No. According to the oauth spec, your signature key is always "consumer_secret&token_secret", even if token_secret is empty, so when you first call request_token, your key will be "consumer_secret&"
On Thu, Jul 9, 2009 at 21:24, Blaine Garrett <bla...@blainegarrett.com>wrote: > > Hi, > > Thanks for the quick reply Matt. Below is a recap of the setup with a > bit more clarity as well as the keys, url, and pre-encoded data. > Hopefully this sheds some light on the issue. I also tried the PHP lib > someone recommended with the same results - i.e 401 error. So again, I > am thinking it is something external to the Django setup - be it on > either end of the requests. > > Thanks again! > Blaine > > > ---- > > 1. Url I am trying to call the twitter API: > http://articulture.blainegarrett.com/signin/ > > 2. View Code being called: > [python_code] > def signin(request): > from acsite.people import oauthtwitter > import acsite.settings as settings > > # Step 1: Create an anonymous twitter oauth consumer > oauth_consumer = oauthtwitter.OAuthApi('Vx43QEmSCP1whLq1OSPg', > 'MY_SECRET_KEY') # Blaine's Personal Dev Site keys > > # Step 2: Fetch Request Token From Twitter > request_token = oauth_consumer.getRequestToken() # In here I get > the 401 error > raise Exception(request_token) # Never gets here > [/python_code] > > 3: I installed fresh copies: > python-twitter : http://code.google.com/p/python-twitter/ > oauth-python-twitter<http://code.google.com/p/python-twitter/%0Aoauth-python-twitter>: > http://code.google.com/p/oauth-python-twitter/ > oauth : http://oauth.googlecode.com/svn/code/python/oauth/oauth.py > > In the oauth.py, I changed the line 36: > SIGNATURE_METHOD = 'HMAC-SHA1' > > 4. With no other changes, I get: the urllib2 exception: HTTPError at / > signin/ "HTTP Error 401: Unauthorized" > 5. When I wrap the url opener code in oauthtwitter.py on approx line > 102 in: > try: > url_data = opener.open(url).read() > except urllib2.HTTPError, e: > raise Exception('GET REQUEST VERSION : Unable to connect to the > oAuth Service. Code: %s - Url: %s : Content - %s' % (e.code, e.url, > e.msg)) > > I get the exception: > GET REQUEST VERSION: Unable to connect to the oAuth Service. Code: > 401 - Url: > > https://twitter.com/oauth/request_token?oauth_nonce=51064775&oauth_timestamp=1247173406&oauth_consumer_key=Vx43QEmSCP1whLq1OSPg&oauth_signature_method=HMAC-SHA1&oauth_version=1.0&oauth_signature=4RiqJL0ZpHux77GKZku9FVeyhA8%3D > : Content - Unauthorized > > 6. Trying again with a new request, adding an exception of the key,raw > returned from build_signature_base_string in build_signature in > oauth.py line 563, I get: > key="MY_SECRET_KEY&", "raw: GET&https%3A%2F%2Ftwitter.com%2Foauth > %2Frequest_token&oauth_consumer_key%3DVx43QEmSCP1whLq1OSPg > %26oauth_nonce%3D59181510%26oauth_signature_method%3DHMAC- > SHA1%26oauth_timestamp%3D1247173659%26oauth_version%3D1.0" > > Note trailing ampersand on the key returned. Could this be a query > string artifact? > > > > On Jul 6, 10:59 am, Matt Sanford <m...@twitter.com> wrote: > > Hi Blaine, > > > > Failing the validate the signature when getting a request token > > is pretty rare. As you said the fact this all works from other > > libraries seems to point to a library issue. The most helpful things > > to see in these cases are: > > > > • The actual HTTP request and response that fails. By seeing the URL > > requested I can try and recreate the signature and find the mismatch. > > • The "signature base string" used to create the oauth_signature > > parameter. This usually requires adding some print statements to the > > oauth library you're using but can be really helpful. > > > > If you can send the HTTP request and response (headers and > > bodies) that will be a good start. If you're not sure how to get them > > from your library I recommend using a debugging proxy like Charles [1]. > > > > Thanks; > > – Matt Sanford / @mzsanford > > Twitter Dev > > > > [1] -http://www.charlesproxy.com/ > > > > On Jul 3, 2009, at 2:10 PM, Blaine Garrett wrote: > > > > > > > > > Hi, > > > > > I get the 401:Unauthorized Error every time I attempt to get a request > > > token. When I attempt to go to the URL directly in the browser (not > > > yet accessed to preserve nonce) I get a body of "Failed to validate > > > oauth signature and token". > > > > > I am using the Leah's oauth client listed athttp://oauth.net/code > > > as well as the python-twitter (0.7-devel) and oauth-python-twitter > > > (v0.1) > > > > > I was able to get these same libraries to work on a different project > > > but not on the current one I am working on. > > > I have refreshed my tokens numerous times and also tried the working > > > ones from the other project. I also tried the tokens from this project > > > on the other project that was working and that WORKED. > > > > > As such, I am guessing it is an issue with my setup or some other lib > > > I am working with. > > > Both projects however have Python Versions 2.5.2 and should otherwise > > > be the same setups. > > > > > Domain the project is on ishttp://articulture.blainegarrett.comif > > > the matters for some odd reason. > > > > > Any thoughts? > > > > > Here is the code I am using to call the libs if it helps: > > > oauth_consumer = oauthtwitter.OAuthApi(consumer_token, > > > consumer_secret) > > > request_token = oauth_consumer.getRequestToken() # httplib exception > > > bubbles from within here > > > authorization_url = oauth_consumer.getAuthorizationURL(request_token) > > > > > Thank you! > > > ~Blaine > > > > > -- > > > Blaine Garrett > > > gchat : bla...@jrcorps.com > > > aim: zombiediv > > > y!: zombiediv > > > > -- Internets. Serious business.
