I am trying to access a V3 version of the WooCommerce REST API using oAuth for authentication over SSL.
The WordPress instance where WooCommerce is running which I am calling against is hosted using AWS Elastic Beanstalk.
When trying to use oAuth I am getting a 401 response.
The URL that the request is made against is
https://www.example.com/wc-api/v3/products?oauth_consumer_key=[my_key]&oauth_nonce=[nonce]&oauth_signature=[signature]%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1453572852&oauth_token=&oauth_version=1.0&filter%5Blimit%5D=500
As part of the response I get
[WWW-Authenticate] => Array
(
[0] => Basic realm="WooCommerce API. Use a consumer key in the username field and a consumer secret in the password field"
)
I know the consumer key and secret I am using are fine, as I have been able to use them within a basic authentication request to the same site successfully.
I have tested the same oAuth code against a non-ssl address in my development environment (this is not on AWS) which worked fine.
I know WooCommerce say you must use oAuth for requests on http addresses – but is the opposite the case where you cannot use oAuth for requests on https? Or is there something I need to configure server side which is likely different between my dev environment and the production environment on AWS?
If you look at
woocommerce/includes/api/class-wc-api-authentication.phptheauthenticatefunction says:which means you can not use oAuth for https. (According to woocommerce you need not.)