Hi,
I 've recently successfully implemented OAuth for Hyves and now trying
to get OAuth working for Twitter. As it was recommended in Twitter API
documentation, I used POST with 'Authorization' header. I keep getting
401 Unauthorized status with message 'Failed to validate oauth
signature and token'. I tried using GET instead of POST and looked a
lot at discussion groups for useful hints, but it didn't help so far.
The signature calculation is ok, I checked it with this example:http://
dev.twitter.com/pages/auth#request-token
The system time (known OAuth issue) is also fine. I use
I use Perl v5.6.1 built for i686-linux.
Here is the base string:
POST&https%3A%2F%2Fapi.twitter.com%2Foauth
%2Frequest_token&oauth_callback%3Dhttp%3A%2F%2Ftest2.momac.net
%26oauth_consumer_key%3DZ0NYrrMpi5mjNfLiNj5mMA%26oauth_nonce
%3D10347T1281101730%26oauth_signature_method%3DHMAC-
SHA1%26oauth_timestamp%3D1281101730%26oauth_version%3D1.0
Here are the headers I send in POST request:
Authorization: OAuth oauth_callback="http%3A%2F%2Ftest2.momac.net",
oauth_consumer_key="Z0NYrrMpi5mjNfLiNj5mMA",
oauth_nonce="10347T1281101730",
oauth_signature_method="HMAC-SHA1", oauth_timestamp="1281101730",
oauth_version="1.0",
oauth_signature="wXL8IB6mV4R0Or7yCbIoqwCwr4g%3D"
Content-Type: application/x-www-form-urlencoded
Here is the response I receive from Twitter API:
'client-ssl-cert-issuer' => '/C=US/O=Equifax/OU=Equifax Secure
Certificate Authority',
'client-ssl-cipher' => 'DHE-RSA-AES256-SHA',
'pragma' => 'no-cache',
'server' => 'hi',
'vary' => 'Accept-Encoding',
'cache-control' => 'no-cache, no-store, must-revalidate, pre-check=0,
post-check=0',
'content-length' => '44',
'status' => '401 Unauthorized',
'x-runtime' => '0.01541',
'client-ssl-cert-subject' =>
'/serialNumber=Zys2dJJ09EPoEVGXYtegIdxG3OZtEOib/C=US/O=*.twitter.com/
OU=GT57932074/OU=See www.rapidssl.com/resources/cps (c)10/OU=Domain
Control Validated -
RapidSSL(R)/CN=*.twitter.com',
'date' => 'Fri, 06 Aug 2010 13:35:31 GMT',
'client-date' => 'Fri, 06 Aug 2010 13:35:31 GMT',
'expires' => 'Tue, 31 Mar 1981 05:00:00 GMT',
'content-type' => 'text/html; charset=utf-8',
'client-ssl-warning' => 'Peer certificate not verified',
'client-warning' => 'Missing Authenticate header',
'last-modified' => 'Fri, 06 Aug 2010 13:35:31 GMT',
'set-cookie' => [
'k=80.95.167.85.1281101731661533; path=/;
expires=Fri, 13-Aug-10 13:35:31
GMT; domain=.twitter.com',
'guest_id=128110173167052617; path=/; expires=Sun, 05
Sep 2010 13:35:31
GMT',
'_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCFgXnUcqAToHaWQiJTg4Z
jljNDA1MmYwZDdj
%250ANDNiZTRlYjM4NmI2YTQ4ZDljIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy
%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--
dfecf503a7f5ace8e609f3f6f08abd2ce
1fb1fdc; domain=.twitter.com; path=/'
],
'x-transaction' => '1281101731-18347-37061',
'client-peer' => '128.121.146.109:443',
'x-revision' => 'DEV',
'connection' => 'close'
Any idea what I am doing wrong?
Thanks in advance!
