- its pretty well written, and could be ported relatively easily.
The OAuth spec has an example. However it's included as an appendix,
so it's not really highlighted
This is an example of a string to encode
Getting everything ordered, the right things URL encoded and then
concatenated is tedious but it's all pretty straightforward. There
wouldn't be impossible.
Classic ASP? You may in for a rough road.
It not just an encoded URL. You have to generate a signature for the
URL using some algorithms that may not be easily implemented in ASP.
I'm not saying it's impossible.
Why classic ASP?
I've found a test site that gives feedback to what the error is
My error is that the signature is incorrect. What must the string
like that needs to be signed? I've tested my script and I know it
encodes correctly if you give it the right information.
Can someone please post a copy of the string that is sent to be
Are you sure there isn't already an OAuth library out there that
work for you? What language are you developing in?
Thank you for the help. I'm still trying to get the first part to
1. The first step in the process, you will make a GET request
"http://twitter.com/oauth/request_token". In this request,
you will need
the following parameters in this specific order:
What string do I sign?
The whole URL?
When do I UTF-8 encode? Before signing or after signing?
Same with the posting? What do i post and when do I UTF-8 encode?
The signature has to go last. That's one mistake that most
You are suppose to put the parameters in order EXCEPT the
parameter. The signature parameter is created by using the
parameters, then it's appended to the end of the query string.
The OAuth signature is generated.
I made a blog post where I tried to explain it a little better
documentation does. It's for .Net for the desktop, but the
process is the
same for any language, and only slightly different for web
I am trying to get my head around the Twitter oauth flow.
The twitter documentation links to oauth.net for parameters,
are general and not well documented.
Is the first step to usehttp://twitter.com/oauth/request_token?
1. I created the following URL:
When I put this in a browser to test it, I get the following
Failed to validate oauth signature and token
1. What is wrong with the string?
- Is the oauth_signature just your Consumer secret string?
- Do I have to use oauth_signature_method and what method
do I use.
If it is sha1, what string do I hash? The whole URL?
Do I POST the data tohttp://twitter.com/oauth/request_tokenorGETor
Andre F Bruton
Twitter Platform Team
ra...@twitter.com | @raffi