That will be very helpful. Thanks Taylor.

On Fri, May 21, 2010 at 1:20 PM, Taylor Singletary <
taylorsinglet...@twitter.com> wrote:

> Mike,
>
> We're going to be a lot more informative on signature generation errors in
> the near future -- we have a newer implementation of OAuth 1.0a waiting in
> the wings that will provide the signature base string we generated on a
> failed request. More details when the staggered release of that is drawing
> near.
>
> Taylor Singletary
> Developer Advocate, Twitter
> http://twitter.com/episod
>
>
>   On Fri, May 21, 2010 at 1:14 PM, Mike Dice <mikedice...@gmail.com>wrote:
>
>> quickly one more thing, i twould also be cool to get some more details
>> about what exactly went wrong when the server side validation of the
>> signature fails. All you get now is 'Invalid Signature' and there are quite
>> a few things you could get wrong in developing that signature.
>>
>>
>> On Fri, May 21, 2010 at 1:11 PM, Mike Dice <mikedice...@gmail.com> wrote:
>>
>>> I think you have the same problem I posted about yesterday. In your base
>>> string the '%' chars of the status are supposed to also be escaped. Here is
>>> an example from my app
>>>
>>> My status update string
>>>
>>> timestamp:1274472570 Rejoice! I am done debugging :-).
>>>
>>> POST&http%3A%2F%2Fapi.twitter.com <http://2fapi.twitter.com/>
>>> %2F1%2Fstatuses%2Fupdate.xml&oauth_consumer_key%xxxxxxxxxxxxxxxxxxxxxxxx%26oauth_nonce%3DUWVWKGEKDOYBSHLVRFGJIVLMLRUOCYQVHFZKABLK%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1274472570%26oauth_token%xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx%26oauth_version%3D1.0%26status%3Dtimestamp
>>> %253A1274472570%2520Rejoice%2521%2520I%2520am%2520done%2520debugging%2520%253A-%2529.
>>> See how the '%' char is also escaped to %25?
>>>
>>>   On Fri, May 21, 2010 at 11:34 AM, DWF <dwfr...@pivotallabs.com> wrote:
>>>
>>>> We're having lots of success with OAuth now, which is great.  So far
>>>> it looks like all our GETs are working just fine.  And some of our
>>>> POSTs - but not all.
>>>>
>>>> Here's a POST that works (deleting a user's tweet):
>>>>
>>>> url: https://api.twitter.com/1/statuses/destroy.json
>>>>
>>>> parameters: {"id": 12532480661}
>>>>
>>>> Base String:
>>>> POST&https%3A%2F%2Fapi.twitter.com <http://2fapi.twitter.com/>
>>>> %2F1%2Fstatuses%2Fdestroy.json&id
>>>> %3D12532480661%26oauth_consumer_key%3D-----%26oauth_nonce
>>>> %3D1274466742322abc143248%26oauth_signature_method%3DHMAC-
>>>> SHA1%26oauth_timestamp%3D1274466742%26oauth_token%3D-----
>>>> %26oauth_version%3D1.0
>>>>
>>>> AuthHeader:
>>>> Authorization = OAuth oauth_signature_method="HMAC-SHA1",
>>>> oauth_nonce="1274466742322abc143248", oauth_timestamp="1274466742",
>>>> oauth_consumer_key="-----", oauth_version="1.0", oauth_token="-----",
>>>> oauth_signature="mg23Yowg9Y40imqcOH9SibMHSHE%3D"
>>>>
>>>>
>>>> And here's one that's NOT working (updating a status):
>>>>
>>>> url: https://api.twitter.com/1/statuses/update.json
>>>> parameters: {"source": "tweed", "status": "Tweet"}
>>>>
>>>> BaseString:
>>>> POST&https%3A%2F%2Fapi.twitter.com <http://2fapi.twitter.com/>
>>>> %2F1%2Fstatuses
>>>> %2Fupdate.json&oauth_consumer_key%3D-----------%26oauth_nonce
>>>> %3D1274466366892abc252116%26oauth_signature_method%3DHMAC-
>>>> SHA1%26oauth_timestamp%3D1274466366%26oauth_token%-------------
>>>> %26oauth_version%3D1.0%26source%3Dtweed%26status%3DTweet
>>>>
>>>> AuthHeader:
>>>> Authorization = OAuth oauth_signature_method="HMAC-SHA1",
>>>> oauth_nonce="1274466366892abc252116", oauth_timestamp="1274466366",
>>>> oauth_consumer_key="--------", oauth_version="1.0",
>>>> oauth_token="---------", oauth_signature="V4HjQU7%2BTYF2MFtkkR7T8OYM54Q
>>>> %3D"
>>>>
>>>> The error we get is:
>>>> {
>>>>  status: 401,
>>>>  responseText: {"request":"/1/statuses/
>>>> update.json","error":"Incorrect signature"}
>>>> }
>>>>
>>>> Thoughts?
>>>>
>>>
>>>
>>
>

Reply via email to