I'm trying to to get xAuth to work with my application, using libcurl and a modified TwitCurl engine. Whenever I attempt to obtain an access token, I get a 401 error that contains a single space character (0x20) and nothing else, which is extremely unhelpful. Whenever I try to do other things that shouldn't work (like setting a status without a token), the 401 error returns a useful message, so I'm pretty sure my system is working fine.
Can someone point out what I'm missing here? Thanks. Here's what I'm sending to the Twitter servers... URL https://api.twitter.com/oauth/access_token HTTP Header OAuth oauth_consumer_key="cmPTwoVnltXa2N8FAgepw", oauth_nonce="12947058132c2", oauth_signature="6nWCiAN9vg4UYXtaLqh7FLFuq7E%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1294705813", oauth_version="1.0" Data x_auth_mode=client_auth%26x_auth_password%3DMYPASSWORD %26x_auth_username%3DMYUSERNAME Signature Base POST&https%3A%2F%2Fapi.twitter.com%2Foauth %2Faccess_token&oauth_consumer_key%3DcmPTwoVnltXa2N8FAgepw %26oauth_nonce%3D12947058132c2%26oauth_signature_method%3DHMAC- SHA1%26oauth_timestamp%3D1294705813%26oauth_version%3D1.0%26x_auth_mode %3Dclient_auth%26x_auth_password%3DMYPASSWORD%26x_auth_username %3DMYUSERNAME And here's what I'm seeing in my logs: * About to connect() to api.twitter.com port 443 (#0) * Trying 128.242.240.253... * connected * Connected to api.twitter.com (128.242.240.253) port 443 (#0) * SSL connection using DHE-RSA-AES256-SHA * Server certificate: * subject: serialNumber=Zys2dJJ09EPoEVGXYtegIdxG3OZtEOib, C=US, O=*.twitter.com, OU=GT57932074, OU=See www.rapidssl.com/resources/cps (c)10, OU=Domain Control Validated - RapidSSL(R), CN=*.twitter.com * start date: 2010-07-13 10:40:16 GMT * expire date: 2011-08-15 12:55:17 GMT * subjectAltName: api.twitter.com matched * issuer: C=US, O=Equifax, OU=Equifax Secure Certificate Authority * SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway. > POST /oauth/access_token HTTP/1.1 Host: api.twitter.com Accept: */* Content-Length: 85 Content-Type: application/x-www-form-urlencoded < HTTP/1.1 401 Unauthorized < Date: Tue, 11 Jan 2011 00:25:19 GMT < Server: hi < Status: 401 Unauthorized < X-Transaction: 1294705519-89572-46458 < Last-Modified: Tue, 11 Jan 2011 00:25:19 GMT < X-Runtime: 0.00697 < Content-Type: text/html; charset=utf-8 < Content-Length: 1 < Pragma: no-cache < X-Revision: DEV < Expires: Tue, 31 Mar 1981 05:00:00 GMT < Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0 < Set-Cookie: k=38.98.60.253.1294705519623615; path=/; expires=Tue, 18- Jan-11 00:25:19 GMT; domain=.twitter.com < Set-Cookie: guest_id=129470551976790627; path=/; expires=Thu, 10 Feb 2011 00:25:19 GMT < Set-Cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCJhsdnItAToHaWQiJWFjZDlkNWQ2YmNkOTc0%250ANmU0ZTkxNzlmZjdlMGQ0OWUxIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy %250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--075877d72b9a221a932648a45490dab951649d50; domain=.twitter.com; path=/ < Vary: Accept-Encoding < Connection: close < * Closing connection #0 -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk