Hi Matt,

Thanks for responding.  My authorization header is still the same as
it was in my first message above.  Here it is for another request I
just tried:

OAuth oauth_nonce="TEeSMm8q3m5abhmppain", oauth_signature_method="HMAC-
SHA1", oauth_timestamp="1276701304",
oauth_consumer_key="xxxxxxxxxxxxxxxxx", oauth_token="xxxxxxxx-
xxxxxxxxxxxxxxxxxxxxxxxxx", oauth_signature="xxxxxxxxxxxxxxxxxxxxxxx
%3D", oauth_version="1.0"

The post body is simply:
status=my%20tweet

When I create the request in objective c, it looks like this: (where
authHeader is the authorization header noted above and postBody is the
post body noted above):

NSString* requestString= [NSString
stringWithFormat:@"%@",TWITTER_STATUS_UPDATE_URL];
NSMutableURLRequest* request = [[NSMutableURLRequest alloc]
                                initWithURL:[NSURL
URLWithString:requestString]
 
cachePolicy:NSURLRequestReloadIgnoringCacheData
                                    timeoutInterval:30.0];
[request setHTTPMethod:@"POST"];
[request addValue:authHeader forHTTPHeaderField:@"Authorization"];
[request setValue:@"application/x-www-form-urlencoded"
forHTTPHeaderField:@"Content-Type"];
[request setValue:postBodyLength forHTTPHeaderField:@"Content-
Length"];
[request setHTTPBody:[postBody
dataUsingEncoding:NSUTF8StringEncoding]];

This type of formatting works just fine for my xAuth authentication.

On Jun 15, 4:44 pm, themattharris <thematthar...@twitter.com> wrote:
> Hey Craig,
>
> Could you let us see what the authorization header you are sending
> looks like (obfuscating your oauth keys and secrets)?
>
> What you're aiming for is a header similar to this:
>
> POST /1/statuses/update.xml HTTP/1.1
> Accept: */*
> Connection: close
> User-Agent: OAuth gem v0.4.0
> Content-Type: application/x-www-form-urlencoded
> Authorization: OAuth
>   oauth_consumer_key=\"xxxxxxxxxxxxxxxxxxxxxxxx\",
>   oauth_nonce=\"xxxxxxxxxxxxxxxxxxxxxxxxxxxx\",
>   oauth_signature=\"xxxxxxxxxxxxxxxxxxxxxxxx\",
>   oauth_signature_method=\"HMAC-SHA1\",
>   oauth_timestamp=\"1276634179\",
>   oauth_token=\"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\",
>   oauth_version=\"1.0\"
> Content-Length: 27
> Host: api.twitter.com
>
> With your post body being the status you are sending. Similar to:
>
> status=something%20to%20say
>
> Matt
>
> On Jun 13, 8:32 pm, Craig <chanson9...@gmail.com> wrote:
>
>
>
> > Ok, so I believe my signature is correct because if I take out the
> > oauth_token parameter from the signature base I get an incorrect
> > signature error instead of the invalid/used nonce error.  I am
> > definitely posting to the correct url: "https://api.twitter.com/1/
> > statuses/update.xml" because if I change it I get an invalid url
> > response.  The nonce I'm generating is unique for every request I'm
> > sending.  The timestamp is accurate to the number of seconds that have
> > passed since unix epoch.  Obviously the invalid/used nonce error is
> > garbage.
>
> > Here's the formatting of my URL request in obj c:
>
> > // Create the request
> > NSString* requestString= [NSString
> > stringWithFormat:@"%@",TWITTER_STATUS_UPDATE_URL];
> > NSMutableURLRequest* request = [[NSMutableURLRequest alloc]
> >                                 initWithURL:[NSURL 
> > URLWithString:requestString]
> >                                 
> > cachePolicy:NSURLRequestReloadIgnoringCacheData
> >                                     timeoutInterval:30.0];
> > [request setHTTPMethod:@"POST"];
> > [request addValue:authHeader forHTTPHeaderField:@"Authorization"];
> > [request setValue:@"application/x-www-form-urlencoded"
> > forHTTPHeaderField:@"Content-Type"];
> > [request setValue:postBodyLength forHTTPHeaderField:@"Content-
> > Length"];
> > [request setHTTPBody:[postBody
> > dataUsingEncoding:NSUTF8StringEncoding]];
>
> > Any other ideas?  I'm at a total loss as to why this might be
> > happening.
>
> > Thanks,
> > Craig
>
> > On Jun 13, 3:42 pm, Craig <chanson9...@gmail.com> wrote:
>
> > > No dice.  I just tried creating a new app and using the new keys/token
> > > to tweet.  I'll go over my steps once more and see if I can track down
> > > an issue somewhere...
>
> > > On Jun 11, 8:53 pm, Taylor Singletary <taylorsinglet...@twitter.com>
> > > wrote:
>
> > > > xAuth in this case, I think, is unrelated to the issue. If you can use
> > > > a different key and use the "my token" feature to get your access
> > > > token, then try to tweet using that token, it will sufficiently
> > > > express the problem I think.
>
> > > > Taylor
>
> > > > On Jun 11, 2010, at 2:48 PM, Craig <chanson9...@gmail.com> wrote:
>
> > > > > Hello,
>
> > > > > I have an iphone app that is using xauth.  I am able to obtain the
> > > > > access token with no problem at all.  When I go to post a status
> > > > > update, I receive an invalid / used nonce error.  It can't actually be
> > > > > a used nonce since I have checked this multiple times.  Here are the
> > > > > details of the post:
>
> > > > > url:
> > > > >http://api.twitter.com/1/statuses/update.xml
>
> > > > > signature base string:
> > > > > POST&http%3A%2F%2Fapi.twitter.com%2F1%2Fstatuses
> > > > > %2Fupdate.xml&oauth_consumer_key%3Dmyconsumerkey%26oauth_nonce
> > > > > %3D397vi5Ug1YHC3UAVUAoB%26oauth_signature_method%3DHMAC-
> > > > > SHA1%26oauth_timestamp%3D1276292596%26oauth_token%3Dmytoken
> > > > > %26oauth_version%3D1.0%26status%3Dmy%2520tweet
>
> > > > > Authorization header:
> > > > > OAuth oauth_nonce="397vi5Ug1YHC3UAVUAoB", 
> > > > > oauth_signature_method="HMAC-
> > > > > SHA1", oauth_timestamp="1276292596",
> > > > > oauth_consumer_key="myconsumerkey", oauth_token="mytoken",
> > > > > oauth_signature="yOh2zQPGDBlVEP5cDWhjddQWTLc%3D", oauth_version="1.0"
>
> > > > > Content-Type:
> > > > > [request setValue:@"application/x-www-form-urlencoded"
> > > > > forHTTPHeaderField:@"Content-Type"];
>
> > > > > I can see no reason why this shouldn't work.  Any help would be
> > > > > greatly appreciated!
>
> > > > > Thanks,
> > > > > Craig

Reply via email to