That looks fine. Are you using the Consumer Secret as the key to the hash?
Ryan On Thu, Feb 18, 2010 at 9:10 AM, Berto <mstbe...@gmail.com> wrote: > GET&http%3A%2F%2Ftwitter.com%2Foauth%2Frequest_token&oauth_consumer_key > %3D8hvUTsGttoOBN2ygbDVJw%26oauth_nonce > %3D1266502068%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp > %3D1266501208%26oauth_version%3D1.0 > > On Feb 18, 8:04 am, Ryan Alford <ryanalford...@gmail.com> wrote: > > Can you post the string that you hash to create the signature? > > > > Ryan > > > > On Thu, Feb 18, 2010 at 8:42 AM, Berto <mstbe...@gmail.com> wrote: > > > Even with the URL like this: > > > > >http://twitter.com/oauth/request_token?oauth_consumer_key= > > > > <value>&oauth_nonce=1266501098&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1266500348&oauth_version=1.0&oauth_signature=eGALeAVpxt4CB%2FuHfkLq51%2FWXRk%3D > > > > > It still fails for me. I've gotta be missing something obvious. Does > > > anything need to go into my header? > > > > > On Feb 17, 9:47 pm, Ryan Alford <ryanalford...@gmail.com> wrote: > > > > You order all parameters EXCEPT the signature, then create the > signature, > > > > then append the signature to the end. All other parameters should be > in > > > > order. > > > > > > Ryan > > > > > > On Wed, Feb 17, 2010 at 6:42 PM, Berto <mstbe...@gmail.com> wrote: > > > > > I thought that was only for the signature which is in the right > > > > > order? > > > > > > > Ryan Alford wrote: > > > > > > Your querystring parameters are in the wrong order. You have the > > > > > > oauth_nonce AFTER oauth_timestamp. It needs to be before it. > The > > > > > > parameters must be in order. > > > > > > > > Ryan > > > > > > > > Sent from my DROID > > > > > > > > On Feb 17, 2010 6:18 PM, "Berto" <mstbe...@gmail.com> wrote: > > > > > > > > To answer the first email, I was doing that so I could put it in > the > > > > > > request header's authorization field to get this effect: > > > > > > > > (Taken from oauth.net) > > > > > > Authorization: OAuth realm="http://sp.example.com/", > > > > > > oauth_consumer_key="0685bd9184jfhq22", > > > > > > oauth_token="ad180jjd733klru7", > > > > > > oauth_signature_method="HMAC-SHA1", > > > > > > > oauth_signature="wOJIO9A2W5mFwDgiDvZbTSMK%2FPY%3D", > > > > > > oauth_timestamp="137131200", > > > > > > oauth_nonce="4572616e48616d6d65724c61686176", > > > > > > oauth_version="1.0" > > > > > > > > Then, I thought it might need to go into the WWW-Authenticate > field > > > as > > > > > > opposed to the Authorization field so I tried that too with no > > > > > > success. > > > > > > > > I've also just tried formatting them as GET parameters and > attaching > > > > > > them to the request URL, but that isn't working either. It would > > > look > > > > > > like: > > > > > > > >http://twitter.com/oauth/request_token?oauth_consumer_key= > > > > > > <value>&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1266440918&oauth_nonce=1266440928&oauth_version=1.0&oauth_signature=l%2BYDrTyWGpvDu3owDlVQLakzVns%3D > > > > > > > > On Feb 17, 3:52 pm, Ryan Alford <ryanalford...@gmail.com> wrote: > > > > > > > Can you post the URL with querys... > > > > > > > On Wed, Feb 17, 2010 at 4:51 PM, Ryan Alford < > > > ryanalford...@gmail.com > > > > > > >wrote: > > > > > > > > > > Why are you doing this?.... > > > > > > > > > > StringBuilder params = new StringBuilder(); > > > > > > > > ... > > > > > > > > > > On Wed, Feb 17, 2010 at 2:37 PM, Berto <mstbe...@gmail.com> > > > wrote: > > > > > > > > > >> Hey guys, > > > > > > > > > >> I'm w... >