Hi Doug, After reading your post I passed the oauth_callback parameter when requesting a token but I keep getting 'Failed to validate oauth signature and token'. It works as soon as I take out the callback parameter. I am using .NET and here is my GET request please advise if I am missing something, I am fairly new to this.
http://twitter.com/oauth/request_token?oauth_callback=http://www.g-softsolutions.com/twittvine.aspx/filerid/1&oauth_consumer_key=qBDgyqMk8pnbpW6SdrEw&oauth_nonce=945410&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1244916785&oauth_version=1.0&oauth_signature=pqy70Jq1ayEfDYnIgThUpJM8zwc%3d thanks, Nizar On Jun 9, 6:23 pm, Doug Williams <[email protected]> wrote: > Today we deployed code that implemented the changes that accompanied the > update to the 1.0a OAuth specification. LuckyCal has a great article on the > subtle differences that come with the update [1] so please peruse this > article if you are getting 401 errors with your implementation. > > Callbacks for non-desktop apps are now supported with these rules: > - When making the call to request_token [4] (server-to-server), you can pass > &oauth_callback=[url here] > - The response from request_token will contain oauth_callback_confirmed=true > to confirm we received it. > - The user will be sent to twitter.com as usual > - When the user is finished they will be redirected to the URL provided in > the first step along with a new parameter, oauth_verifier [1] > - The call to access_token [5] to exchange the request token for an access > token MUST contain the oauth_verifier parameter as sent in the redirect. > - If you want to use your pre-configured callback, then do not include a > oauth_callback parameter. > - If you want to force the PIN-based solution, send oauth_callback=oob with > your request to oauth/authenticate > > Additionally, as a couple developers have already noticed, we deployed the > code that implemented PINs for desktop apps originally mentioned by Matt. > Please review the linked documentation [2] and discussion [5] and let us > know what questions you have. > > If you find that your browser-based OAuth application is returning a PIN as > if it were a desktop app, then remove the oauth_callback=oob parameter from > your signature, if it exists. > > 1.http://blog.luckycal.com/?p=121 > 2.http://apiwiki.twitter.com/Authentication > 3.http://apiwiki.twitter.com/Twitter-REST-API-Method%3A-oauth-request_t... > 4.http://apiwiki.twitter.com/Twitter-REST-API-Method%3A-oauth-access_token > 5.http://groups.google.com/group/twitter-development-talk/browse_frm/th... > > Thanks, > Doug
