On 8/11/10 5:52 PM, isaiah1112 wrote: > I have been developing a complete OAuth Library for Twitter in > AppleScript (I know, some people thought it was impossible but it > isn't). The trouble is, I can authorize OAuth and get my token and > secret from Twitter without any issues. However, once I try to make a > call to the API the script will not validate my signature. I am using > the exact same methods to create my base string and signature that I > used to authorize OAuth so I know it has to be an issue with either my > header or base string parameters for this call... If someone could > look this over and tell me if everything checks out that would be > great! > > This is a simple call to get https://api.twitter.com/1/direct_messages.xml > api.... > > Base string is > > GET&https%3A%2F%2Fapi.twitter.com > %2F1%2Fdirect_messages.xml&oauth_consumer_key%3D2qKWThvrdoDBKeQCmIMA2w > %26oauth_nonce > %3D28e0ef3fec75d92e6fc95460ffef4581ffd1d8f1%26oauth_signature_method > %3DHMAC-SHA1%26oauth_token%3D90908405- > B0SOI7v64YMcx7VOPTOvSieUOztDNPStWVY9rnabJ%26oauth_timestamp > %3D1281541844%26oauth_version%3D1.0 > > The header for this call is listed as > > Authorization: OAuth oauth_consumer_key="2qKWThvrdoDBKeQCmIMA2w", > oauth_nonce="28e0ef3fec75d92e6fc95460ffef4581ffd1d8f1", > oauth_signature_method="HMAC-SHA1", > oauth_signature="%2B8UDpXZN9SwZsUBsFNv%2B518sLg0%3D", > oauth_token="90908405-B0SOI7v64YMcx7VOPTOvSieUOztDNPStWVY9rnabJ", > oauth_timestamp="1281541844", > oauth_version="1.0" > > If you would like any other information to test this out for yourself > please let me know!
If your code works with non-authorized requests and not with authorized ones, then I think that the issue would have to be with generating your "key". Make sure that you use <consumer secret>&<user secret>. If this is not the case, then please try generating a signature for verify_credentials.json, using the consumer key "GDdmIQH6jhtmLUypg82g", consumer secret "MCD8BKwGdgPHvAuvgvz4EQpqDAtx89grbuNMRd7Eh98", user token "819797-Jxq8aYUDRmykzVKrgoLhXSq67TEa5ruc4GJC2rWimw" and user secret "J6zix3FfA9LofH0awS24M3HcBYXO5nI1iYe8EfBA". Please post the base string and the signature which you generate. Tom PS: Those keys which I named aren't actual keys, I took them from dev.twitter.com.
