Sorry you're having trouble, Dossy.
Can you share the complete path you're using to fetch a request token (with
host, domain, protocol, path, and any query parameters), your signature base
string, and an authorization header if you're using header-based auth?
Developer Advocate, Twitter
On Thu, May 20, 2010 at 12:29 PM, Dossy Shiobara <do...@panoptic.com> wrote:
> On 5/20/10 3:16 PM, Taylor Singletary wrote:
> > While we have been having some performance issues that should give you
> > occasional 401s, it shouldn't be as widespread as the experience you've
> > been having.
> OK, you know, until *literally* 60 seconds ago, requests for
> http://twitter.com/oauth_clients/details/1574 were returning 502 fail
> whales. NOW, it just loaded.
> OK, who fixed it just now? What was broken?
> > When we throw a 401, we typically provide an error message within the
> > body of the response -- if you can share that it would be helpful.
> As I said in my email the other day:
> HTTP 401, "Failed to validate oauth signature and token"
> > Has anything about your environment changed?
> Sadly, no. I wish it were that simple.
> > Have you reset your consumer key or secret?
> No, and I just verified again that it still matches what is showing in
> the Twitter OAuth apps page.
> > Does this happen for all access tokens or is
> > there a specific access token that you use that is failing? Is it
> > possible that access token's access was revoked? The error message
> > provided on 401s will help shine some light on some of this.
> It's happening on the very first, and every single, /oauth/request_token
> API call.
> > One recent change we made is that if you're trying to access resources
> > that don't require authentication, but you are still providing OAuth
> > credentials and those credentials are invalid, we no longer provide the
> > data but instead properly inform you that your credentials aren't valid.
> Again, I'm not even getting as far as making a Twitter API call any
> more. The whole OAuth process is failing at the request_token endpoint.
> > Which, if any, OAuth library do you use?
> Homegrown. Has been working for over a year, and has not been modified
> the entire time.
> Dossy Shiobara | do...@panoptic.com | http://dossy.org/
> Panoptic Computer Network | http://panoptic.com/
> "He realized the fastest way to change is to laugh at your own
> folly -- then you can let go and quickly move on." (p. 70)