RRR -----Original Message----- From: João Pereira <[email protected]>
Date: Wed, 17 Jun 2009 00:01:56 To: <[email protected]> Subject: [twitter-dev] Re: OAuth issue I used this: accessToken = twitter.getOAuthAccessToken( preAuthorizedTwitterAccount.getOAuthToken(), preAuthorizedTwitterAccount.getOAuthTokenSecret(), pinCode); twitter.setOAuthAccessToken(accessToken); twitterUser = twitter.verifyCredentials(); On Tue, Jun 16, 2009 at 11:39 PM, JDG <[email protected]> wrote: > As a corollary to this, are there any downloadable code examples out there > that implement the pin-based OAuth now? Everything I've found seems to be > failing on the lack of PIN support, and I'd like to be able to trace what's > going on through wireshark to debug this myself. Thanks! > > On Mon, Jun 15, 2009 at 22:11, JDG <[email protected]> wrote: > >> Howdy all, >> >> Thanks to all your help, I was able to get my token methods working. >> However, now that I've tried to set up my client to post its first message, >> I'm getting a 401 again. Here's the TCP trace from Wireshark: >> >> POST /statuses/update.xml HTTP/1.1 >> Authorization: OAuth >> realm="OAuth",oauth_consumer_key="9CCTnLpstYI8RIxGE7yhQ",oauth_nonce="LDhXkR",oauth_timestamp="1245124830",oauth_verifier="115975",oauth_signature="W7XmRZBaLA4AIhbhGwPYkFPJnOY%3D",oauth_token="47493262-GOzBr4mQt6u5xp4S40Rvj8jQnU3TIhVw66NSOhNlF",oauth_signature_method="HMAC-SHA1",oauth_version="1.0a" >> User-Agent: Java/1.5.0 >> Host: twitter.com >> Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 >> Connection: keep-alive >> Content-type: application/x-www-form-urlencoded >> Content-Length: 69 >> >> status=This%20is%20my%20first%20twimblr%20test%20EVER%201245124830500 >> >> HTTP/1.1 401 Unauthorized >> Date: Tue, 16 Jun 2009 04:00:37 GMT >> Server: hi >> Status: 401 Unauthorized >> Cache-Control: no-cache, max-age=300 >> Content-Type: text/html; charset=utf-8 >> Content-Length: 43 >> Set-Cookie: >>_twitter_sess=BAh7BiIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo%250ASGFzaHsABjoKQHVzZWR7AA%253D%253D--1164b91ac812d853b877e93ddb612b7471bebc74; >> domain=.twitter.com; path=/ >> Expires: Tue, 16 Jun 2009 04:05:37 GMT >> Vary: Accept-Encoding >> Connection: close >> >> Failed to validate oauth signature or token >> >> *(note: there are no bytes, endline or anything, after the "status" >> variable) >> >> *Here's my Signature Base String: * >> POST&http%3A%2F%2Ftwitter.com%2Fstatuses%2Fupdate.xml&oauth_consumer_key%3D9CCTnLpstYI8RIxGE7yhQ%26oauth_nonce%3DLDhXkR%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1245124830%26oauth_token%3D47493262-GOzBr4mQt6u5xp4S40Rvj8jQnU3TIhVw66NSOhNlF%26oauth_verifier%3D115975%26oauth_version%3D1.0a%26status%3DThis%20is%20my%20first%20twimblr%20test%20EVER%201245124830500 >> >> *My question(s) for you: >> >> 0. Does anyone see anything blatantly wrong (I suppose a yes to this would >> obviate answering any of the next questions)? >> 1. Should I be including the oauth_verifier in the signature base string >> and OAuth header? I've tried it with and without, and seem to get the 401 >> either way. >> 2. Should the "status" variable be included in the OAuth header? The way >> I'm reading the spec, I don't think so, but I wanted to confirm. >> 3. Should the "status" line in the POST request be encoded per the OAuth >> spec or via URL encoding (that is, should spaces be encoded as "+" or >> "%20")? >> >> Thanks! >> >> -- >> Internets. Serious business. >> > > > > -- > Internets. Serious business. > -- João Miguel Pereira http://jpereira.eu LinkedIn: http://www.linkedin.com/in/joaomiguelpereira [email protected] (351) 96 275 68 58
