No, my nonce is definately new every time. Surely if there was
something wrong with the way it was being generated it would error
during requestToken/accessToken/VerifyCredentials too?? All the code
ive looked through is doing it exactly the same way. Is the 'status'
parameter being used just like all the oauth parameters? is an
'invalid nonce' error, definately an invalid nonce or could it be to
do with the timestamp and timezones. Clutching at straws here...

On Aug 11, 3:12 am, Chris Babcock <cbabc...@asciiking.com> wrote:
> On Mon, 10 Aug 2009 04:14:43 -0700 (PDT)
>
> graceawalker <grace_blo...@hotmail.com> wrote:
> > I am calling and getting the whole way up to getting the access token
> > just fine in my app (one im writing myself in c#), but when i try and
> > call the update status URL im getting an 'Invalid/used nonce' error in
> > my response data. Im not sure why this is, im calling the update
> > method in the exact same way that i called request token apart from
> > the new 'status' parameter in the query string. I call 'verify
> > credentials' with my access token to ensure that it is working and it
> > sends me back all of the correct data, but it is erroring when trying
> > to update my status. Is there any obvious solution to this, or am i
> > not supposed to be signing and organising the parameters in the same
> > way that i did before? Im really stuck here guys and need help!
>
> Right, the nonce is a "number used once". Its purpose is to prevent
> replay attacks. If you use the same nonce for more than one call to the
> API then you *should* be getting an error.
>
> Chris

Reply via email to