subject:"\[twitter\-dev\] Re\: Signature generation issue"

[twitter-dev] Re: Signature generation issue

2011-03-16 Thread lappynet

Yep, that's exactly what my token request looks like, but I get 401
every time... :(

On Mar 15, 10:47 pm, Taylor Singletary 
wrote:
> Hi Georgina,
>
> I'm sure you're pretty close to figuring this out. A few tips when you've
> gotten to this point:
>
> - Make sure that you're transporting the request correctly
>   - If you're using header-based OAuth, make sure that your HTTP
> Authorization header is being properly setup and formatted. This will be
> language-specific. Also make sure that you aren't repeating any of the
> oauth_* parameters in the POST body or URL of your actual executed request.
> Only parameters that don't begin with oauth_* should appear in the POST body
> or query string. (In other words, don't present double authentication)
>   - Make sure that your HTTP verbs are in agreement
>     - If you're sending a POST, make sure your HTTP client is actually
> sending a POST and that your OAuth signature base string's method component
> matched
>
> Here's a quick walkthrough of all the steps involved in obtaining an access
> token (though with my keys instead of yours).. note the signature base
> string, authorization header, URL, and POST body for each step (keeping in
> mind that the authorize step is kind of special in that it happens in a
> browser).
>
> Request Token Step
> --
> Request URL:https://api.twitter.com/oauth/request_token
> HTTP Method: POST
> POST body: (empty)
> Signature Basestring:
> POST&https%3A%2F%2Fapi.twitter.com
> %2Foauth%2Frequest_token&oauth_callback%3Dhttp%253A%252F%252Flocalhost%253A 
> 3005%252Fthe_dance%252Fprocess_callback%253Fservice_provider_id%253D1%26oau 
> th_consumer_key%3DOqEqJeafRSF10jBMStrZg%26oauth_nonce%3DK7ny27JTpKVsTgdyLdD 
> fmQQWVLERj2zAK5BslRsqyw%26oauth_signature_method%3DHMAC-SHA1%26oauth_timest 
> amp%3D1300228849%26oauth_version%3D1.0
>
> Authorization Header: OAuth
> oauth_nonce="K7ny27JTpKVsTgdyLdDfmQQWVLERj2zAK5BslRsqyw",
> oauth_callback="http%3A%2F%2Flocalhost%3A3005%2Fthe_dance%2Fprocess_callbac 
> k%3Fservice_provider_id%3D1",
> oauth_signature_method="HMAC-SHA1", oauth_timestamp="1300228849",
> oauth_consumer_key="OqEqJeafRSF10jBMStrZg",
> oauth_signature="Pk%2BMLdv028fxCErFyi8KXFM%2BddU%3D", oauth_version="1.0"
>
> Response Body:
> oauth_token=IPPjb9gdAB15Gnw7to8idfCfePqJgem9MVyhcEkPsU&oauth_token_secret=x 
> xxx&oauth_callback_confirmed=true
>
> Authorization Step
> -
> Request 
> URL:https://api.twitter.com/oauth/authorize?oauth_token=IPPjb9gdAB15Gnw7t...
> HTTP Method: GET
> POST Body: N/A
> Signature Basestring: N/A
> Authorization Header: N/A
>
> Access Token Step
> -
> Request URL:https://api.twitter.com/oauth/access_token
> HTTP Method: POST
> POST Body: (empty)
>
> Signature Basestring:
> POST&https%3A%2F%2Fapi.twitter.com
> %2Foauth%2Faccess_token&oauth_consumer_key%3DOqEqJeafRSF10jBMStrZg%26oauth_ 
> nonce%3DFCKJcpPIhJpOLV1VQtP560IH0rKI9jMPrlkzqQWoA%26oauth_signature_method% 
> 3DHMAC-SHA1%26oauth_timestamp%3D1300228855%26oauth_token%3DIPPjb9gdAB15Gnw7 
> to8idfCfePqJgem9MVyhcEkPsU%26oauth_verifier%3DPmThbFiYNd3TOoFRBbFwwRRPHB3Pl 
> kFbxmX4lCqmnc%26oauth_version%3D1.0
>
> Authorization Header: OAuth
> oauth_nonce="FCKJcpPIhJpOLV1VQtP560IH0rKI9jMPrlkzqQWoA",
> oauth_signature_method="HMAC-SHA1", oauth_timestamp="1300228855",
> oauth_consumer_key="OqEqJeafRSF10jBMStrZg",
> oauth_token="IPPjb9gdAB15Gnw7to8idfCfePqJgem9MVyhcEkPsU",
> oauth_verifier="PmThbFiYNd3TOoFRBbFwwRRPHB3PlkFbxmX4lCqmnc",
> oauth_signature="AFJr%2BdS%2FmWgPbMtJR3vdwMA4cTk%3D", oauth_version="1.0"
>
> Response Body:
> oauth_token=819797-bAOfajtcYw8xHm1UQ3v5V5WfUb90zN7OWlWmvl8ZU0&oauth_token_s 
> ecret=x&user_id=819797&screen_name=episod
>
>
>
>
>
>
>
> On Tue, Mar 15, 2011 at 7:22 AM, lappynet  wrote:
> > Thanks for everyone's help on this. I think that I now have this
> > working (twitter documentation values match up).
>
> > My problem now is that although I'm confident of my algorithm, twitter
> > is always responding 401. I've debugged my network service and the
> > message being returned is Incorrect Signature. I do not understand how
> > this can be... :S
>
> > On Mar 15, 6:03 am, kamesh SmartDude 
> > wrote:
> > > Hai lappynet,
>
> > > I Used GET method to retrive the Request Token And I Avoided the OAuth
> > > Callback, because it was registered when i registered my app.
>
> > > Below is the method how i am  doing.
>
> > >  ** SignatureBase String is *
>
> > > GET&https%3A%2F%2Fapi.twitter.com
> > > %2Foauth%2Frequest_token&oauth_consumer_key%3D
>
> > %26oauth_nonce%3DydBxFJKdzK%26oauth_signature_method%3DHMAC-SHA1%26oauth_ti
> > mestamp%3D1300167727%26oauth_version%3D1.0
>
> > > Signature Key U are appending "&" and it is correct.
>
> > > i am adding the oauth header like below
>
> > > OAuth realm="Twitter API", oauth_consumer_key=,
> > > oauth_nonce=ydBxFJKdzK,
> > oauth_signature=89%2BSoLKBdE%2FeHN5PFRxNl3G7tNo%3D,
> > > oauth_signature_method=HMAC-SHA1, oauth_timestamp=1300167727,
> > > oauth_version=1

Re: [twitter-dev] Re: Signature generation issue

2011-03-15 Thread Taylor Singletary

Hi Georgina,

I'm sure you're pretty close to figuring this out. A few tips when you've
gotten to this point:

- Make sure that you're transporting the request correctly
  - If you're using header-based OAuth, make sure that your HTTP
Authorization header is being properly setup and formatted. This will be
language-specific. Also make sure that you aren't repeating any of the
oauth_* parameters in the POST body or URL of your actual executed request.
Only parameters that don't begin with oauth_* should appear in the POST body
or query string. (In other words, don't present double authentication)
  - Make sure that your HTTP verbs are in agreement
- If you're sending a POST, make sure your HTTP client is actually
sending a POST and that your OAuth signature base string's method component
matched

Here's a quick walkthrough of all the steps involved in obtaining an access
token (though with my keys instead of yours).. note the signature base
string, authorization header, URL, and POST body for each step (keeping in
mind that the authorize step is kind of special in that it happens in a
browser).

Request Token Step
--
Request URL: https://api.twitter.com/oauth/request_token
HTTP Method: POST
POST body: (empty)
Signature Basestring:
POST&https%3A%2F%2Fapi.twitter.com
%2Foauth%2Frequest_token&oauth_callback%3Dhttp%253A%252F%252Flocalhost%253A3005%252Fthe_dance%252Fprocess_callback%253Fservice_provider_id%253D1%26oauth_consumer_key%3DOqEqJeafRSF10jBMStrZg%26oauth_nonce%3DK7ny27JTpKVsTgdyLdDfmQQWVLERj2zAK5BslRsqyw%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1300228849%26oauth_version%3D1.0

Authorization Header: OAuth
oauth_nonce="K7ny27JTpKVsTgdyLdDfmQQWVLERj2zAK5BslRsqyw",
oauth_callback="http%3A%2F%2Flocalhost%3A3005%2Fthe_dance%2Fprocess_callback%3Fservice_provider_id%3D1",
oauth_signature_method="HMAC-SHA1", oauth_timestamp="1300228849",
oauth_consumer_key="OqEqJeafRSF10jBMStrZg",
oauth_signature="Pk%2BMLdv028fxCErFyi8KXFM%2BddU%3D", oauth_version="1.0"

Response Body:
oauth_token=IPPjb9gdAB15Gnw7to8idfCfePqJgem9MVyhcEkPsU&oauth_token_secret=&oauth_callback_confirmed=true

Authorization Step
-
Request URL:
https://api.twitter.com/oauth/authorize?oauth_token=IPPjb9gdAB15Gnw7to8idfCfePqJgem9MVyhcEkPsU
HTTP Method: GET
POST Body: N/A
Signature Basestring: N/A
Authorization Header: N/A

Access Token Step
-
Request URL: https://api.twitter.com/oauth/access_token
HTTP Method: POST
POST Body: (empty)

Signature Basestring:
POST&https%3A%2F%2Fapi.twitter.com
%2Foauth%2Faccess_token&oauth_consumer_key%3DOqEqJeafRSF10jBMStrZg%26oauth_nonce%3DFCKJcpPIhJpOLV1VQtP560IH0rKI9jMPrlkzqQWoA%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1300228855%26oauth_token%3DIPPjb9gdAB15Gnw7to8idfCfePqJgem9MVyhcEkPsU%26oauth_verifier%3DPmThbFiYNd3TOoFRBbFwwRRPHB3PlkFbxmX4lCqmnc%26oauth_version%3D1.0

Authorization Header: OAuth
oauth_nonce="FCKJcpPIhJpOLV1VQtP560IH0rKI9jMPrlkzqQWoA",
oauth_signature_method="HMAC-SHA1", oauth_timestamp="1300228855",
oauth_consumer_key="OqEqJeafRSF10jBMStrZg",
oauth_token="IPPjb9gdAB15Gnw7to8idfCfePqJgem9MVyhcEkPsU",
oauth_verifier="PmThbFiYNd3TOoFRBbFwwRRPHB3PlkFbxmX4lCqmnc",
oauth_signature="AFJr%2BdS%2FmWgPbMtJR3vdwMA4cTk%3D", oauth_version="1.0"

Response Body:
oauth_token=819797-bAOfajtcYw8xHm1UQ3v5V5WfUb90zN7OWlWmvl8ZU0&oauth_token_secret=x&user_id=819797&screen_name=episod

On Tue, Mar 15, 2011 at 7:22 AM, lappynet  wrote:

> Thanks for everyone's help on this. I think that I now have this
> working (twitter documentation values match up).
>
> My problem now is that although I'm confident of my algorithm, twitter
> is always responding 401. I've debugged my network service and the
> message being returned is Incorrect Signature. I do not understand how
> this can be... :S
>
> On Mar 15, 6:03 am, kamesh SmartDude 
> wrote:
> > Hai lappynet,
> >
> > I Used GET method to retrive the Request Token And I Avoided the OAuth
> > Callback, because it was registered when i registered my app.
> >
> > Below is the method how i am  doing.
> >
> >  ** SignatureBase String is *
> >
> > GET&https%3A%2F%2Fapi.twitter.com
> > %2Foauth%2Frequest_token&oauth_consumer_key%3D
> >
> %26oauth_nonce%3DydBxFJKdzK%26oauth_signature_method%3DHMAC-SHA1%26oauth_ti
> mestamp%3D1300167727%26oauth_version%3D1.0
> >
> > Signature Key U are appending "&" and it is correct.
> >
> > i am adding the oauth header like below
> >
> > OAuth realm="Twitter API", oauth_consumer_key=,
> > oauth_nonce=ydBxFJKdzK,
> oauth_signature=89%2BSoLKBdE%2FeHN5PFRxNl3G7tNo%3D,
> > oauth_signature_method=HMAC-SHA1, oauth_timestamp=1300167727,
> > oauth_version=1.0
> >
> > I think u might have some problem with generating the signature.
> >
> > Try this,
> > //kamesh
> >
> >
> >
> >
> >
> >
> >
> > On Mon, Mar 14, 2011 at 8:16 PM, lappynet 
> wrote:
> > > cURL... I've heard about this, but I don't really know about it. Is
> > > there a windows version as I don't have access to other OSs

[twitter-dev] Re: Signature generation issue

2011-03-15 Thread lappynet

Thanks for everyone's help on this. I think that I now have this
working (twitter documentation values match up).

My problem now is that although I'm confident of my algorithm, twitter
is always responding 401. I've debugged my network service and the
message being returned is Incorrect Signature. I do not understand how
this can be... :S

On Mar 15, 6:03 am, kamesh SmartDude 
wrote:
> Hai lappynet,
>
> I Used GET method to retrive the Request Token And I Avoided the OAuth
> Callback, because it was registered when i registered my app.
>
> Below is the method how i am  doing.
>
>  ** SignatureBase String is *
>
> GET&https%3A%2F%2Fapi.twitter.com
> %2Foauth%2Frequest_token&oauth_consumer_key%3D
> %26oauth_nonce%3DydBxFJKdzK%26oauth_signature_method%3DHMAC-SHA1%26oauth_ti 
> mestamp%3D1300167727%26oauth_version%3D1.0
>
> Signature Key U are appending "&" and it is correct.
>
> i am adding the oauth header like below
>
> OAuth realm="Twitter API", oauth_consumer_key=,
> oauth_nonce=ydBxFJKdzK, oauth_signature=89%2BSoLKBdE%2FeHN5PFRxNl3G7tNo%3D,
> oauth_signature_method=HMAC-SHA1, oauth_timestamp=1300167727,
> oauth_version=1.0
>
> I think u might have some problem with generating the signature.
>
> Try this,
> //kamesh
>
>
>
>
>
>
>
> On Mon, Mar 14, 2011 at 8:16 PM, lappynet  wrote:
> > cURL... I've heard about this, but I don't really know about it. Is
> > there a windows version as I don't have access to other OSs at work
> > (*sigh*)?
>
> > On Mar 14, 2:18 pm, Taylor Singletary 
> > wrote:
> > > Hi Georgina,
>
> > > Everything appears correct with your base string for this step.
>
> > > Are you performing this operation through a HTTP proxy of any kind? Have
> > you
> > > tried producing a valid OAuth header and executed it in curl (without
> > having
> > > "executed it" in C# first)? I'm not familiar with C#'s HTTP request
> > > libraries and the configuration options available to you in it.
>
> > > We were having an issue with occasionally hanging connections recently
> > and
> > > it's possible that it may be related -- but if that's the case, you
> > > shouldn't have it occur to you every time -- it would be one out of X
> > times.
>
> > > I'm curious where the connection is hanging -- while you are sending HTTP
> > > request headers or when your HTTP client is awaiting a response?
>
> > > Thanks,
> > > Taylor
>
> > > On Mon, Mar 14, 2011 at 7:02 AM, lappynet 
> > wrote:
> > > > Hi
>
> > > > I'm using C#.NET to produce an oob client. I've fallen at the first
> > > > hurdle though as I'm failing to make the token request.
>
> > > > I've gone through many iterations, and am no longer receiving a 417,
> > > > 404, or 401. This is very positive! Now my application hangs whilst
> > > > waiting for a response from twitter. (I left it running for an hour
> > > > over lunch and still nothing happened, and the code didn't appear to
> > > > want to step through.)
>
> > > > I've tried with the values detailed in the documentation to have a
> > > > look at the variables that have been produced from them in my
> > > > algorithm. I think that I've traced it down to being the way I
> > > > generate the signature string:
>
> > > > string signingKey = Uri.EscapeDataString(ConsumerSecret) + "&";
> > > > HMACSHA1 hasher = new HMACSHA1(new
> > > > ASCIIEncoding().GetBytes(signingKey));
> > > > string signatureString = Convert.ToBase64String(hasher.ComputeHash(new
> > > > ASCIIEncoding().GetBytes(baseString)));
>
> > > > My base string is:
>
> > > > POST&https%3A%2F%2Fapi.twitter.com%2Foauth
> > > > %2Frequest_token&oauth_callback%3Doob%26oauth_consumer_key%XXX
> > > > %26oauth_nonce%3DNjM0MzU3MDgxMDEyMDcwODkw%26oauth_signature_method
> > > > %3DHMAC-SHA1%26oauth_timestamp%3D1300111301%26oauth_version%3D1.0
>
> > > > Any pointers as to where I may be going wrong?
>
> > > > Thanks in advance
> > > > Georgina
>
> > > > --
> > > > Twitter developer documentation and resources:
> >http://dev.twitter.com/doc
> > > > API updates via Twitter:http://twitter.com/twitterapi
> > > > Issues/Enhancements Tracker:
> > > >http://code.google.com/p/twitter-api/issues/list
> > > > Change your membership to this group:
> > > >http://groups.google.com/group/twitter-development-talk
>
> > --
> > Twitter developer documentation and resources:http://dev.twitter.com/doc
> > API updates via Twitter:http://twitter.com/twitterapi
> > Issues/Enhancements Tracker:
> >http://code.google.com/p/twitter-api/issues/list
> > Change your membership to this group:
> >http://groups.google.com/group/twitter-development-talk

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] Re: Signature generation issue

2011-03-14 Thread kamesh SmartDude

Hai lappynet,

I Used GET method to retrive the Request Token And I Avoided the OAuth
Callback, because it was registered when i registered my app.

Below is the method how i am  doing.


 ** SignatureBase String is *

GET&https%3A%2F%2Fapi.twitter.com
%2Foauth%2Frequest_token&oauth_consumer_key%3D
%26oauth_nonce%3DydBxFJKdzK%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1300167727%26oauth_version%3D1.0

Signature Key U are appending "&" and it is correct.

i am adding the oauth header like below

OAuth realm="Twitter API", oauth_consumer_key=,
oauth_nonce=ydBxFJKdzK, oauth_signature=89%2BSoLKBdE%2FeHN5PFRxNl3G7tNo%3D,
oauth_signature_method=HMAC-SHA1, oauth_timestamp=1300167727,
oauth_version=1.0

I think u might have some problem with generating the signature.


Try this,
//kamesh



On Mon, Mar 14, 2011 at 8:16 PM, lappynet  wrote:

> cURL... I've heard about this, but I don't really know about it. Is
> there a windows version as I don't have access to other OSs at work
> (*sigh*)?
>
> On Mar 14, 2:18 pm, Taylor Singletary 
> wrote:
> > Hi Georgina,
> >
> > Everything appears correct with your base string for this step.
> >
> > Are you performing this operation through a HTTP proxy of any kind? Have
> you
> > tried producing a valid OAuth header and executed it in curl (without
> having
> > "executed it" in C# first)? I'm not familiar with C#'s HTTP request
> > libraries and the configuration options available to you in it.
> >
> > We were having an issue with occasionally hanging connections recently
> and
> > it's possible that it may be related -- but if that's the case, you
> > shouldn't have it occur to you every time -- it would be one out of X
> times.
> >
> > I'm curious where the connection is hanging -- while you are sending HTTP
> > request headers or when your HTTP client is awaiting a response?
> >
> > Thanks,
> > Taylor
> >
> >
> >
> >
> >
> >
> >
> > On Mon, Mar 14, 2011 at 7:02 AM, lappynet 
> wrote:
> > > Hi
> >
> > > I'm using C#.NET to produce an oob client. I've fallen at the first
> > > hurdle though as I'm failing to make the token request.
> >
> > > I've gone through many iterations, and am no longer receiving a 417,
> > > 404, or 401. This is very positive! Now my application hangs whilst
> > > waiting for a response from twitter. (I left it running for an hour
> > > over lunch and still nothing happened, and the code didn't appear to
> > > want to step through.)
> >
> > > I've tried with the values detailed in the documentation to have a
> > > look at the variables that have been produced from them in my
> > > algorithm. I think that I've traced it down to being the way I
> > > generate the signature string:
> >
> > > string signingKey = Uri.EscapeDataString(ConsumerSecret) + "&";
> > > HMACSHA1 hasher = new HMACSHA1(new
> > > ASCIIEncoding().GetBytes(signingKey));
> > > string signatureString = Convert.ToBase64String(hasher.ComputeHash(new
> > > ASCIIEncoding().GetBytes(baseString)));
> >
> > > My base string is:
> >
> > > POST&https%3A%2F%2Fapi.twitter.com%2Foauth
> > > %2Frequest_token&oauth_callback%3Doob%26oauth_consumer_key%XXX
> > > %26oauth_nonce%3DNjM0MzU3MDgxMDEyMDcwODkw%26oauth_signature_method
> > > %3DHMAC-SHA1%26oauth_timestamp%3D1300111301%26oauth_version%3D1.0
> >
> > > Any pointers as to where I may be going wrong?
> >
> > > Thanks in advance
> > > Georgina
> >
> > > --
> > > Twitter developer documentation and resources:
> http://dev.twitter.com/doc
> > > API updates via Twitter:http://twitter.com/twitterapi
> > > Issues/Enhancements Tracker:
> > >http://code.google.com/p/twitter-api/issues/list
> > > Change your membership to this group:
> > >http://groups.google.com/group/twitter-development-talk
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] Re: Signature generation issue

2011-03-14 Thread lappynet

cURL... I've heard about this, but I don't really know about it. Is
there a windows version as I don't have access to other OSs at work
(*sigh*)?

On Mar 14, 2:18 pm, Taylor Singletary 
wrote:
> Hi Georgina,
>
> Everything appears correct with your base string for this step.
>
> Are you performing this operation through a HTTP proxy of any kind? Have you
> tried producing a valid OAuth header and executed it in curl (without having
> "executed it" in C# first)? I'm not familiar with C#'s HTTP request
> libraries and the configuration options available to you in it.
>
> We were having an issue with occasionally hanging connections recently and
> it's possible that it may be related -- but if that's the case, you
> shouldn't have it occur to you every time -- it would be one out of X times.
>
> I'm curious where the connection is hanging -- while you are sending HTTP
> request headers or when your HTTP client is awaiting a response?
>
> Thanks,
> Taylor
>
>
>
>
>
>
>
> On Mon, Mar 14, 2011 at 7:02 AM, lappynet  wrote:
> > Hi
>
> > I'm using C#.NET to produce an oob client. I've fallen at the first
> > hurdle though as I'm failing to make the token request.
>
> > I've gone through many iterations, and am no longer receiving a 417,
> > 404, or 401. This is very positive! Now my application hangs whilst
> > waiting for a response from twitter. (I left it running for an hour
> > over lunch and still nothing happened, and the code didn't appear to
> > want to step through.)
>
> > I've tried with the values detailed in the documentation to have a
> > look at the variables that have been produced from them in my
> > algorithm. I think that I've traced it down to being the way I
> > generate the signature string:
>
> > string signingKey = Uri.EscapeDataString(ConsumerSecret) + "&";
> > HMACSHA1 hasher = new HMACSHA1(new
> > ASCIIEncoding().GetBytes(signingKey));
> > string signatureString = Convert.ToBase64String(hasher.ComputeHash(new
> > ASCIIEncoding().GetBytes(baseString)));
>
> > My base string is:
>
> > POST&https%3A%2F%2Fapi.twitter.com%2Foauth
> > %2Frequest_token&oauth_callback%3Doob%26oauth_consumer_key%XXX
> > %26oauth_nonce%3DNjM0MzU3MDgxMDEyMDcwODkw%26oauth_signature_method
> > %3DHMAC-SHA1%26oauth_timestamp%3D1300111301%26oauth_version%3D1.0
>
> > Any pointers as to where I may be going wrong?
>
> > Thanks in advance
> > Georgina
>
> > --
> > Twitter developer documentation and resources:http://dev.twitter.com/doc
> > API updates via Twitter:http://twitter.com/twitterapi
> > Issues/Enhancements Tracker:
> >http://code.google.com/p/twitter-api/issues/list
> > Change your membership to this group:
> >http://groups.google.com/group/twitter-development-talk

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] Re: Signature generation issue

2011-03-14 Thread lappynet

Yeah, I've used that tool with my real full base string and everything
appears OK. Thanks for the pointer though, I'm sure that tool will
come in handy again. :)

I have seen some blog posts issuing warnings over .NET's various ways
of RFC3986 encoding, but this doesn't appear to be the issue here...
I'll look into the hashing and base 64 encoding some more...

(I've been working through this for almost two days now. Although this
is the stuff I love doing in programming, it would be really nice if
twitter could improve/make some documentation for oob.)

On Mar 14, 2:25 pm, Tom van der Woerdt  wrote:
> No, actually, it was my fault: it wasn't a %26, but a %3D.
>
> Oops! Base string is fine.
>
> Tom
>
> On 3/14/11 3:21 PM, Taylor Singletary wrote:
>
>
>
>
>
>
>
> > Wow, my blindness to signature base string foo this morning is
> > humbling. Thanks Tom.
>
> > On Mon, Mar 14, 2011 at 7:15 AM, Tom van der Woerdt  > > wrote:
>
> >     After fixing the basic parts of your signature (please don't ever
> >     replace %26 with only a %, it screws up the encoding) and checking
> >     athttp://quonos.nl/oauthTester/, I got :
>
> >     *Bad sorting!*
> >     All Base String parameters (query and POST parameters) must be
> >     sorted alphabetically.
>
> >     Tom
>
> >     On 3/14/11 3:02 PM, lappynet wrote:
> >>     Hi
>
> >>     I'm using C#.NET to produce an oob client. I've fallen at the first
> >>     hurdle though as I'm failing to make the token request.
>
> >>     I've gone through many iterations, and am no longer receiving a 417,
> >>     404, or 401. This is very positive! Now my application hangs whilst
> >>     waiting for a response from twitter. (I left it running for an hour
> >>     over lunch and still nothing happened, and the code didn't appear to
> >>     want to step through.)
>
> >>     I've tried with the values detailed in the documentation to have a
> >>     look at the variables that have been produced from them in my
> >>     algorithm. I think that I've traced it down to being the way I
> >>     generate the signature string:
>
> >>     string signingKey = Uri.EscapeDataString(ConsumerSecret) + "&";
> >>     HMACSHA1 hasher = new HMACSHA1(new
> >>     ASCIIEncoding().GetBytes(signingKey));
> >>     string signatureString = Convert.ToBase64String(hasher.ComputeHash(new
> >>     ASCIIEncoding().GetBytes(baseString)));
>
> >>     My base string is:
>
> >>     POST&https%3A%2F%2Fapi.twitter.com  %2Foauth
> >>     %2Frequest_token&oauth_callback%3Doob%26oauth_consumer_key%XXX
> >>     %26oauth_nonce%3DNjM0MzU3MDgxMDEyMDcwODkw%26oauth_signature_method
> >>     %3DHMAC-SHA1%26oauth_timestamp%3D1300111301%26oauth_version%3D1.0
>
> >>     Any pointers as to where I may be going wrong?
>
> >>     Thanks in advance
> >>     Georgina
>
> >     --
> >     Twitter developer documentation and resources:
> >    http://dev.twitter.com/doc
> >     API updates via Twitter:http://twitter.com/twitterapi
> >     Issues/Enhancements Tracker:
> >    http://code.google.com/p/twitter-api/issues/list
> >     Change your membership to this group:
> >    http://groups.google.com/group/twitter-development-talk
>
> > --
> > Twitter developer documentation and resources:http://dev.twitter.com/doc
> > API updates via Twitter:http://twitter.com/twitterapi
> > Issues/Enhancements Tracker:
> >http://code.google.com/p/twitter-api/issues/list
> > Change your membership to this group:
> >http://groups.google.com/group/twitter-development-talk

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] Re: Signature generation issue

2011-03-14 Thread lappynet

Thanks, I'll take a look at the sorting.

I hadn't removed the 26 part, I think I deleted that along with by
consumer key for privacy by accident! I can assure you it is there
really. :)

On Mar 14, 2:15 pm, Tom van der Woerdt  wrote:
> After fixing the basic parts of your signature (please don't ever
> replace %26 with only a %, it screws up the encoding) and checking 
> athttp://quonos.nl/oauthTester/, I got :
>
> *Bad sorting!*
> All Base String parameters (query and POST parameters) must be sorted
> alphabetically.
>
> Tom
>
> On 3/14/11 3:02 PM, lappynet wrote:
>
>
>
>
>
>
>
> > Hi
>
> > I'm using C#.NET to produce an oob client. I've fallen at the first
> > hurdle though as I'm failing to make the token request.
>
> > I've gone through many iterations, and am no longer receiving a 417,
> > 404, or 401. This is very positive! Now my application hangs whilst
> > waiting for a response from twitter. (I left it running for an hour
> > over lunch and still nothing happened, and the code didn't appear to
> > want to step through.)
>
> > I've tried with the values detailed in the documentation to have a
> > look at the variables that have been produced from them in my
> > algorithm. I think that I've traced it down to being the way I
> > generate the signature string:
>
> > string signingKey = Uri.EscapeDataString(ConsumerSecret) + "&";
> > HMACSHA1 hasher = new HMACSHA1(new
> > ASCIIEncoding().GetBytes(signingKey));
> > string signatureString = Convert.ToBase64String(hasher.ComputeHash(new
> > ASCIIEncoding().GetBytes(baseString)));
>
> > My base string is:
>
> > POST&https%3A%2F%2Fapi.twitter.com%2Foauth
> > %2Frequest_token&oauth_callback%3Doob%26oauth_consumer_key%XXX
> > %26oauth_nonce%3DNjM0MzU3MDgxMDEyMDcwODkw%26oauth_signature_method
> > %3DHMAC-SHA1%26oauth_timestamp%3D1300111301%26oauth_version%3D1.0
>
> > Any pointers as to where I may be going wrong?
>
> > Thanks in advance
> > Georgina

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] Re: Signature generation issue

Re: [twitter-dev] Re: Signature generation issue

[twitter-dev] Re: Signature generation issue

Re: [twitter-dev] Re: Signature generation issue

[twitter-dev] Re: Signature generation issue

[twitter-dev] Re: Signature generation issue

[twitter-dev] Re: Signature generation issue

7 matches

Site Navigation

Mail list logo

Footer information