Hi, I 've recently successfully implemented OAuth for Hyves and now trying to get OAuth working for Twitter. As it was recommended in Twitter API documentation, I used POST with 'Authorization' header. I keep getting 401 Unauthorized status with message 'Failed to validate oauth signature and token'. I tried using GET instead of POST and looked a lot at discussion groups for useful hints, but it didn't help so far.
The signature calculation is ok, I checked it with this example:http:// dev.twitter.com/pages/auth#request-token The system time (known OAuth issue) is also fine. I use I use Perl v5.6.1 built for i686-linux. Here is the base string: POST&https%3A%2F%2Fapi.twitter.com%2Foauth %2Frequest_token&oauth_callback%3Dhttp%3A%2F%2Ftest2.momac.net %26oauth_consumer_key%3DZ0NYrrMpi5mjNfLiNj5mMA%26oauth_nonce %3D10347T1281101730%26oauth_signature_method%3DHMAC- SHA1%26oauth_timestamp%3D1281101730%26oauth_version%3D1.0 Here are the headers I send in POST request: Authorization: OAuth oauth_callback="http%3A%2F%2Ftest2.momac.net", oauth_consumer_key="Z0NYrrMpi5mjNfLiNj5mMA", oauth_nonce="10347T1281101730", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1281101730", oauth_version="1.0", oauth_signature="wXL8IB6mV4R0Or7yCbIoqwCwr4g%3D" Content-Type: application/x-www-form-urlencoded Here is the response I receive from Twitter API: 'client-ssl-cert-issuer' => '/C=US/O=Equifax/OU=Equifax Secure Certificate Authority', 'client-ssl-cipher' => 'DHE-RSA-AES256-SHA', 'pragma' => 'no-cache', 'server' => 'hi', 'vary' => 'Accept-Encoding', 'cache-control' => 'no-cache, no-store, must-revalidate, pre-check=0, post-check=0', 'content-length' => '44', 'status' => '401 Unauthorized', 'x-runtime' => '0.01541', 'client-ssl-cert-subject' => '/serialNumber=Zys2dJJ09EPoEVGXYtegIdxG3OZtEOib/C=US/O=*.twitter.com/ OU=GT57932074/OU=See www.rapidssl.com/resources/cps (c)10/OU=Domain Control Validated - RapidSSL(R)/CN=*.twitter.com', 'date' => 'Fri, 06 Aug 2010 13:35:31 GMT', 'client-date' => 'Fri, 06 Aug 2010 13:35:31 GMT', 'expires' => 'Tue, 31 Mar 1981 05:00:00 GMT', 'content-type' => 'text/html; charset=utf-8', 'client-ssl-warning' => 'Peer certificate not verified', 'client-warning' => 'Missing Authenticate header', 'last-modified' => 'Fri, 06 Aug 2010 13:35:31 GMT', 'set-cookie' => [ 'k=80.95.167.85.1281101731661533; path=/; expires=Fri, 13-Aug-10 13:35:31 GMT; domain=.twitter.com', 'guest_id=128110173167052617; path=/; expires=Sun, 05 Sep 2010 13:35:31 GMT', '_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCFgXnUcqAToHaWQiJTg4Z jljNDA1MmYwZDdj %250ANDNiZTRlYjM4NmI2YTQ4ZDljIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy %250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA-- dfecf503a7f5ace8e609f3f6f08abd2ce 1fb1fdc; domain=.twitter.com; path=/' ], 'x-transaction' => '1281101731-18347-37061', 'client-peer' => '128.121.146.109:443', 'x-revision' => 'DEV', 'connection' => 'close' Any idea what I am doing wrong? Thanks in advance!