Excellent, it works! thanks
On Thu, May 13, 2010 at 2:11 PM, John Kalucki <j...@twitter.com> wrote: > OAuth is not enabled on stream.twitter.com. You can try on > chirpstream.twitter.com. > > > On Thu, May 13, 2010 at 10:53 AM, Lucas Vickers <lucasvick...@gmail.com> > wrote: >> I am writing my own c++ based OAuth library. I know there is liboauth >> but I like to do things myself to learn. >> >> Anyhow I am trying to access http://stream.twitter.com/1/statuses/sample.xml >> and I keep getting 401. >> >> I have verified pretty much every parameter, and used the tool on >> http://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iv-signing-requests/ >> to verify my signature is correct. I used twurl to obtain the user >> access tokens to my account. >> >> After doing some reading I'm no longer convinced that the streaming >> server even supports oauth. >> >> can you fill me in on the current status of stream.twitter.com and >> oauth? >> >> thanks! >> Lucas >> >> >> >> On Apr 20, 11:02 pm, Jonathon Hill <jhill9...@gmail.com> wrote: >>> Thanks Taylor for the very detailed and helpful response! >>> >>> Jonathon >>> >>> On Apr 20, 1:17 pm, Taylor Singletary <taylorsinglet...@twitter.com> >>> wrote: >>> >>> > Hi Jonathon, >>> >>> > ForStreamingAPI access that isn't from the perspective of a user's >>> > account, you would use two-leggedOAuthto establish authentication instead >>> > of basic auth. >>> >>> > A two-leggedOAuthrequest is very similar to otherOAuthrequests: you have >>> > a specific resource you are trying to access, you have some parameters you >>> > want to pass to that resource, and you have anOAuthconsumer key andOAuth >>> > consumer secret. Which is unlike three-leggedOAuthwhere you also have >>> > oauth_tokens representing either a user/access_token or a request token in >>> > addition to the rest. >>> >>> > But the rules remain the same. You take all theOAuthparameters and the >>> > parameters you are sending to the resource, organize them, build a >>> > signature >>> > base string, then sign that with your consumer secret and send the request >>> > on to Twitter properly signed. The only difference is that there is no >>> > oauth_token and oauth_token_secret getting involved in the mix. >>> >>> > This is essentially what a two-legged request to thestreamingAPI would >>> > look like: >>> >>> > Signature Base String >>> > GET&http%3A%2F%2Fstream.twitter.com >>> > %2F1%2Fstatuses%2Fsample.json&oauth_consumer_key%3Dri8JxYK2zzwSV5xIUfNNvQ%26oauth_nonce%3DSJJqJPdaZrYuIogToapS6ueJRyWB4Rs2ox4HEbu4nW8%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1271783743%26oauth_version%3D1.0 >>> >>> > Signature >>> > Xi5jfuw2XqtU5KpNX9ZCtTptJS0= >>> >>> > Authorization Header >>> >OAuthoauth_nonce="SJJqJPdaZrYuIogToapS6ueJRyWB4Rs2ox4HEbu4nW8", >>> > oauth_signature_method="HMAC-SHA1", oauth_timestamp="1271783743", >>> > oauth_consumer_key="ri8JxYK2zzwSV5xIUfNNvQ", >>> > oauth_signature="Xi5jfuw2XqtU5KpNX9ZCtTptJS0%3D", oauth_version="1.0" >>> >>> > Taylor Singletary >>> > Developer Advocate, Twitterhttp://twitter.com/episod >>> >>> > On Tue, Apr 20, 2010 at 10:05 AM, Jonathon Hill <jhill9...@gmail.com> >>> > wrote: >>> > > One thing I meant to find out @chirp last week--what willoauthlook >>> > > like for theStreamingAPI? I'm having a hard time visualizing how >>> > > that will work. >>> >>> > > Thanks, >>> >>> > > Jonathon Hill >>> > > @compwright >>> > > Company52 >>> > >http://company52.com >>> >>> > > -- >>> > > Subscription settings: >>> > >http://groups.google.com/group/twitter-development-talk/subscribe?hl=en >> >