I've been using both consumer keys to sign all of my requests from day
I still think the issue is related to URL encoding somehow, because I
can successfully post tweets if they don't contain troublesome
characters (apostrophe, for example).
But, so long as Twitter remains silent, we'll never know.
On Jul 25, 7:37 am, srikanth yaradla <srikanth.yara...@gmail.com>
> I am newbie and i need clarification for the following
> 1)OAuth 1.0 specification says "All Token requests and Protected
> Resources requests MUST be signed by theConsumer"
> But twitter doesnt seem to verify the signature for all requests. I
> found out that signing the request byconsumersecretis required only
> for generating request token and requestsecret.
> But for subsequent requestsconsumersecretis not required. ex
> requesting access tokens or any protected resource (ex fetch direct
> messages). Is this desired behavior?.
> Does twitter verify the signature at all for protected resource
> requests? (i verified with blankconsumersecretwhich means the
> request is signed only by accesssecret) Or Am i missing something?
> 2) i am planning to write a desktop application. To protect
> theconsumersecreti am trying to introduce a proxy which generates the
> request tokens/secrets, access tokens/secrets. Ifconsumersecretis
> not required for signing protected resource requests this setup would
> work fine with me.
> But the OAuth specification says you require both
> accesssecretandconsumersecretto sign the request
> Experienced devs please clarify.