I'm having trouble using /oauth/authenticate, too. After authenticating, Twitter redirects back to my consumer with a different oauth_token than the one I sent to initiate authentication. Twitter APIs don't accept either token. Sending the original request token to /oauth/access_token elicits HTTP 401 with an XML error "Invalid / expired Token". Sending the second callback token elicits HTTP 500 Internal Server Error with an HTML body entitled "Twitter / Error". When either token is used as an access token, Twitter responds with 401. The original request token elicits an XML error "Invalid / expired Token"; the second token elicits "Failed to validate oauth signature or token".
For signing I used the token secret associated with the original request token. The user has already given permission to this consumer. Help? On Apr 16, 12:25 pm, Dossy Shiobara <[email protected]> wrote: > I just tried out the oauth/authenticate - I supplied a RequestToken and > it redirected back to my callback URL with an AccessToken ... but, > what's the token secret for this AccessToken? I only know the secret > for the RequestToken I sent it ... Is the token secret the same for the > AccessToken I get back?
