Are you including your url-encoded form variables in your signature calculation?
Celso Pinto wrote:
Hi all, I'm trying to set up a client and I want to use OAuth. The oauth authorization went ok, my app shows on my settings page but when I try to make an OAuth post to /statuses/update.json I get an "Invalid OAuth request" response. I've tried setting the OAuth authorization header (both with and without a realm) but this always fails as it apparently tries to authenticate using HTTP Basic Auth. Thoughts? Anyhow, here's a dump of the HTTP transaction (some response headers omitted), am I missing something? TIA. POST http://twitter.com/statuses/update.json HTTP/1.1 Host: twitter.com Accept-Encoding: identity Content-Length: 280 Content-Type: application/x-www-form-urlencoded oauth_nonce=21598464&oauth_timestamp=1237549916&oauth_consumer_key=zApimJxrvgM7xpJTAEFDA&oauth_signature_method=HMAC- SHA1&oauth_version=1.0&oauth_token=4927481- uCDTzmk9jls6Rgdzmoy6MW3CjDW7E8Hi8vJgKgxqU4&oauth_signature=lt1k8jLt22AKnZlk %2BpfNsdiF5b8%3D&status=hello+from+handivi%21 HTTP/1.0 401 Unauthorized Date: Fri, 20 Mar 2009 11:51:57 GMT Server: hi Status: 401 Unauthorized Cache-Control: no-cache, max-age=300 Content-Type: text/html; charset=utf-8 Content-Length: 21 Invalid OAuth Request
