Thanks Thomas... I did look at TwitterVB as a possible way to find the
answer to this particular function call... but the API says it doesn't
yet cover account/updateprofileimage...

Thanks

Simon

On Oct 19, 3:39 pm, Thomas Hübner <thueb...@gmx.de> wrote:
> You can use TwitterVB which covers nearly the complete API in .NET
> (OAuth included). U find it on codeplexhttp://twittervb.codeplex.com/
>
> Cheers,
> Thomas
>
> Nicholas Granado schrieb:
>
> > Simon,
>
> > You would sign the request with all of the usual "oauth param"
> > suspects.  If I recall correctly this endpoint has no other params other
> > than the 'image' param in the multi-part post body whose value would be
> > the bytes of the image file.  Typically I've only seen the post params
> > passed into the oauth signing rigmarole when the post body is urlencoded.
>
> > I hope this helps, this whole OAuth thing can be very confusing at first
> > glance.  If you are in C# I have my own lib for twitter basic auth/oauth
> > that I've baked up, if you like I could pass you the bits.
>
> > Nicholas
> > ---
> > Nicholas Granado
> > email:  ngran...@gmail.com <mailto:ngran...@gmail.com>
> > twitter: heatxsink
> > web:    http://nickgranado.com
>
> > On Mon, Oct 19, 2009 at 6:38 AM, Zaudio <si...@z-audio.co.uk
> > <mailto:si...@z-audio.co.uk>> wrote:
>
> >     Nicholas,
> >     That's great feedback!
>
> >     In you opinion, how do I then sign the request? Do I use all the usual
> >     for the signaturebase... ie postmethod&url&nonce&etc etc
> >     or just postmethod&url& as David suggested?
>
> >     I trust that the image data does not come into the signing process,
> >     and that I still can post the data using iso-8859-1 encoding as I
> >     would normally do for uploading files?
>
> >     If you have these answers, then I should be able to nail this for
> >     our .net case.Oauth's been working great for us until this hitch...
>
> >     Thanks
>
> >     Simon
>
> >     On Oct 18, 6:11 pm, Nicholas Granado <ngran...@gmail.com
> >     <mailto:ngran...@gmail.com>> wrote:
> >     > Simon,
>
> >     > I believe the body of your post might be incorrect. It should look
> >     like
> >     > this:
>
> >     > POST /account/update_profile_image.xml HTTP/1.1
> >     > Content-Type: multipart/form-data;
> >     > boundary=----------------------------8cbed79c91b24f3
> >     > Host: twitter.com <http://twitter.com>
> >     > Content-Length: 3863(this will probably change now..)
>
> >     > ------------------------------8cbed79c91b24f3
> >     > Content-Disposition: form-data; name="image"; filename="test.jpg"
> >     > Content-Type: image/jpeg
>
> >     > (there's a few K of binary data here, the contents of the file)
> >     > ------------------------------8cbed79c91b24f3
>
> >     > The rest of the OAuth variables should be passed on the query string.
>
> >     > I hope this helps.
>
> >     > Cheers,
> >     > Nicholas
> >     > ---
> >     > Nicholas Granado
> >     > email:  ngran...@gmail.com <mailto:ngran...@gmail.com>
> >     > twitter: heatxsink
> >     > web:    http://nickgranado.com
>
> >     > On Sun, Oct 18, 2009 at 2:42 PM, Zaudio <si...@z-audio.co.uk
> >     <mailto:si...@z-audio.co.uk>> wrote:
>
> >     > > Hi David,
>
> >     > > I found your excellent post hoping that it would solve the same
> >     > > challenge for my app: updating profile image via Oauth... using
> >     > > similar .net base to yourself...
> >     > > BUT I just get the 401 all the time... despite taking your advice to
> >     > > just sign with the HTTPmethod & URL.... My post data is laid out
> >     much
> >     > > like yours... though I never got that 500 error...
>
> >     > > I've tried all sorts... dropping the & off the end.... different
> >     > > encodings...
>
> >     > > What encoding did you use to encode your image, and then to post the
> >     > > request?
>
> >     > > Does it still work for you... or did this get broken when Twitter
> >     > > 'fixed' their Oauth implementation?
>
> >     > > Can anyone else advise if they have got this working and where I
> >     might
> >     > > be going wrong?
>
> >     > > Thanks
>
> >     > > Simon (Zaudio)
>
> >     > > On Aug 19, 11:40 pm, David Carson <carson63...@gmail.com
> >     <mailto:carson63...@gmail.com>> wrote:
> >     > > > Got this sorted out and working, and thought I should share
> >     the two
> >     > > > pitfalls which were causing me problems.
>
> >     > > > First of all, unbelievably, the 500 Internal Server Error was
> >     being
> >     > > > caused by an extra carriage return between my last HTTP header
> >     and the
> >     > > > first multipart boundary. Seriously. I had two blank lines in
> >     there
> >     > > > instead of one. Removed the extra carriage return, and my 500
> >     > > > vanished, being replaced by a more reasonable "(401)
> >     Unauthorized -
> >     > > > Incorrect signature" error.
>
> >     > > > Secondly, the OAuth documentation seems a bit shaky when it
> >     comes to
> >     > > > multipart/form-data POSTs. But basically, you do NOT use any
> >     of the
> >     > > > POST parameters when creating your signature. And this
> >     includes all of
> >     > > > the OAuth-specific parameters like oauth_consumer_key,
> >     > > > oauth_signature_method, etc. Bit of a security hole imho, OAuth
> >     > > > implements all this complexity to avoid man-in-the-middle or
> >     replay
> >     > > > attacks, and as soon as you do a multipart POST it's all negated.
>
> >     > > > So, my signature base was literally:
>
> >     POST&http%3A%2F%2Ftwitter.com%2Faccount%2Fupdate_profile_image.xml&
>
> >     > > > Just the HTTP method and the URL. No parameters.
>
> >     > > > Once I made that change to the signature generation, my
> >     request went
> >     > > > through fine and my avatar changed.
>
> >     > > > Hope this helps someone!
>
> >     > > > Cheers,
> >     > > > David...
>
>
>
>  signature.asc
> < 1KViewDownload

Reply via email to