSUMER_SECRET, ACCESS_TOKEN and TOKEN_SECRET.

By following this

ApiUtils class will be like,

Kotlin

class ApiUtils {
companion object {
    fun getAPIService(): APIService? {
        val consumer = OkHttpOAuthConsumer(BuildConfig.CONSUMER_KEY, BuildConfig.CONSUMER_SECRET)
        consumer.setTokenWithSecret(BuildConfig.ACCESS_TOKEN, BuildConfig.TOKEN_SECRET)
        return RetrofitClient.getClient(BuildConfig.BASE_URL, consumer)?.create(APIService::class.java)
    }
}

}

Android Java

public class ApiUtils {

    private ApiUtils() {
    }

    private static final String BASE_URL = BuildConfig.BASE_URL;

    public static APIService getAPIService() {

        OkHttpOAuthConsumer consumer = new OkHttpOAuthConsumer(BuildConfig.CONSUMER_KEY, BuildConfig.CONSUMER_SECRET);
        consumer.setTokenWithSecret(BuildConfig.ACCESS_TOKEN, BuildConfig.TOKEN_SECRET);

        OkHttpClient client = new OkHttpClient.Builder()
                .addInterceptor(new SigningInterceptor(consumer))
                .build();
        return RetrofitClient.getClient(BASE_URL, client).create(APIService.class);
    }
}

and for RetrofitClient Class

Kotlin

    class RetrofitClient {
    companion object {
        private var retrofit: Retrofit? = null
        private val gSON = GsonBuilder()
            .setLenient()
            .create()

        fun getClient(baseUrl: String, consumer: OkHttpOAuthConsumer): Retrofit? {
            val logging = HttpLoggingInterceptor()
            if (BuildConfig.DEBUG) {
                logging.level = HttpLoggingInterceptor.Level.BODY
            } else {
                logging.level = HttpLoggingInterceptor.Level.NONE
            }

            val httpClient = OkHttpClient.Builder()
            httpClient.connectTimeout(60000, TimeUnit.SECONDS)
            httpClient.writeTimeout(120000, TimeUnit.SECONDS)
            httpClient.readTimeout(120000, TimeUnit.SECONDS)
            httpClient.retryOnConnectionFailure(true)
            httpClient.addInterceptor(SigningInterceptor(consumer))
            httpClient.addInterceptor { chain ->
                val request = chain.request()
                val requestBuilder = request.newBuilder()
                    .header(HEADER_CONTENT_TYPE_KEY, PreferenceHandler.getContentType())
                    .header(HEADER_ACCEPT_KEY, PreferenceHandler.getAcceptType())
                    .header(HEADER_CACHE_CONTROL_KEY, PreferenceHandler.getCacheControl())
                val modifiedRequest = requestBuilder.build()
                chain.proceed(modifiedRequest)
            }

            httpClient.addNetworkInterceptor(logging)

            if (retrofit == null) {
                retrofit = Retrofit.Builder()
                    .baseUrl(baseUrl)
                    .addConverterFactory(GsonConverterFactory.create(gSON))
                    .client(httpClient.build())
                    .build()
            }
            return retrofit
        }

    }
}

Android java

public class RetrofitClient {

    private static Retrofit retrofit = null;

    public static Retrofit getClient(String baseUrl,OkHttpClient client) {
        if (retrofit == null) {
            retrofit = new Retrofit.Builder()
                    .baseUrl(baseUrl)
                    .client(client)
                    .addConverterFactory(GsonConverterFactory.create())
                    .build();
        }
        return retrofit;
    }
}

For Oauth i dont think you should be passing CS and TS . You need to concatenate a set of URL-encoded attributes and parameters to construct the signature base string. please refer - devdocs.magento.com/guides/v2.0/get-started/authentication/

so in other words, one of the params in SHA1 will be an encoded url and it should be in a specific format starting with HTTP method.

enter image description here

the url should contains the above params before encoding.

i did a similar Oauth authentication in Woocommerce API for android please refer this gist url for more info.

https://gist.github.com/Muneefm/f4c08b2aa3accd57fa890156f74e619a

in this check the method called getLoginUrl() . in which i have concatenate the url.