Maybe this OAuth Explorer would help you checking the different step and the parameters of your query: http://sevengoslings.net/~fangel/oauth-explorer/
Also, you might want to try an existing OAuth library in parallel with yours to see that it works the same. (even though you apparently tried this already) Hope this helps, Tim On Jun 2, 8:53 pm, "@jigglyonee" <ghil...@gmail.com> wrote: > Hi all, > > I've been trying to write a JavaScript OAuth module in order to write > my own twitter client (I know there are libraries out there, but it's > for my education as well as fun). > > I'm stumped, unfortunately, right at the beginning -- trying to get a > request token. I've tried GETting and POSTing > tohttp://twitter.com/oauth/request_token > to no avail -- it always returns "Failed to validate oauth signature > and token". > > I'm passing, hopefully, the correct parameters. A typical query string > looks like this: > > http://twitter.com/oauth/request_token?oauth_consumer_key=9CCTnLpstYI... > > My signature base string for that looked like: > > GET%26http%3A%2F%2Ftwitter.com%2Foauth%2Frequest_token%26GET%26http%3A > %2F%2Ftwitter.com%2Foauth%2Frequest_token%26oauth_consumer_key > %3D9CCTnLpstYI8RIxGE7yhQ%26oauth_nonce > %3Db52968e8-7145-4c91-8066-563d37a1107f%26oauth_signature_method > %3DHMAC-SHA1%26oauth_timestamp%3D1244001043%26oauth_token%3D > %26oauth_version%3D1.0 > > I'm fairly sure that the signature is being encoded correctly, as the > HMAC-SHA1 algorithm returns the same in my library and in the > javax.crypto libraries. I'm encoding using the key > "<my_consumer_secret>&" since I don't have a token secret yet. > > My question is twofold. 1) does something look amiss with this? 2) if > nothing's obvious, is there any sort of debug mode for the APIs where > we can get some more detailed error messages? > > Thanks! > > Josh
