[twitter-dev] Re: 401 Unauthorized problem
I have the same problem. I've tried to not include the _method param from signature computing, didn't work any better. On Dec 3, 11:13 am, Wilfred yau wld991...@gmail.com wrote: I have try that put the _method=DELETEin Header, but still not work... do anyone know if it is Twitter API bug or it is my problem... this problem stop the development of my new Twitter Client in Firefox... Thanks Wilfred
[twitter-dev] Re: 401 Unauthorized problem
I submitted a bug, vote for it: http://code.google.com/p/twitter-api/issues/detail?id=1294colspec=ID%20Stars%20Type%20Status%20Priority%20Owner%20Summary%20Opened%20Modified%20Component On Dec 3, 11:13 am, Wilfred yau wld991...@gmail.com wrote: I have try that put the _method=DELETEin Header, but still not work... do anyone know if it is Twitter API bug or it is my problem... this problem stop the development of my new Twitter Client in Firefox... Thanks Wilfred On Nov 27, 1:24 pm, Mark McBride mmcbr...@twitter.com wrote: It looks like you're trying to actually include the OAuth Authorization header in your POST body, which isn't the way you want to do it. Instead, you should be using the Authorization HTTP header to transmit this info (seehttp://oauth.net/core/1.0a#anchor46). To make things extra weird, in one case you do have an Authorization header set, but it's basic auth. ---Mark On Thu, Nov 26, 2009 at 6:47 PM, Wilfred yau wld991...@gmail.com wrote: I have already solve the special char problem because encoding in Flex. but I still find that when I call _method=DELETEinListAPI, I still get401Unauthorized from api.twitter.com. On Nov 25, 11:09 am, Wilfred yau wld991...@gmail.com wrote: I am using OAuth to accessListAPI, but I find that if the request URL contain some char like _, (, then twitter will return 401 Unauthorized. Does anyone know what is the problem?? and this is my request: *Request URL: http://api.twitter.com/1/wilfred_yau/yedsrc/members.xml *Request header: Host:api.twitter.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv: 1.9.2b3) Gecko/20091115 Firefox/3.6b3 GTB6 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/ *;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: __utma=43838368.448377351.1258538849.1259115844.1259117264.22; __utmz=43838368.1258703218.9.4.utmcsr=google|utmccn=(organic)| utmcmd=organic|utmctr=gmasbaby; __utmv=43838368.lang%3A%20en; __qca=P0-1731751766-1258598366235; __utmb=43838368.8.10.1259117264; _twitter_sess=BAh7DDoTcGFzc3dvcmRfdG9rZW4iLWYxZDlkMzA5OWExZTMxMDIzZTlmMGJj %250AOWM1YzllYzAyYTVjOWU2NGM6DGNzcmZfaWQiJTU4MTVlMjgzNWUyNGNhYThh %250ANjE1YzdjOWU4MTE5MGJjOhF0cmFuc19wcm9tcHQwOgl1c2VyaQQ5oOgDOg5y %250AZXR1cm5fdG8iJGh0dHA6Ly90d2l0dGVyLmNvbS9zb2Z0cGVkaWFtYWM6B2lk %250AIiU0Y2JmMWJmNjc0YzJmOTlhZGZjMTA1MzE3NzI3ZGUwNiIKZmxhc2hJQzon %250AQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7%250AAA %253D%253D--3573176707558a7f9cd9653e6a60c073c94e91f5; __utmc=43838368 *Post Data: Content-type: application/x-www-form-urlencoded Content-length: 300 oauth%5Fconsumer%5Fkey=WiW3RrjmAhPvWvTn6oPLAid=66626470oauth %5Ftoken=65577017%2DK65DjHAcUbYOEJW5XMVnVuAkRy8fDnNnVGRZDOSAQoauth %5Ftimestamp=1259118273oauth%5Fsignature=zaA0CbWpls3lowiWG0yHCZig%2B2M %3Doauth%5Fversion=1%2E0oauth%5Fsignature%5Fmethod=HMAC%2DSHA1 %5Fmethod=DELETEoauth%5Fnonce=2875 Also, I got same problem in set status using OAuth : *Request URL: http://twitter.com/statuses/update.xml *Request header: Host: twitter.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv: 1.9.2b3) Gecko/20091115 Firefox/3.6b3 GTB6 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/ *;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: __utma=43838368.448377351.1258538849.1259115844.1259117264.22; __utmz=43838368.1258703218.9.4.utmcsr=google|utmccn=(organic)| utmcmd=organic|utmctr=gmasbaby; __utmv=43838368.lang%3A%20en; __qca=P0-1731751766-1258598366235; __utmb=43838368.8.10.1259117264; _twitter_sess=BAh7DDoTcGFzc3dvcmRfdG9rZW4iLWYxZDlkMzA5OWExZTMxMDIzZTlmMGJj %250AOWM1YzllYzAyYTVjOWU2NGM6DGNzcmZfaWQiJTU4MTVlMjgzNWUyNGNhYThh %250ANjE1YzdjOWU4MTE5MGJjOgl1c2VyaQQ5oOgDOhF0cmFuc19wcm9tcHQwIgpm %250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG %250AOgpAdXNlZHsAOgdpZCIlNGNiZjFiZjY3NGMyZjk5YWRmYzEwNTMxNzcyN2Rl %250AMDY6DnJldHVybl90byIkaHR0cDovL3R3aXR0ZXIuY29tL3NvZnRwZWRpYW1h %250AYw%253D%253D--dfa30d93e80be97e1404abbb466f2c6191816d69; __utmc=43838368 Authorization: Basic Z21hc2JhYnk6eW95b2JhYnk= *Post Data: Content-type: application/x-www-form-urlencoded Content-length: 303 oauth%5Fnonce=4280oauth%5Fsignature%5Fmethod=HMAC%2DSHA1oauth %5Ftimestamp=1259117789status=%40vincenthpchan%20%28O%3Aoauth %5Fversion=1%2E0oauth%5Fconsumer%5Fkey=WiW3RrjmAhPvWvTn6oPLAoauth %5Fsignature=dZ0OBySJzAZsdhwUKvK9zaIamE4%3Doauth %5Ftoken=65577017%2DK65DjHAcUbYOEJW5XMVnVuAkRy8fDnNnVGRZDOSAQ I wonder it is the problem about oauth_signature, but I don't what wrong with it. Thanks
[twitter-dev] Re: 401 Unauthorized problem
I have try that put the _method=DELETE in Header, but still not work... do anyone know if it is Twitter API bug or it is my problem... this problem stop the development of my new Twitter Client in Firefox... Thanks Wilfred On Nov 27, 1:24 pm, Mark McBride mmcbr...@twitter.com wrote: It looks like you're trying to actually include the OAuth Authorization header in your POST body, which isn't the way you want to do it. Instead, you should be using the Authorization HTTP header to transmit this info (seehttp://oauth.net/core/1.0a#anchor46). To make things extra weird, in one case you do have an Authorization header set, but it's basic auth. ---Mark On Thu, Nov 26, 2009 at 6:47 PM, Wilfred yau wld991...@gmail.com wrote: I have already solve the special char problem because encoding in Flex. but I still find that when I call _method= DELETE in List API, I still get 401 Unauthorized from api.twitter.com. On Nov 25, 11:09 am, Wilfred yau wld991...@gmail.com wrote: I am using OAuth to accessListAPI, but I find that if the request URL contain some char like _, (, then twitter will return 401 Unauthorized. Does anyone know what is the problem?? and this is my request: *Request URL: http://api.twitter.com/1/wilfred_yau/yedsrc/members.xml *Request header: Host:api.twitter.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv: 1.9.2b3) Gecko/20091115 Firefox/3.6b3 GTB6 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/ *;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: __utma=43838368.448377351.1258538849.1259115844.1259117264.22; __utmz=43838368.1258703218.9.4.utmcsr=google|utmccn=(organic)| utmcmd=organic|utmctr=gmasbaby; __utmv=43838368.lang%3A%20en; __qca=P0-1731751766-1258598366235; __utmb=43838368.8.10.1259117264; _twitter_sess=BAh7DDoTcGFzc3dvcmRfdG9rZW4iLWYxZDlkMzA5OWExZTMxMDIzZTlmMGJj %250AOWM1YzllYzAyYTVjOWU2NGM6DGNzcmZfaWQiJTU4MTVlMjgzNWUyNGNhYThh %250ANjE1YzdjOWU4MTE5MGJjOhF0cmFuc19wcm9tcHQwOgl1c2VyaQQ5oOgDOg5y %250AZXR1cm5fdG8iJGh0dHA6Ly90d2l0dGVyLmNvbS9zb2Z0cGVkaWFtYWM6B2lk %250AIiU0Y2JmMWJmNjc0YzJmOTlhZGZjMTA1MzE3NzI3ZGUwNiIKZmxhc2hJQzon %250AQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7%250AAA %253D%253D--3573176707558a7f9cd9653e6a60c073c94e91f5; __utmc=43838368 *Post Data: Content-type: application/x-www-form-urlencoded Content-length: 300 oauth%5Fconsumer%5Fkey=WiW3RrjmAhPvWvTn6oPLAid=66626470oauth %5Ftoken=65577017%2DK65DjHAcUbYOEJW5XMVnVuAkRy8fDnNnVGRZDOSAQoauth %5Ftimestamp=1259118273oauth%5Fsignature=zaA0CbWpls3lowiWG0yHCZig%2B2M %3Doauth%5Fversion=1%2E0oauth%5Fsignature%5Fmethod=HMAC%2DSHA1 %5Fmethod=DELETEoauth%5Fnonce=2875 Also, I got same problem in set status using OAuth : *Request URL: http://twitter.com/statuses/update.xml *Request header: Host: twitter.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv: 1.9.2b3) Gecko/20091115 Firefox/3.6b3 GTB6 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/ *;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: __utma=43838368.448377351.1258538849.1259115844.1259117264.22; __utmz=43838368.1258703218.9.4.utmcsr=google|utmccn=(organic)| utmcmd=organic|utmctr=gmasbaby; __utmv=43838368.lang%3A%20en; __qca=P0-1731751766-1258598366235; __utmb=43838368.8.10.1259117264; _twitter_sess=BAh7DDoTcGFzc3dvcmRfdG9rZW4iLWYxZDlkMzA5OWExZTMxMDIzZTlmMGJj %250AOWM1YzllYzAyYTVjOWU2NGM6DGNzcmZfaWQiJTU4MTVlMjgzNWUyNGNhYThh %250ANjE1YzdjOWU4MTE5MGJjOgl1c2VyaQQ5oOgDOhF0cmFuc19wcm9tcHQwIgpm %250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG %250AOgpAdXNlZHsAOgdpZCIlNGNiZjFiZjY3NGMyZjk5YWRmYzEwNTMxNzcyN2Rl %250AMDY6DnJldHVybl90byIkaHR0cDovL3R3aXR0ZXIuY29tL3NvZnRwZWRpYW1h %250AYw%253D%253D--dfa30d93e80be97e1404abbb466f2c6191816d69; __utmc=43838368 Authorization: Basic Z21hc2JhYnk6eW95b2JhYnk= *Post Data: Content-type: application/x-www-form-urlencoded Content-length: 303 oauth%5Fnonce=4280oauth%5Fsignature%5Fmethod=HMAC%2DSHA1oauth %5Ftimestamp=1259117789status=%40vincenthpchan%20%28O%3Aoauth %5Fversion=1%2E0oauth%5Fconsumer%5Fkey=WiW3RrjmAhPvWvTn6oPLAoauth %5Fsignature=dZ0OBySJzAZsdhwUKvK9zaIamE4%3Doauth %5Ftoken=65577017%2DK65DjHAcUbYOEJW5XMVnVuAkRy8fDnNnVGRZDOSAQ I wonder it is the problem about oauth_signature, but I don't what wrong with it. Thanks you very much ;-)
[twitter-dev] Re: 401 Unauthorized problem
I have try to follow to OAuth document to set up Authorization header, but still get 401 Unauthorized when I am using _method as parameter, and here is the result: *Response Headers DateTue, 01 Dec 2009 03:21:03 GMT Server hi WWW-AuthenticateBasic realm=Twitter API Status 401 Unauthorized Content-Typeapplication/xml; charset=utf-8 Cache-Control no-cache, max-age=1800 Set-Cookie _twitter_sess=BAh7CjoTcGFzc3dvcmRfdG9rZW4iLWYxZDlkMzA5OWExZTMxMDIzZTlmMGJj %250AOWM1YzllYzAyYTVjOWU2NGM6CXVzZXJpBDmg6AM6EXRyYW5zX3Byb21wdDAi %250ACmZsYXNoSUM6J0FjdGlvbkNvbnRyb2xsZXI6OkZsYXNoOjpGbGFzaEhhc2h7%250AAAY6CkB1c2VkewA6B2lkIiU5ZWI2NmY2MTU5ZmYyODM4NGE3YTAxNGUxMmMy %250AMTAyNg%253D%253D--4353873c14c39b48b0d30c48abba5858bff5a3a0; domain=.twitter.com; path=/ Expires Tue, 01 Dec 2009 03:51:03 GMT VaryAccept-Encoding Content-Encodinggzip Content-Length 140 Connection close *Request Headers Hostapi.twitter.com User-Agent Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 GTB6 Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language en-us,en;q=0.5 Accept-Encoding gzip,deflate Accept-Charset ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive 300 Connection keep-alive Cookie __qca=P0-1306444636-1259550182670; __utma=43838368.345398731.1259564074.1259574616.1259577218.3; __utmz=43838368.1259577218.3.2.utmcsr=forum7.hkgolden.com|utmccn= (referral)|utmcmd=referral|utmcct=/view.aspx; __utmv=43838368.lang%3A %20en; _twitter_sess=BAh7CjoTcGFzc3dvcmRfdG9rZW4iLWYxZDlkMzA5OWExZTMxMDIzZTlmMGJj %250AOWM1YzllYzAyYTVjOWU2NGM6EXRyYW5zX3Byb21wdDA6CXVzZXJpBDmg6AM6%250AB2lkIiU5ZWI2NmY2MTU5ZmYyODM4NGE3YTAxNGUxMmMyMTAyNiIKZmxhc2hJ %250AQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVz %250AZWR7AA%253D%253D--00951782ee94404e73d0edcbd7d02f1800f10915 *Post Data: Content-type: application/x-www-form-urlencoded Authorization: OAuth realm=Test,oauth_signature_method=HMAC- SHA1,oauth_token=65577017- K65DjHAcUbYOEJW5XMVnVuAkRy8fDnNnVGRZDOSAQ,oauth_nonce=9399,oauth_timestamp=1259637691,oauth_version=1.0,oauth_consumer_key=WiW3RrjmAhPvWvTn6oPLA,oauth_signature=BhLQP0o0OKLXjiQWn1l9ca7Fsek %3D Content-length: 28 id=77938855%5Fmethod=DELETE I wonder this the the problem of _method since when I use other parameter, there are no problem at all. So, do anyone know what is the problem of my request and could twitter provide a correct Request example which using _method as a OAuth parameter? Thanks. Wilfred On Nov 27, 1:24 pm, Mark McBride mmcbr...@twitter.com wrote: It looks like you're trying to actually include the OAuth Authorization header in your POST body, which isn't the way you want to do it. Instead, you should be using the Authorization HTTP header to transmit this info (seehttp://oauth.net/core/1.0a#anchor46). To make things extra weird, in one case you do have an Authorization header set, but it's basic auth. ---Mark On Thu, Nov 26, 2009 at 6:47 PM, Wilfred yau wld991...@gmail.com wrote: I have already solve the special char problem because encoding in Flex. but I still find that when I call _method= DELETE inListAPI, I still get 401 Unauthorized from api.twitter.com. On Nov 25, 11:09 am, Wilfred yau wld991...@gmail.com wrote: I am using OAuth to accessListAPI, but I find that if the request URL contain some char like _, (, then twitter will return 401 Unauthorized. Does anyone know what is the problem?? and this is my request: *Request URL: http://api.twitter.com/1/wilfred_yau/yedsrc/members.xml *Request header: Host:api.twitter.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv: 1.9.2b3) Gecko/20091115 Firefox/3.6b3 GTB6 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/ *;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: __utma=43838368.448377351.1258538849.1259115844.1259117264.22; __utmz=43838368.1258703218.9.4.utmcsr=google|utmccn=(organic)| utmcmd=organic|utmctr=gmasbaby; __utmv=43838368.lang%3A%20en; __qca=P0-1731751766-1258598366235; __utmb=43838368.8.10.1259117264; _twitter_sess=BAh7DDoTcGFzc3dvcmRfdG9rZW4iLWYxZDlkMzA5OWExZTMxMDIzZTlmMGJj %250AOWM1YzllYzAyYTVjOWU2NGM6DGNzcmZfaWQiJTU4MTVlMjgzNWUyNGNhYThh %250ANjE1YzdjOWU4MTE5MGJjOhF0cmFuc19wcm9tcHQwOgl1c2VyaQQ5oOgDOg5y %250AZXR1cm5fdG8iJGh0dHA6Ly90d2l0dGVyLmNvbS9zb2Z0cGVkaWFtYWM6B2lk %250AIiU0Y2JmMWJmNjc0YzJmOTlhZGZjMTA1MzE3NzI3ZGUwNiIKZmxhc2hJQzon %250AQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7%250AAA %253D%253D--3573176707558a7f9cd9653e6a60c073c94e91f5; __utmc=43838368 *Post Data: Content-type: application/x-www-form-urlencoded Content-length: 300
[twitter-dev] Re: 401 Unauthorized problem
I have already solve the special char problem because encoding in Flex. but I still find that when I call _method= DELETE in List API, I still get 401 Unauthorized from api.twitter.com. On Nov 25, 11:09 am, Wilfred yau wld991...@gmail.com wrote: I am using OAuth to accessListAPI, but I find that if the request URL contain some char like _, (, then twitter will return 401 Unauthorized. Does anyone know what is the problem?? and this is my request: *Request URL: http://api.twitter.com/1/wilfred_yau/yedsrc/members.xml *Request header: Host:api.twitter.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv: 1.9.2b3) Gecko/20091115 Firefox/3.6b3 GTB6 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/ *;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: __utma=43838368.448377351.1258538849.1259115844.1259117264.22; __utmz=43838368.1258703218.9.4.utmcsr=google|utmccn=(organic)| utmcmd=organic|utmctr=gmasbaby; __utmv=43838368.lang%3A%20en; __qca=P0-1731751766-1258598366235; __utmb=43838368.8.10.1259117264; _twitter_sess=BAh7DDoTcGFzc3dvcmRfdG9rZW4iLWYxZDlkMzA5OWExZTMxMDIzZTlmMGJj %250AOWM1YzllYzAyYTVjOWU2NGM6DGNzcmZfaWQiJTU4MTVlMjgzNWUyNGNhYThh %250ANjE1YzdjOWU4MTE5MGJjOhF0cmFuc19wcm9tcHQwOgl1c2VyaQQ5oOgDOg5y %250AZXR1cm5fdG8iJGh0dHA6Ly90d2l0dGVyLmNvbS9zb2Z0cGVkaWFtYWM6B2lk %250AIiU0Y2JmMWJmNjc0YzJmOTlhZGZjMTA1MzE3NzI3ZGUwNiIKZmxhc2hJQzon %250AQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7%250AAA %253D%253D--3573176707558a7f9cd9653e6a60c073c94e91f5; __utmc=43838368 *Post Data: Content-type: application/x-www-form-urlencoded Content-length: 300 oauth%5Fconsumer%5Fkey=WiW3RrjmAhPvWvTn6oPLAid=66626470oauth %5Ftoken=65577017%2DK65DjHAcUbYOEJW5XMVnVuAkRy8fDnNnVGRZDOSAQoauth %5Ftimestamp=1259118273oauth%5Fsignature=zaA0CbWpls3lowiWG0yHCZig%2B2M %3Doauth%5Fversion=1%2E0oauth%5Fsignature%5Fmethod=HMAC%2DSHA1 %5Fmethod=DELETEoauth%5Fnonce=2875 Also, I got same problem in set status using OAuth : *Request URL: http://twitter.com/statuses/update.xml *Request header: Host: twitter.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv: 1.9.2b3) Gecko/20091115 Firefox/3.6b3 GTB6 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/ *;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: __utma=43838368.448377351.1258538849.1259115844.1259117264.22; __utmz=43838368.1258703218.9.4.utmcsr=google|utmccn=(organic)| utmcmd=organic|utmctr=gmasbaby; __utmv=43838368.lang%3A%20en; __qca=P0-1731751766-1258598366235; __utmb=43838368.8.10.1259117264; _twitter_sess=BAh7DDoTcGFzc3dvcmRfdG9rZW4iLWYxZDlkMzA5OWExZTMxMDIzZTlmMGJj %250AOWM1YzllYzAyYTVjOWU2NGM6DGNzcmZfaWQiJTU4MTVlMjgzNWUyNGNhYThh %250ANjE1YzdjOWU4MTE5MGJjOgl1c2VyaQQ5oOgDOhF0cmFuc19wcm9tcHQwIgpm %250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG %250AOgpAdXNlZHsAOgdpZCIlNGNiZjFiZjY3NGMyZjk5YWRmYzEwNTMxNzcyN2Rl %250AMDY6DnJldHVybl90byIkaHR0cDovL3R3aXR0ZXIuY29tL3NvZnRwZWRpYW1h %250AYw%253D%253D--dfa30d93e80be97e1404abbb466f2c6191816d69; __utmc=43838368 Authorization: Basic Z21hc2JhYnk6eW95b2JhYnk= *Post Data: Content-type: application/x-www-form-urlencoded Content-length: 303 oauth%5Fnonce=4280oauth%5Fsignature%5Fmethod=HMAC%2DSHA1oauth %5Ftimestamp=1259117789status=%40vincenthpchan%20%28O%3Aoauth %5Fversion=1%2E0oauth%5Fconsumer%5Fkey=WiW3RrjmAhPvWvTn6oPLAoauth %5Fsignature=dZ0OBySJzAZsdhwUKvK9zaIamE4%3Doauth %5Ftoken=65577017%2DK65DjHAcUbYOEJW5XMVnVuAkRy8fDnNnVGRZDOSAQ I wonder it is the problem about oauth_signature, but I don't what wrong with it. Thanks you very much ;-)
Re: [twitter-dev] Re: 401 Unauthorized problem
It looks like you're trying to actually include the OAuth Authorization header in your POST body, which isn't the way you want to do it. Instead, you should be using the Authorization HTTP header to transmit this info (see http://oauth.net/core/1.0a#anchor46). To make things extra weird, in one case you do have an Authorization header set, but it's basic auth. ---Mark On Thu, Nov 26, 2009 at 6:47 PM, Wilfred yau wld991...@gmail.com wrote: I have already solve the special char problem because encoding in Flex. but I still find that when I call _method= DELETE in List API, I still get 401 Unauthorized from api.twitter.com. On Nov 25, 11:09 am, Wilfred yau wld991...@gmail.com wrote: I am using OAuth to accessListAPI, but I find that if the request URL contain some char like _, (, then twitter will return 401 Unauthorized. Does anyone know what is the problem?? and this is my request: *Request URL: http://api.twitter.com/1/wilfred_yau/yedsrc/members.xml *Request header: Host:api.twitter.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv: 1.9.2b3) Gecko/20091115 Firefox/3.6b3 GTB6 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/ *;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: __utma=43838368.448377351.1258538849.1259115844.1259117264.22; __utmz=43838368.1258703218.9.4.utmcsr=google|utmccn=(organic)| utmcmd=organic|utmctr=gmasbaby; __utmv=43838368.lang%3A%20en; __qca=P0-1731751766-1258598366235; __utmb=43838368.8.10.1259117264; _twitter_sess=BAh7DDoTcGFzc3dvcmRfdG9rZW4iLWYxZDlkMzA5OWExZTMxMDIzZTlmMGJj %250AOWM1YzllYzAyYTVjOWU2NGM6DGNzcmZfaWQiJTU4MTVlMjgzNWUyNGNhYThh %250ANjE1YzdjOWU4MTE5MGJjOhF0cmFuc19wcm9tcHQwOgl1c2VyaQQ5oOgDOg5y %250AZXR1cm5fdG8iJGh0dHA6Ly90d2l0dGVyLmNvbS9zb2Z0cGVkaWFtYWM6B2lk %250AIiU0Y2JmMWJmNjc0YzJmOTlhZGZjMTA1MzE3NzI3ZGUwNiIKZmxhc2hJQzon %250AQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7%250AAA %253D%253D--3573176707558a7f9cd9653e6a60c073c94e91f5; __utmc=43838368 *Post Data: Content-type: application/x-www-form-urlencoded Content-length: 300 oauth%5Fconsumer%5Fkey=WiW3RrjmAhPvWvTn6oPLAid=66626470oauth %5Ftoken=65577017%2DK65DjHAcUbYOEJW5XMVnVuAkRy8fDnNnVGRZDOSAQoauth %5Ftimestamp=1259118273oauth%5Fsignature=zaA0CbWpls3lowiWG0yHCZig%2B2M %3Doauth%5Fversion=1%2E0oauth%5Fsignature%5Fmethod=HMAC%2DSHA1 %5Fmethod=DELETEoauth%5Fnonce=2875 Also, I got same problem in set status using OAuth : *Request URL: http://twitter.com/statuses/update.xml *Request header: Host: twitter.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv: 1.9.2b3) Gecko/20091115 Firefox/3.6b3 GTB6 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/ *;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: __utma=43838368.448377351.1258538849.1259115844.1259117264.22; __utmz=43838368.1258703218.9.4.utmcsr=google|utmccn=(organic)| utmcmd=organic|utmctr=gmasbaby; __utmv=43838368.lang%3A%20en; __qca=P0-1731751766-1258598366235; __utmb=43838368.8.10.1259117264; _twitter_sess=BAh7DDoTcGFzc3dvcmRfdG9rZW4iLWYxZDlkMzA5OWExZTMxMDIzZTlmMGJj %250AOWM1YzllYzAyYTVjOWU2NGM6DGNzcmZfaWQiJTU4MTVlMjgzNWUyNGNhYThh %250ANjE1YzdjOWU4MTE5MGJjOgl1c2VyaQQ5oOgDOhF0cmFuc19wcm9tcHQwIgpm %250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG %250AOgpAdXNlZHsAOgdpZCIlNGNiZjFiZjY3NGMyZjk5YWRmYzEwNTMxNzcyN2Rl %250AMDY6DnJldHVybl90byIkaHR0cDovL3R3aXR0ZXIuY29tL3NvZnRwZWRpYW1h %250AYw%253D%253D--dfa30d93e80be97e1404abbb466f2c6191816d69; __utmc=43838368 Authorization: Basic Z21hc2JhYnk6eW95b2JhYnk= *Post Data: Content-type: application/x-www-form-urlencoded Content-length: 303 oauth%5Fnonce=4280oauth%5Fsignature%5Fmethod=HMAC%2DSHA1oauth %5Ftimestamp=1259117789status=%40vincenthpchan%20%28O%3Aoauth %5Fversion=1%2E0oauth%5Fconsumer%5Fkey=WiW3RrjmAhPvWvTn6oPLAoauth %5Fsignature=dZ0OBySJzAZsdhwUKvK9zaIamE4%3Doauth %5Ftoken=65577017%2DK65DjHAcUbYOEJW5XMVnVuAkRy8fDnNnVGRZDOSAQ I wonder it is the problem about oauth_signature, but I don't what wrong with it. Thanks you very much ;-)