I just blogged a pretty thorough howto on this. Let me know if you have
feedback:
<http://staynalive.com/articles/2009/05/19/social-coding-how-to-code-twitters-oauth-using-netoauth-and-perl/>
http://staynalive.com/articles/2009/05/19/social-coding-how-to-code-twitters-oauth-using-netoauth-and-perl/
@Jesse
On Fri, May 15, 2009 at 8:04 PM, ben <deutsc...@gmail.com> wrote:
>
> I'm having the same problem as Jesse using the Net::OAuth
>
> Here's what I get back from twitter:
>
> $VAR1 = bless( {
> '_protocol' => 'HTTP/1.1',
> '_content' => 'Failed to validate oauth signature or
> token',
> '_rc' => '401',
> '_headers' => bless( {
> 'connection' => 'close',
> 'set-cookie' =>
> '_twitter_sess=BAh7BiIKZ0xhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo
> %250ASGFzaHsABjoKQHVzZWR7AA%253D
> %253D--1164b91ac812d853b877e93ddb612b7471bebc74; domain=.twitter.com;
> path=/',
> 'cache-control' => 'no-cache,
> max-age=300',
> 'status' => '401
> Unauthorized',
> 'date' => 'Sat, 16 May 2009
> 01:57:55 GMT',
> 'vary' => 'Accept-Encoding',
> 'client-ssl-cert-issuer' => '/
> C=US/O=Equifax Secure Inc./CN=Equifax Secure Global eBusiness CA-1',
> 'client-ssl-cipher' => 'DHE-
> RSA-AES256-SHA',
> 'client-peer' =>
> '128.121.146.100:443',
> 'client-warning' => 'Missing
> Authenticate header',
> 'client-date' => 'Sat, 16 May
> 2009 01:57:55 GMT',
> 'client-ssl-warning' => 'Peer
> certificate not verified',
> 'content-type' => 'text/html;
> charset=utf-8',
> 'server' => 'hi',
> 'client-response-num' => 1,
> 'content-length' => '43',
> 'client-ssl-cert-subject' => '/
> C=US/O=twitter.com/OU=GT09721236/OU=See www.rapidssl.com/resources/cps
> (c)08/OU=Domain Control Validated - RapidSSL(R)/CN=twitter.com',
> 'expires' => 'Sat, 16 May 2009
> 02:02:55 GMT'
> }, 'HTTP::Headers' ),
> '_msg' => 'Unauthorized',
> '_request' => bless( {
> '_content' => '',
> '_uri' => bless( do{\(my $o =
> 'https://twitter.com/statuses/update.json?
>
> oauth_consumer_key=K9ICZr8UwHCVza91AH9Sg&oauth_nonce=2AIYDaoQyknJ5Cpq&oauth_signature=W
> %2BQu6CG7ENoVNghVyNU4DX%2B2LJM%3D&oauth_signature_method=HMAC-
> SHA1&oauth_timestamp=1242439075&oauth_token=15385100-
> snbvmpiROaexwcJx00gkCegiBwX481bvGsVOmRo8e&oauth_version=1.0&status=Test
> +message')}, 'URI::https' ),
> '_headers' => bless( {
> 'user-
> agent' => 'libwww-perl/5.808',
>
> 'content-type' => 'application/x-www-form-urlencoded',
>
> 'content-length' => 0
> },
> 'HTTP::Headers' ),
> '_method' => 'POST'
> }, 'HTTP::Request' )
> }, 'HTTP::Response' );
>
>
> On Apr 30, 6:39 pm, Mario Menti <mme...@gmail.com> wrote:
> > On Thu, Apr 30, 2009 at 11:22 PM, Jesse Stay <jesses...@gmail.com>
> wrote:
> > > I just wanted to bring back attention to this. Has anyone on the list
> > > gotten Twitter's OAuth to work with Perl? Care to share some code
> examples?
> >
> > I'm using Perl's Net::OAuth heavily, but only for updating twitter status
> > with existing access tokens (as my backend processing is Perl, while the
> > frontend is RoR, so authorisation/key exchange is handled through rails
> > OAuth).
> >
> > I did find one bug which I've reported back to the Net::OAuth CPAN
> > maintainer, who said he'll implement in a future release:
> >
> > The issue relates tohttp://
> code.google.com/p/twitter-api/issues/detail?id=433#c32(there's lots
> > of useful into in this thread)
> >
> > The problem occurs when you pass an extra_param containing certain
> Unicode
> > characters. What happens is that the parameter is passed to the signature
> > creation, and the signature ends up wrong, leading to 401 errors when
> trying
> > to make a request.
> >
> > The fix for this is actually detailed in the above thread, a problem with
> > the regexp doing the escaping. In Perl's case, the below change
> > to Net::OAuth's Message.pm fixes this:
> >
> > sub encode {
> > my $str = shift;
> > $str = "" unless defined $str;
> > # return URI::Escape::uri_escape_utf8($str,'^\w.~-');
> > # MM, fix based on twitter OAuth bug report
> > return URI::Escape::uri_escape($str,'^0-9a-zA-Z\d._~-');
> > }
> >
> > I'm not sure if this is relevant to you given your previous messages, but
> > thought I'd share just in case. With this fix implemented, it seems to
> work
> > very well, more than 10,000 of my users have migrated to OAuth and I'm
> doing
> > hundreds of thousands OAuth-based status update requests, without obvious
> > problems.
> >
> > Mario.
>
