Never mind, a JSON escape issue with wbeditentity. The API error message was somewhat misleading ;-)
On Fri, Mar 10, 2017 at 8:23 PM Magnus Manske magnusmanske@googlemail.com wrote:
My trusty WiDaR OAuth-based tool is throwing errors since a few days:
"The authorization headers in your request are not valid: Invalid signature"
I did see the breaking change at
https://lists.wikimedia.org/pipermail/mediawiki-api-announce/2017-February/0... but I am not using lgpassword or lgtoken here.
Did something else change? I notice I have 'oauth_signature_method' => 'HMAC-SHA1' Did someone perhaps change that after the SHA1 foobar?
Anything else it could be? I know I haven't fiddled with my code...