It looks like you're trying to actually include the OAuth
Authorization header in your POST body, which isn't the way you want
to do it.  Instead, you should be using the Authorization HTTP header
to transmit this info (see http://oauth.net/core/1.0a#anchor46).  To
make things extra weird, in one case you do have an Authorization
header set, but it's basic auth.

   ---Mark

On Thu, Nov 26, 2009 at 6:47 PM, Wilfred yau <wld991...@gmail.com> wrote:
> I have already solve the special char problem because encoding in
> Flex.
> but I still find that when I call _method= DELETE in List API, I still
> get 401 Unauthorized from api.twitter.com.
>
> On Nov 25, 11:09 am, Wilfred yau <wld991...@gmail.com> wrote:
>> I am using OAuth to accessListAPI, but I find that if the request
>> URL contain some char like "_", "(", then twitter will return  401
>> Unauthorized.
>>
>> Does anyone know what is the problem??
>>
>> and this is my request:
>>
>> *Request URL:
>>
>> http://api.twitter.com/1/wilfred_yau/yedsrc/members.xml
>>
>> *Request header:
>>
>> Host:api.twitter.com
>> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:
>> 1.9.2b3) Gecko/20091115 Firefox/3.6b3 GTB6
>> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/
>> *;q=0.8
>> Accept-Language: en-us,en;q=0.5
>> Accept-Encoding: gzip,deflate
>> Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
>> Keep-Alive: 115
>> Connection: keep-alive
>> Cookie: __utma=43838368.448377351.1258538849.1259115844.1259117264.22;
>> __utmz=43838368.1258703218.9.4.utmcsr=google|utmccn=(organic)|
>> utmcmd=organic|utmctr=gmasbaby; __utmv=43838368.lang%3A%20en;
>> __qca=P0-1731751766-1258598366235; __utmb=43838368.8.10.1259117264;
>> _twitter_sess=BAh7DDoTcGFzc3dvcmRfdG9rZW4iLWYxZDlkMzA5OWExZTMxMDIzZTlmMGJj
>> %250AOWM1YzllYzAyYTVjOWU2NGM6DGNzcmZfaWQiJTU4MTVlMjgzNWUyNGNhYThh
>> %250ANjE1YzdjOWU4MTE5MGJjOhF0cmFuc19wcm9tcHQwOgl1c2VyaQQ5oOgDOg5y
>> %250AZXR1cm5fdG8iJGh0dHA6Ly90d2l0dGVyLmNvbS9zb2Z0cGVkaWFtYWM6B2lk
>> %250AIiU0Y2JmMWJmNjc0YzJmOTlhZGZjMTA1MzE3NzI3ZGUwNiIKZmxhc2hJQzon
>> %250AQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7%250AAA
>> %253D%253D--3573176707558a7f9cd9653e6a60c073c94e91f5; __utmc=43838368
>>
>> *Post Data:
>> Content-type: application/x-www-form-urlencoded
>> Content-length: 300
>>
>> oauth%5Fconsumer%5Fkey=WiW3RrjmAhPvWvTn6oPLA&id=66626470&oauth
>> %5Ftoken=65577017%2DK65DjHAcUbYOEJW5XMVnVuAkRy8fDnNnVGRZDOSAQ&oauth
>> %5Ftimestamp=1259118273&oauth%5Fsignature=zaA0CbWpls3lowiWG0yHCZig%2B2M
>> %3D&oauth%5Fversion=1%2E0&oauth%5Fsignature%5Fmethod=HMAC%2DSHA1&
>> %5Fmethod=DELETE&oauth%5Fnonce=2875
>>
>> Also, I got same problem in set status using OAuth :
>>
>> *Request URL:
>>
>> http://twitter.com/statuses/update.xml
>>
>> *Request header:
>>
>> Host: twitter.com
>> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:
>> 1.9.2b3) Gecko/20091115 Firefox/3.6b3 GTB6
>> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/
>> *;q=0.8
>> Accept-Language: en-us,en;q=0.5
>> Accept-Encoding: gzip,deflate
>> Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
>> Keep-Alive: 115
>> Connection: keep-alive
>> Cookie: __utma=43838368.448377351.1258538849.1259115844.1259117264.22;
>> __utmz=43838368.1258703218.9.4.utmcsr=google|utmccn=(organic)|
>> utmcmd=organic|utmctr=gmasbaby; __utmv=43838368.lang%3A%20en;
>> __qca=P0-1731751766-1258598366235; __utmb=43838368.8.10.1259117264;
>> _twitter_sess=BAh7DDoTcGFzc3dvcmRfdG9rZW4iLWYxZDlkMzA5OWExZTMxMDIzZTlmMGJj
>> %250AOWM1YzllYzAyYTVjOWU2NGM6DGNzcmZfaWQiJTU4MTVlMjgzNWUyNGNhYThh
>> %250ANjE1YzdjOWU4MTE5MGJjOgl1c2VyaQQ5oOgDOhF0cmFuc19wcm9tcHQwIgpm
>> %250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG
>> %250AOgpAdXNlZHsAOgdpZCIlNGNiZjFiZjY3NGMyZjk5YWRmYzEwNTMxNzcyN2Rl
>> %250AMDY6DnJldHVybl90byIkaHR0cDovL3R3aXR0ZXIuY29tL3NvZnRwZWRpYW1h
>> %250AYw%253D%253D--dfa30d93e80be97e1404abbb466f2c6191816d69;
>> __utmc=43838368
>> Authorization: Basic Z21hc2JhYnk6eW95b2JhYnk=
>>
>> *Post Data:
>>
>> Content-type: application/x-www-form-urlencoded
>> Content-length: 303
>>
>> oauth%5Fnonce=4280&oauth%5Fsignature%5Fmethod=HMAC%2DSHA1&oauth
>> %5Ftimestamp=1259117789&status=%40vincenthpchan%20%28O%3A&oauth
>> %5Fversion=1%2E0&oauth%5Fconsumer%5Fkey=WiW3RrjmAhPvWvTn6oPLA&oauth
>> %5Fsignature=dZ0OBySJzAZsdhwUKvK9zaIamE4%3D&oauth
>> %5Ftoken=65577017%2DK65DjHAcUbYOEJW5XMVnVuAkRy8fDnNnVGRZDOSAQ
>>
>> I wonder it is the problem about oauth_signature, but I don't what
>> wrong with it.
>> Thanks you very much ;-)
>

Reply via email to