Well, Hi again Matt.
Basically, it is hard to describe exactly what my app is doing because
it is using third party code.
Firstly, this is the URL I am trying to access;
url = "http://twitter.com/statuses/show/123.xml";
Then, here are the URL's for authentication that my API uses;
Public Const REQUEST_TOKEN As String = "http://twitter.com/oauth/
request_token"
Public Const AUTHORISE As String = "http://twitter.com/oauth/
authorize"
Public Const ACCESS_TOKEN As String = "http://twitter.com/oauth/
access_token"
I am using the C# Base Class with a VB.NET adapted C# Class to
interface with the C# Base Class for OAuth.
That is basically everything!
It generates a URL too. BUT - I just tried something:
I added http://<MY USERNAME>:<MY PASSWORD>@twitter.com/etc...
To the URL that asks for the Login Prompt and also changed the Nonce.
I get a blank page then! Haha.
You see - when I clicked CANCEL on the Login prompt - I would get the
following output;
<hash>
<request>/oauth/access_token?
oauth_version=1.0&oauth_nonce=9995405&oauth_timestamp=1245956104&oauth_signature_method=HMAC-
SHA1&oauth_consumer_key=CgZiTeNqGk2c0eZSdb9qg&oauth_signature=DaoiZKL5EMak1RyvTsGzYhlKe7Y
%3d</request>
<error>Invalid / used nonce</error>
</hash>
You see - the Nonces have been used for some reason? I changed the
nonce from the original 6545405 to 9995405 and when I updated with a
new nonce I got the blank page. When I tried to access the source code
for you - I got the Login prompt again with the expired nonce.
SO
It seems the problem lies somewhere with updateing the nonces for each
request? AND/OR Supplying Login Credentials?
Perhaps this is what the 401 : Unauthorised error message from Visual
Studio means during a Web Request?
I will keep tinkering with the code by firstly adding my Twitter
Username and Password to the URL as above - but also try updateing the
nonce?
Any ideas on how to do this? I have posted my code in the initial
post.
On Jun 25, 7:41 pm, Matt Sanford <[email protected]> wrote:
> Hello again,
>
> The access token URL [1] should be accessed by your application
> to exchange a request token for an access token, not from a browser.
> You're seeing a login dialog because that is what browsers do with
> HTTP 401 (Unauthorized). Your description has been a bit confusing,
> is this the problem (excluding this browser thing):
>
> 1. Application gets a request token
> 2. Redirect the user to twitter.com/oauth/authorize … user clicks
> through to accept
> 3. User returns to your site
> 4. Your site called twitter.com/oauth/access_token
> 5. BOOM: twitter.com/oauth/access_token returns 401
>
> Is that the flow? If so, the body of the 401 would be most
> helpful. If that is not the flow, please try and describe what you are
> doing so I can try and reproduce the error and look for bugs on our
> side.
>
> Thanks;
> – Matt Sanford / @mzsanford
> Twitter Dev
>
> [1] -http://twitter.com/oauth/access_token
>
> On Jun 25, 2009, at 11:33 AM, Obrzut wrote:
>
>
>
>
>
> > I have read that document. Like I said in my initial post - I have
> > read the tutorials and FAQs.
>
> > Furthermore - I have converted a C# Class that utilises OAuth C# Base
> > Class to VB.NET without a hitch.
>
> > It works just fine - the only problem is that it is reaching a Login
> > prompt that is asking for credentials that I do not have.
>
> > A. Williams - did you even read my last post? I find it highly
> > ignorant of you to refer me to the guide when I have successfully
> > authenticated the OAuth procedure.
>
> > That said, will anyone who cares to read my posts reply with some
> > thing that is relevant and makes sense?
>
> > I have given all the URL's needed - the parameters I am passing to
> > Twitters oauth page - and I am getting a LOGIN PROMPT.
>
> > Read my previous posts for more information.
>
> > Kind regards,
>
> > Obrzut
>
> > On Jun 25, 7:23 pm, Abraham Williams <[email protected]> wrote:
> >> I would recommend readinghttp://oauth.net/documentation/getting-startedso
> >> you have a thorough
> >> understanding of how Oauth.
>
> >> On Thu, Jun 25, 2009 at 12:17, Obrzut<[email protected]> wrote:
>
> >>> WOW! Thanks! I'll try that!
>
> >>> Just a side note - I extracted the URL and ran it thru a web
> >>> browser -
> >>> then it started popping open a Username / Password box?
>
> >>> It stated;
>
> >>> The server twitter.com at Twitter API requires a username and
> >>> password.
>
> >>> What is all this about? I ask, because, my twitter username and
> >>> password do not work?
>
> >>> When I ran the URL via the web browser object in VB.NET the document
> >>> completed without any body of text. It just exited without a login
> >>> prompt. Nothing.
>
> >>> So, it seems the URL I am creating seems sound - as it created a
> >>> Login
> >>> prompt in google Chrome. But, I dunno what credentials I require for
> >>> the login prompt?
>
> >>>http://twitter.com/oauth/access_token?oauth_version=1.0&oauth_nonce=2
> >>> ...
>
> >>> This is the URL I used to access the login prompt.
>
> >>> Any pointers?
>
> >>> On Jun 25, 6:04 pm, Bojan Rajkovic <[email protected]> wrote:
> >>>> -----BEGIN PGP SIGNED MESSAGE-----
> >>>> Hash: SHA1
>
> >>>> Obrzut wrote:
> >>>>> "oauth_version
> >>>>> =1.0&oauth_nonce=5048009&oauth_timestamp=1245948327&oauth_sig
> >>>>> nature_method=HMAC-
> >>>>> SHA1
> >>>>> &oauth_consumer_key
> >>>>> =CgZiTeNqGk2c0eZSdb9qg&oauth_signature=vxFWk3JvGKdKI RYR31%2b2JC
> >>>>> %2bh30o%3d"
>
> >>>>> This is an example URL I am sending. Is there anything suspect
> >>>>> you can
> >>>>> see just by looking at it?
>
> >>>>> It really would help me out no end.
>
> >>>>> Kind regards,
>
> >>>>> Obrzut
>
> >>>> You need to apply a lexicographical byte ordering to the OAuth
> >>>> parameters--that is, sort them alphabetically.
>
> >>>> I ran into this in the beginning, and scratched my head for a while
> >>>> until I read the OAuth standard.
>
> >>>> Cheers,
>
> >>>> - --
> >>>> Bojan Rajkovic <[email protected]>
> >>>> Biochemistry '10, Brandeis University
> >>>> PGP Signature Key ID: 0x8783D016
> >>>> PGP Encryption Key ID: 0x2497B8B2
> >>>> -----BEGIN PGP SIGNATURE-----
> >>>> Version: GnuPG v1.4.9 (GNU/Linux)
> >>>> Comment: Using GnuPG with Mozilla -http://enigmail.mozdev.org
>
> >>>> iQIcBAEBAgAGBQJKQ647AAoJEO4IwQyHg9AWnVkP/2H5dQWnGSYXGGQV0YW6oswQ
> >>>> gBELIhWjHiq9lkQQbOrCUqV6hR4wycSa5hNfaW+YxQsVEuORTw1FAhiayJPRcVAH
> >>>> I8cgewOSgXG5CSbXfutPmfQFHZNdN3zgJMaS0sAwoyEik+nb/JePlUEkn7f9CPzb
> >>>> buqLAjadh0bLNdB/U2ld5FBgnAc1zQEJrGCePqfzYls3RTQm+dc6wtpzRnlKVDER
> >>>> hfsVh0E9OUZOIjEmaHsc7KUjoiATSB/j0LXrF+3x3BR/ISYkoLW0cJPQEscJVrG+
> >>>> JbtJ3Q4H1uJpDn5iF4ENhzjZa1/v45w/zliXk8MeDixLC4jtTUE54oKZsYFjhL/v
> >>>> d1BMgmgTVCJq7Qj2jJNKjD/A2nriAErh/i/42850MsF9JCnff6d2kruXccdHM8Lv
> >>>> ExttUH9k6c0U4SBVYjjv+Np4OOwWDJvwNx3mXW5mgfLsCtMKdSDD+mm4/M9MHDxR
> >>>> sHo54jlWDXGYHrbAJLtCBp02UN3FTlieQ61QYniaUJcZOuzMoKkmVn4/uHMJT7SQ
> >>>> u+DxUMYaFEpot72IOzgFmAmeToGw1GWyeBzeZnkPq5li5Y+EyUCVKH8dxSj4omM+
> >>>> qUHwvhI93cS6+mmh3L1KGsfg6uXl88xi1oP3d+k1N65nX4troGWE00VPROTbAPzk
> >>>> +UNJsrk9WkRuaif1le0b
> >>>> =M/IL
> >>>> -----END PGP SIGNATURE-----
>
> >> --
> >> Abraham Williams | Community Evangelist |http://web608.org
> >> Hacker |http://abrah.am|http://twitter.com/abraham
> >> Project |http://fireeagle.labs.poseurtech.com
> >> This email is: [ ] blogable [x] ask first [ ] private.
