Three days and I still can't get this to work.  I even tried switching
over to GET instead of POST and it tells me "Failed to validate oauth
signature and token".  This is fully functional for regular oauth.
Signature Base String is:

Signature Base String: Signature Base String:
GET&https%3A%2F%2Fapi.twitter.com%2Foauth
%2Faccess_token&oauth_consumer_key%3D<CONSUMER KEY>%26oauth_nonce
%3D1267819560%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp
%3D1267819217%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth
%26x_auth_password%3D<pass>%26x_auth_username%3D<user>

I'm sending oauth parameters via the Authorization header and the
three xAuth parameters as GET parameters (?
x_auth_username=<user>&x_auth_pass=<pass>&x_auth_mode=client_auth).

It appears as though everyone who had oauth working before had an easy
transition so I'm just a little curious why mine isn't working when I
literally have only changed the URL and three parameters.  I've
verified this is going over SSL as well.

Any help is appreciated.

Thanks.
On Mar 4, 3:34 pm, Anton Krasovsky <anton.krasov...@gmail.com> wrote:
> In case if anyone's interested (though I doubt there are many
> Erlang'ers on the list),
> I just addedxAuthsupport to twerl.
>
> http://github.com/ak1394/twerl
>
> Regards,
> Anton
>
> On Wed, Mar 3, 2010 at 4:57 PM, Berto <mstbe...@gmail.com> wrote:
> > Raffi,
>
> > Can you comment on the first part of Marc's last reply?
>
> > Thanks!
>
> > On Mar 3, 9:24 am, Marc Mims <marc.m...@gmail.com> wrote:
> >> * Berto <mstbe...@gmail.com> [100303 06:42]:
>
> >> > Isn't that using a GET request versus the docs saying POST?  And I
> >> > thought parameters were supposed to be normalized except for signature
> >> > which gets attached at the end?
>
> >> Hmmm. I completely missed the fact that the documentation specifies
> >> POST.  I used GET and it worked.  When I use a POST, I get a 401.
>
> >> Doc bug?
>
> >> The order you *send* the parameters doesn't matter---the order of the
> >> base string used for generating the signature does.
>
> >> The underlying libraries I use assemble the parameters in an arbitrary
> >> order.  Generation of the signature is a separate call and builds it's
> >> own base string from a hash (associative array).
>
> >> @semifor

Reply via email to