Thanks to all your replies helped I can now perform status updates via oAuth.
I'm rather irritated that Uri.EscapeDataString doesn't escape all illegal characters. It just fails now if a status update contains exclamation marks, asterisk, dollar signs, single quotes and probably a few more. I'll solve that in the morning. Thanks again. Rhys On Jun 8, 1:57 am, StephenBnz <stephenbro...@gmail.com> wrote: > Hi Rhys, > - you're right status should be at the end of the base string. Even > though it's sent as a POST, it still has to go in alpha order in the > base string. > - Also be careful of the leading %3F you've got after the update.xml - > should just be (method)&(baseURL+service)&(list of params separated by > %26) > - Once you've signed with this string, your message will look like: > (pseudo code not actual message) > > POST HTTP 1.1 /statuses/update.xml > Host: api.twitter.com:443 > Authorization: (list of params as normal, including oauth_signature > but NOT including status) > Content-type: application/x-www-form-urlencoded > Body: > status=test > > Also note that if you have non-alpha characters in the status string > (eg. space, etc) you must URL encode them BEFORE compiling the base > signature string, and also ensure they remain URL encoded in the POST > body. > > Hope this helps > Stephen > > On Jun 8, 7:36 am,rhysmeister<therhysmeis...@hotmail.com> wrote: > > > > > Hi, thanks to you both. I've removed the source parameter. > > > There is something wrong with my signature base indeed. Here's what I > > am sending for a status update... > > > POST&http%3A%2F%2Fapi.twitter.com%2F1%2Fstatuses%2Fupdate.xml&%3Fstatus > > %3Dtest%26oauth_consumer_key%3Dxxxxxxxxxxxxxxxxxxxxxx%26oauth_nonce > > %3DE9X6lVKiDkQ1n%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp > > %3D1275946125%26oauth_token%3Dxxxxxxxxxxxxxxxxxxxxxxxxxx > > %26oauth_version%3D1.0 > > > As far as I can gather from this > > linkhttp://dev.twitter.com/pages/auth#auth-request, > > I need to remove query parameter from the url and order them in the > > string. So in this case status would appear at the end. I can't find > > it now, but some poster in a group said to put the status paramter in > > the url rather than the post body. I think I must have been ordering > > the signature base incorrectly previous to this. > > > Rhys > > > On Jun 7, 3:09 pm, Taylor Singletary <taylorsinglet...@twitter.com> > > wrote: > > > > To help you debug, it would be useful to see the signature base string > > > that > > > was generated for the request. Possible things going wrong: the signature > > > base string isn't mentioning that this is a POST, or your OAuth-based > > > parameters are leaking into your POST body.. > > > > As Hwee-Boon said, you also needn't include the source parameter, as it > > > will > > > be ignored. > > > > Taylor Singletary > > > Developer Advocate, Twitterhttp://twitter.com/episod > > > > On Sun, Jun 6, 2010 at 10:07 AM, Hwee-Boon Yar <hweeb...@gmail.com> wrote: > > > > Since it's GET works and POST, no. 1 reason is to make sure the base > > > > URI in the base signature string is constructed correctly. In your > > > > example, you don't need source=xxxx since it's OAuth. > > > > > -- > > > > Hwee-Boon > > > > > On Jun 6, 8:56 pm,rhysmeister<therhysmeis...@hotmail.com> wrote: > > > > > Hi All, > > > > > > I am having problems identifying what is wrong with converting my app > > > > > to use oAuth. All my GET requests work fine but my POST requests all > > > > > fail with an incorrect signature error. I am adding the oauth > > > > > parameters to the authorisation header of my request. My authorisation > > > > > header is build like below for GET requests (this works); > > > > > > OAuth > > > > > oauth_timestamp="1234567890",oauth_nonce="xxxxxx",oauth_version="1.0",oauth > > > > _signature_method="HMAC- > > > > > SHA1",oauth_consumer_key="xxxxxx",oauth_token="xxxxxx",oauth_signature="xxx > > > > xxx" > > > > > > My POST requests (these don't work); > > > > > > OAuth > > > > > oauth_timestamp="1234567890",oauth_nonce="xxxxxx",oauth_version="1.0",oauth > > > > _signature_method="HMAC- > > > > > SHA1",oauth_consumer_key="xxxxxx",oauth_token="xxxxxx",oauth_signature="xxx > > > > xxx" > > > > > > I get the below error returned... > > > > > > <pre> > > > > > <?xml version="1.0" encoding="UTF-8"?> > > > > > <hash> > > > > > <request>/1/statuses/update.xml?source=xxxxxxxxxx</request> > > > > > <error>Incorrect signature</error> > > > > > </hash> > > > > > > Would anyone be able to provide any pointers here? > > > > > > Cheers, > > > > > > Rhys