[twitter-dev] Re: [oAuth] Signature with GET Parameters
Hi there, Dossy is referring to the fact you need to sort the parameters alphabetically for the signature method [1]. — Matt [1] - http://oauth.net/core/1.0/#rfc.section.9.1.1 On Apr 20, 2009, at 09:27 AM, Dossy Shiobara wrote: On 4/20/09 11:16 AM, max wrote: This is the base signature string: GEThttp%3A%2F%2Ftwitter.com%2Fstatuses %2Freplies.jsonoauth_consumer_key%3DwHwEqxY9SGIzQfxUvsNkDw %26oauth_nonce%3D5548448e3b10dad18c3b38d8f7a9a9fa %26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp %3D1240240406%26oauth_token%3D14733270- Zers1INc93ugsxwtaTYow6tDqI9uYyPbsBEVyCGhw%26oauth_version %3D1.0%26count %3D2 c comes before o, not after. -- Dossy Shiobara | do...@panoptic.com | http://dossy.org/ Panoptic Computer Network | http://panoptic.com/ He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on. (p. 70)
[twitter-dev] Re: [oAuth] Signature with GET Parameters
On Mon, Apr 20, 2009 at 11:16, max maxnet...@gmail.com wrote: All is working well with oAuth, normal GET requests, POST request with or without data. However GET requests with parameters do not work. (php, self written). I keep getting a Failed to validate oauth signature or token. This is the base signature string: GEThttp%3A%2F%2Ftwitter.com%2Fstatuses %2Freplies.jsonoauth_consumer_key%3DwHwEqxY9SGIzQfxUvsNkDw %26oauth_nonce%3D5548448e3b10dad18c3b38d8f7a9a9fa %26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp %3D1240240406%26oauth_token%3D14733270- Zers1INc93ugsxwtaTYow6tDqI9uYyPbsBEVyCGhw%26oauth_version%3D1.0%26count %3D2 How are you generating the signature base string? The parameters are supposed to be sorted by key, so count=2 should be at the beginning, before oauth_consumer_key. But that doesn't explain why your POSTs are okay. Guan
[twitter-dev] Re: [oAuth] Signature with GET Parameters
Ah thanks guys, I guess I overlooked that in the spec, or should I say overlooked that 100 times. Does the trick, thanks! On Apr 20, 6:24 pm, Guan Yang g...@yang.dk wrote: On Mon, Apr 20, 2009 at 11:16, max maxnet...@gmail.com wrote: All is working well with oAuth, normal GET requests, POST request with or without data. However GET requests with parameters do not work. (php, self written). I keep getting a Failed to validate oauth signature or token. This is the base signature string: GEThttp%3A%2F%2Ftwitter.com%2Fstatuses %2Freplies.jsonoauth_consumer_key%3DwHwEqxY9SGIzQfxUvsNkDw %26oauth_nonce%3D5548448e3b10dad18c3b38d8f7a9a9fa %26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp %3D1240240406%26oauth_token%3D14733270- Zers1INc93ugsxwtaTYow6tDqI9uYyPbsBEVyCGhw%26oauth_version%3D1.0%26count %3D2 How are you generating the signature base string? The parameters are supposed to be sorted by key, so count=2 should be at the beginning, before oauth_consumer_key. But that doesn't explain why your POSTs are okay. Guan