Ok this is very weird.  The only explanation I can think of would be a
copy/paste bug over instant messenger involving the token.  Somehow a
character was lost.  After re-verifying the token was correct it
works.

On Sep 22, 9:14 pm, adam <duffy.a...@gmail.com> wrote:
> Hi JDG,
>
> Thanks for the suggestion, I just tried that and got the same
> response.  As I said though, the strange thing is that the same oauth
> values in php generates a nearly identical http request but it works.
> There should be no difference in what language is used so I am
> confused there.
>
> Chad,
>
> I posted the entire request in the OP above, here is the response I
> get:
>
> HTTP/1.1 401 Unauthorized
> Date: Wed, 23 Sep 2009 02:00:26 GMT
> Server: hi
> WWW-Authenticate: Basic realm="Twitter API"
> Status: 401 Unauthorized
> Content-Type: application/xml; charset=utf-8
> Content-Length: 137
> Cache-Control: no-cache, max-age=1800
> Set-Cookie: [removed]
> Expires: Wed, 23 Sep 2009 02:30:26 GMT
> Vary: Accept-Encoding
> Connection: close
>
> <?xml version="1.0" encoding="UTF-8"?>
> <hash>
>   <request>/statuses/update.xml</request>
>   <error>Invalid /expiredToken</error>
> </hash>
>
> On Sep 22, 8:15 pm, JDG <ghil...@gmail.com> wrote:
>
>
>
> >http://oauth.net/core/1.0a#auth_header
>
> > According to the OAuth spec, values in the Authorization header:
>
> > For each parameter, the name is immediately followed by an '=' character
> > (ASCII code 61), a '"' character (ASCII code 34), the parameter value (MAY
> > be empty), and another '"' character (ASCII code 34).
>
> > You need to quote your parameter values.
>
> > On Tue, Sep 22, 2009 at 17:42, Chad Etzel <c...@twitter.com> wrote:
>
> > > Please include both HTTP request/response headers+body. This will aid
> > > in debugging the call.
>
> > > Thanks,
> > > -Chad
>
> > > On Tue, Sep 22, 2009 at 7:14 PM, adam <duffy.a...@gmail.com> wrote:
>
> > > > Hi Everyone,
>
> > > > I am trying to update from basic auth to oauth.  basic auth works fine
> > > > but my oauth returns error 401 invalid/expiredtoken.  I know mytoken
> > > > is valid and the time on my computer is correct.  A co-worker was able
> > > > to get the call working in php using the sametokenand key.  our base
> > > > strings are the same and our http request is the same (with the
> > > > expected variances such as timestamp and nonce), his works and mine
> > > > does not.  I created my own oauth code in c# and it is working fine
> > > > for six other oauth sites.
>
> > > > Here is the http request:
>
> > > > POST /statuses/update.xml HTTP/1.1
> > > > Content-Type: application/x-www-form-urlencoded
> > > > Authorization: OAuth
> > > > realm=www.oauth.net,oauth_version=1.0,oauth_consumer_key=
>
> > > [removed],oauth_nonce=78bd034fd09ceda17a925471cfbeb108,oauth_signature=Ndjq­­BzI21XmC6p88ExGT9Lcy6No
> > > > %3D,oauth_signature_method=HMAC-
> > > > SHA1,oauth_timestamp=1253660116,oauth_token=[removed]
> > > > Host: twitter.com
> > > > Content-Length: 11
> > > > Connection: Close
>
> > > > status=test
>
> > --
> > Internets. Serious business.- Hide quoted text -
>
> > - Show quoted text -- Hide quoted text -
>
> - Show quoted text -

Reply via email to