Hi, thanks to you both. I've removed the source parameter. There is something wrong with my signature base indeed. Here's what I am sending for a status update...
POST&http%3A%2F%2Fapi.twitter.com%2F1%2Fstatuses%2Fupdate.xml&%3Fstatus %3Dtest%26oauth_consumer_key%3Dxxxxxxxxxxxxxxxxxxxxxx%26oauth_nonce %3DE9X6lVKiDkQ1n%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp %3D1275946125%26oauth_token%3Dxxxxxxxxxxxxxxxxxxxxxxxxxx %26oauth_version%3D1.0 As far as I can gather from this link http://dev.twitter.com/pages/auth#auth-request, I need to remove query parameter from the url and order them in the string. So in this case status would appear at the end. I can't find it now, but some poster in a group said to put the status paramter in the url rather than the post body. I think I must have been ordering the signature base incorrectly previous to this. Rhys On Jun 7, 3:09 pm, Taylor Singletary <taylorsinglet...@twitter.com> wrote: > To help you debug, it would be useful to see the signature base string that > was generated for the request. Possible things going wrong: the signature > base string isn't mentioning that this is a POST, or your OAuth-based > parameters are leaking into your POST body.. > > As Hwee-Boon said, you also needn't include the source parameter, as it will > be ignored. > > Taylor Singletary > Developer Advocate, Twitterhttp://twitter.com/episod > > > > On Sun, Jun 6, 2010 at 10:07 AM, Hwee-Boon Yar <hweeb...@gmail.com> wrote: > > Since it's GET works and POST, no. 1 reason is to make sure the base > > URI in the base signature string is constructed correctly. In your > > example, you don't need source=xxxx since it's OAuth. > > > -- > > Hwee-Boon > > > On Jun 6, 8:56 pm, rhysmeister <therhysmeis...@hotmail.com> wrote: > > > Hi All, > > > > I am having problems identifying what is wrong with converting my app > > > to use oAuth. All my GET requests work fine but my POST requests all > > > fail with an incorrect signature error. I am adding the oauth > > > parameters to the authorisation header of my request. My authorisation > > > header is build like below for GET requests (this works); > > > > OAuth > > > oauth_timestamp="1234567890",oauth_nonce="xxxxxx",oauth_version="1.0",oauth > > _signature_method="HMAC- > > > SHA1",oauth_consumer_key="xxxxxx",oauth_token="xxxxxx",oauth_signature="xxx > > xxx" > > > > My POST requests (these don't work); > > > > OAuth > > > oauth_timestamp="1234567890",oauth_nonce="xxxxxx",oauth_version="1.0",oauth > > _signature_method="HMAC- > > > SHA1",oauth_consumer_key="xxxxxx",oauth_token="xxxxxx",oauth_signature="xxx > > xxx" > > > > I get the below error returned... > > > > <pre> > > > <?xml version="1.0" encoding="UTF-8"?> > > > <hash> > > > <request>/1/statuses/update.xml?source=xxxxxxxxxx</request> > > > <error>Incorrect signature</error> > > > </hash> > > > > Would anyone be able to provide any pointers here? > > > > Cheers, > > > > Rhys
