Long story short - my code was calling back to another machine which was
doing some access_key stuff in the background before failing. (where i was
then changing the callback url to my dev server.

Embarrassing. :)

2009/12/9 David P. Novakovic <davidnovako...@gmail.com>

> Here is some debug output, one request works, the other doesn't:
>
> send: 'GET
> https://twitter.com/oauth/access_token?oauth_nonce=97617413&oauth_timestamp=1260356596&oauth_signature_method=HMAC-SHA1&oauth_consumer_key=qnSbZSfRd07YGMA7r4Ryeg&oauth_verifier=aY9IfxsldrPOXo9p5wf9q06Kd309AQTXdH0CjRtHrB8&oauth_version=1.0&oauth_token=4wDRSCOReIYQDxQn2qoLJFd2L1TIFfubtAiVjj6LJls&oauth_signature=vdDpwAmsJjT6PLdOs9xDByeJ6I4%3DHTTP/1.1\r\n
> Host: twitter.com\r\nAccept-Encoding: identity\r\n\r\n'
> reply: 'HTTP/1.1 401 Unauthorized\r\n'
>
>
> send: 'GET
> https://twitter.com/oauth/access_token?oauth_nonce=31090281&oauth_timestamp=1260356458&oauth_signature_method=HMAC-SHA1&oauth_consumer_key=qnSbZSfRd07YGMA7r4Ryeg&oauth_verifier=lBUMe20PVNYdIJF5C7dMZr9yILbBOzEo3ztRf7ZE&oauth_version=1.0&oauth_token=zv8mkQtZM71wQOLwhrLUkWqoHgpbAq9sh8I8noQz9K4&oauth_signature=zkP4U0%2F5blNwGSqeQ3EKiaaACjA%3DHTTP/1.1\r\n
> Host: twitter.com\r\nAccept-Encoding: identity\r\n\r\n'
> reply: 'HTTP/1.1 200 OK\r\n'
>
> On Wed, Dec 9, 2009 at 8:26 PM, David Novakovic 
> <davidnovako...@gmail.com>wrote:
>
>> Hey, I'm getting expired/invalid token when trying to exchange for an
>> access token.
>>
>> The nonce and timestamp I send to request_token are as follows:
>> oauth_nonce=47182638
>> oauth_timestamp=1260353394
>>
>> As can be seen the token can't have expired because it is only a few
>> second afterwards that i request the access token:
>>
>> <?xml version="1.0" encoding="UTF-8"?>
>> <hash>
>>  <request>/oauth/access_token?
>>
>> oauth_nonce=69429708&amp;oauth_timestamp=1260353414&amp;oauth_signature_method=HMAC-
>>
>> SHA1&amp;oauth_consumer_key=qnSbZSfRd07YGMA7r4Ryeg&amp;oauth_verifier=vNbCkCtVvDSeCmO69OdHck3GyCLMK5bgJ7ChUy9fTpg&amp;oauth_version=1.0&amp;oauth_token=Ff7mXXp55BVbPJYqCaiIa84oxpXODOt4wEURbfzCw&amp;oauth_signature=4y4lDhUa20O2ahmt
>> %2B1HA8ZKMB88%3D</request>
>>  <error>Invalid / expired Token</error>
>> </hash>
>>
>> I'm sending a GET request.. so my Authorization header value is ->
>> OAuth realm=""  I think that is right?
>>
>> Thanks for any help anyone!
>>
>>
>

Reply via email to