Dossy, to echo my comment to Damon -- can you check the timestamps on your server that is issuing requests? If every call of yours is failing, it's possible that that is why.
Taylor Singletary Developer Advocate, Twitter http://twitter.com/episod On Thu, May 20, 2010 at 12:29 PM, Dossy Shiobara <do...@panoptic.com> wrote: > On 5/20/10 3:16 PM, Taylor Singletary wrote: > > While we have been having some performance issues that should give you > > occasional 401s, it shouldn't be as widespread as the experience you've > > been having. > > OK, you know, until *literally* 60 seconds ago, requests for > http://twitter.com/oauth_clients/details/1574 were returning 502 fail > whales. NOW, it just loaded. > > OK, who fixed it just now? What was broken? > > > When we throw a 401, we typically provide an error message within the > > body of the response -- if you can share that it would be helpful. > > As I said in my email the other day: > > HTTP 401, "Failed to validate oauth signature and token" > > > Has anything about your environment changed? > > Sadly, no. I wish it were that simple. > > > Have you reset your consumer key or secret? > > No, and I just verified again that it still matches what is showing in > the Twitter OAuth apps page. > > > Does this happen for all access tokens or is > > there a specific access token that you use that is failing? Is it > > possible that access token's access was revoked? The error message > > provided on 401s will help shine some light on some of this. > > It's happening on the very first, and every single, /oauth/request_token > API call. > > > One recent change we made is that if you're trying to access resources > > that don't require authentication, but you are still providing OAuth > > credentials and those credentials are invalid, we no longer provide the > > data but instead properly inform you that your credentials aren't valid. > > Again, I'm not even getting as far as making a Twitter API call any > more. The whole OAuth process is failing at the request_token endpoint. > > > Which, if any, OAuth library do you use? > > Homegrown. Has been working for over a year, and has not been modified > the entire time. > > -- > Dossy Shiobara | do...@panoptic.com | http://dossy.org/ > Panoptic Computer Network | http://panoptic.com/ > "He realized the fastest way to change is to laugh at your own > folly -- then you can let go and quickly move on." (p. 70) >