The signature parameter should be the last parameter. It should not be sorted with the other parameters.
Ryan On Oct 28, 2009, at 1:14 AM, whomba <andrew.l...@gmail.com> wrote: > > Hello all. I just recently started using the twitter API and oAuth > for a site I am working on. After wrapping my head around oAuth > things seemed to be going well. Out of the 12 components of the > library i am using, 8 worked right off the bat. Unfortunately, methods > where I change the URL, then post to it seem to be breaking, resulting > an invalid signature response. I am able to successfully post a new > status, get timelines and grab direct messages, so I am fairly > confident that my oAuth lib is working > > my URL is constructed as follows (replaced the '&' with new lines for > readiblity): > [POST-ing] > http://www.twitter.com/statuses/destroy/5206890175.xml? > oauth_consumer_key=Y6AmNZPU23AOQLwCSmevQ > oauth_nonce=ret3uSMFONY > oauth_signature=QBzS8c51wJE6KuHG8XjlmrzL2Ko%3D > oauth_signature_method=HMAC-SHA1 > oauth_timestamp=1256668802 > oauth_token=83934696-9mlDot0sC1YbL2907BopkexMJwAFR8WdZojMJCmC1 > oauth_version=1.0 > > This results in the aforementioned error. Am I suppose to use a > different URL when I encode it? > > I appreciate the assistance, this is my first time working with oAuth, > and I am a still a bit fuzy.