Re: [twitter-dev] Single Token: Using oauth with Perl: 401 Unauthorized
* Lars [100902 14:38]: > I am not a Perl expert but I have developed a small web page with Perl > which is somewhat popular in Germany (according to Alexa trafic rank < > 1000). And this web site is tweeting important events using its own > twitter account. > > I tried for days but I am not able to get it working (tweeting) again. > > I registered my web page/application and want to use my access tokens > "oauth_token" and "oauth_token_secret" which I find under my > application settings because I am using only this twitter account to > tweet (see http://dev.twitter.com/pages/oauth_single_token) > > But the response is always "401 Unauthorized"! > > Any ideas? > > My Perl program looks like this (my provider does not offer the module > NET::Twitter) If you have shell access, you can probably install local::lib using the bootstrap method, then install Net::Twitter or Net::Twitter::Lite in your own directory. -Marc -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Single Token: Using oauth with Perl: 401 Unauthorized
There's only one thing I notice and that is that you seem to be adding a
"=" to your signature. Why?
I also noticed that you don't URL encode the values in $content. If I
recall correctly, you have to URL encode those as well.
If that was not the issue, then please show your Base String and the
HTTP request.
Tom
On 9/2/10 11:33 PM, Lars wrote:
> Hi,
>
> I am not a Perl expert but I have developed a small web page with Perl
> which is somewhat popular in Germany (according to Alexa trafic rank <
> 1000). And this web site is tweeting important events using its own
> twitter account.
>
> I tried for days but I am not able to get it working (tweeting) again.
>
> I registered my web page/application and want to use my access tokens
> "oauth_token" and "oauth_token_secret" which I find under my
> application settings because I am using only this twitter account to
> tweet (see http://dev.twitter.com/pages/oauth_single_token)
>
> But the response is always "401 Unauthorized"!
>
> Any ideas?
>
> My Perl program looks like this (my provider does not offer the module
> NET::Twitter)
>
> #!/usr/bin/perl
>
> use CGI::Carp qw(fatalsToBrowser);
> use strict;
> use Digest::HMAC_SHA1;
> use Encode qw(encode);
> use URI::Escape;
> use LWP::UserAgent;
> use HTTP::Request::Common ('POST');
>
> my $api_url = "http://api.twitter.com/1/statuses/update.json";;
> my $status = "Hello world";
> my $oauth_consumer_key = "XYZ";
> my $oauth_consumer_secret = "XYZ";
> my $oauth_nonce = "101";
> my $oauth_signature_method = "HMAC-SHA1";
> my $oauth_token = "XYZ"; # from my application under my access token
> my $oauth_token_secret = "XYZ"; # from my application under my access
> token
> my $oauth_timestamp = "1272325550";
> my $oauth_version = "1.0";
> my $content = "oauth_consumer_key=$oauth_consumer_key&oauth_nonce=
> $oauth_nonce&oauth_signature_method=
> $oauth_signature_method&oauth_timestamp=$oauth_timestamp&oauth_token=
> $oauth_token&oauth_version=$oauth_version&status=$status";
>
> my $signature_base_str = "POST&" . uri_escape_RFC3986($api_url) .
> "&" . uri_escape_RFC3986($content);
>
> my $HMAC_SHA1_key = uri_escape_RFC3986(Encode::encode("UTF-8",
> $oauth_consumer_secret));
>$HMAC_SHA1_key .= "&";
>$HMAC_SHA1_key .= uri_escape_RFC3986(Encode::encode("UTF-8",
> $oauth_token_secret));
>
> my $hmac = Digest::HMAC_SHA1->new($HMAC_SHA1_key);
>$hmac->add($signature_base_str);
> my $signature = $hmac->b64digest;
> $signature .= "=";
>
> my $ua = LWP::UserAgent->new;
> my $req = POST($api_url => [
>oauth_nonce => $oauth_nonce,
>oauth_signature_method => $oauth_signature_method,
>oauth_timestamp => $oauth_timestamp,
>oauth_consumer_key => $oauth_consumer_key,
>oauth_token => $oauth_token,
>oauth_signature => $signature,
>oauth_version => $oauth_version,
>status => $status
>]);
>
> my $res = $ua->request($req);
>
> print "Content-type: text\/html\n\n";
>
> if ($res->is_success) {
> print "success: $res->decoded_content";
> }
> else {
> print "error:", $res->status_line;
> }
>
> #
>
> sub uri_escape_RFC3986 {
> my($str) = @_;
>
> return uri_escape($str,"^A-Za-z0-9\-_.~");
> }
>
--
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Single Token: Using oauth with Perl: 401 Unauthorized
Hi Lars,
First thing I spotted here was that your timestamp doesn't appear to be
correct.
In fact, it's a timestamp for "Mon Apr 26 16:45:50 -0700 2010" -- you'll
need to make sure that your timestamp is in epoch GMT time in seconds.
On a quick glance, the code looks pretty good for this limited use case,
though I didn't go too deeply into it. I would probably also go the extra
mile and make sure your space characters in a POST body value are always
encoded as %20. "+" will work but is more prone to encoding errors.
Taylor
On Thu, Sep 2, 2010 at 2:33 PM, Lars wrote:
> Hi,
>
> I am not a Perl expert but I have developed a small web page with Perl
> which is somewhat popular in Germany (according to Alexa trafic rank <
> 1000). And this web site is tweeting important events using its own
> twitter account.
>
> I tried for days but I am not able to get it working (tweeting) again.
>
> I registered my web page/application and want to use my access tokens
> "oauth_token" and "oauth_token_secret" which I find under my
> application settings because I am using only this twitter account to
> tweet (see http://dev.twitter.com/pages/oauth_single_token)
>
> But the response is always "401 Unauthorized"!
>
> Any ideas?
>
> My Perl program looks like this (my provider does not offer the module
> NET::Twitter)
>
> #!/usr/bin/perl
>
> use CGI::Carp qw(fatalsToBrowser);
> use strict;
> use Digest::HMAC_SHA1;
> use Encode qw(encode);
> use URI::Escape;
> use LWP::UserAgent;
> use HTTP::Request::Common ('POST');
>
> my $api_url = "http://api.twitter.com/1/statuses/update.json";;
> my $status = "Hello world";
> my $oauth_consumer_key = "XYZ";
> my $oauth_consumer_secret = "XYZ";
> my $oauth_nonce = "101";
> my $oauth_signature_method = "HMAC-SHA1";
> my $oauth_token = "XYZ"; # from my application under my access token
> my $oauth_token_secret = "XYZ"; # from my application under my access
> token
> my $oauth_timestamp = "1272325550";
> my $oauth_version = "1.0";
> my $content = "oauth_consumer_key=$oauth_consumer_key&oauth_nonce=
> $oauth_nonce&oauth_signature_method=
> $oauth_signature_method&oauth_timestamp=$oauth_timestamp&oauth_token=
> $oauth_token&oauth_version=$oauth_version&status=$status";
>
> my $signature_base_str = "POST&" . uri_escape_RFC3986($api_url) .
> "&" . uri_escape_RFC3986($content);
>
> my $HMAC_SHA1_key = uri_escape_RFC3986(Encode::encode("UTF-8",
> $oauth_consumer_secret));
> $HMAC_SHA1_key .= "&";
> $HMAC_SHA1_key .= uri_escape_RFC3986(Encode::encode("UTF-8",
> $oauth_token_secret));
>
> my $hmac = Digest::HMAC_SHA1->new($HMAC_SHA1_key);
> $hmac->add($signature_base_str);
> my $signature = $hmac->b64digest;
> $signature .= "=";
>
> my $ua = LWP::UserAgent->new;
> my $req = POST($api_url => [
> oauth_nonce => $oauth_nonce,
> oauth_signature_method => $oauth_signature_method,
> oauth_timestamp => $oauth_timestamp,
> oauth_consumer_key => $oauth_consumer_key,
> oauth_token => $oauth_token,
> oauth_signature => $signature,
> oauth_version => $oauth_version,
> status => $status
> ]);
>
> my $res = $ua->request($req);
>
> print "Content-type: text\/html\n\n";
>
> if ($res->is_success) {
> print "success: $res->decoded_content";
> }
> else {
> print "error:", $res->status_line;
> }
>
> #
>
> sub uri_escape_RFC3986 {
>my($str) = @_;
>
>return uri_escape($str,"^A-Za-z0-9\-_.~");
> }
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk?hl=en
>
--
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
http://groups.google.com/group/twitter-development-talk?hl=en
