By the way, even when I try to tweet with just one word like: "tweet",
it doesn't work.  Just simple ascii characters.  Is there any way you
can just intercept one of my test tweets and look at what, if anything
might be going wrong on the server side?

-Craig


On Jun 16, 3:05 pm, Craig <chanson9...@gmail.com> wrote:
> My signature base string status pair looks like:
> status%3Dmy%2520tweet
>
> When I tried xAuth authentication with a * character in the password,
> it didn't work at first.  But once I double url encoded it, I was able
> to authenticate no problem.  So that definitely helps.  I am now
> double url encoding the username and password values.
>
> However, the tweet still didn't work.  I am double url encoding the
> status message in the signature base string and single url encoding it
> in the post body.
>
> Thanks,
> Craig
>
> On Jun 16, 11:30 am, Taylor Singletary <taylorsinglet...@twitter.com>
> wrote:
>
>
>
> > Hi Craig,
>
> > Do you know if the status update, status=my%20tweet is being encoded
> > correctly in your signature base string (which is the string used to create
> > your signature).
>
> > For the signature base string, the key/value pair would look like:
>
> > status%3Dmy%2520tweet
>
> > Have you tried your xAuth authentication with spaces and other possible odd
> > characters yet in fields like the password?
>
> > Taylor
>
> > On Wed, Jun 16, 2010 at 8:21 AM, Craig <chanson9...@gmail.com> wrote:
> > > Hi Matt,
>
> > > Thanks for responding.  My authorization header is still the same as
> > > it was in my first message above.  Here it is for another request I
> > > just tried:
>
> > > OAuth oauth_nonce="TEeSMm8q3m5abhmppain", oauth_signature_method="HMAC-
> > > SHA1", oauth_timestamp="1276701304",
> > > oauth_consumer_key="xxxxxxxxxxxxxxxxx", oauth_token="xxxxxxxx-
> > > xxxxxxxxxxxxxxxxxxxxxxxxx", oauth_signature="xxxxxxxxxxxxxxxxxxxxxxx
> > > %3D", oauth_version="1.0"
>
> > > The post body is simply:
> > > status=my%20tweet
>
> > > When I create the request in objective c, it looks like this: (where
> > > authHeader is the authorization header noted above and postBody is the
> > > post body noted above):
>
> > > NSString* requestString= [NSString
> > > stringWithFormat:@"%@",TWITTER_STATUS_UPDATE_URL];
> > > NSMutableURLRequest* request = [[NSMutableURLRequest alloc]
> > >                                initWithURL:[NSURL
> > > URLWithString:requestString]
>
> > > cachePolicy:NSURLRequestReloadIgnoringCacheData
> > >                                    timeoutInterval:30.0];
> > > [request setHTTPMethod:@"POST"];
> > > [request addValue:authHeader forHTTPHeaderField:@"Authorization"];
> > > [request setValue:@"application/x-www-form-urlencoded"
> > > forHTTPHeaderField:@"Content-Type"];
> > > [request setValue:postBodyLength forHTTPHeaderField:@"Content-
> > > Length"];
> > > [request setHTTPBody:[postBody
> > > dataUsingEncoding:NSUTF8StringEncoding]];
>
> > > This type of formatting works just fine for my xAuth authentication.
>
> > > On Jun 15, 4:44 pm, themattharris <thematthar...@twitter.com> wrote:
> > > > Hey Craig,
>
> > > > Could you let us see what the authorization header you are sending
> > > > looks like (obfuscating your oauth keys and secrets)?
>
> > > > What you're aiming for is a header similar to this:
>
> > > > POST /1/statuses/update.xml HTTP/1.1
> > > > Accept: */*
> > > > Connection: close
> > > > User-Agent: OAuth gem v0.4.0
> > > > Content-Type: application/x-www-form-urlencoded
> > > > Authorization: OAuth
> > > >   oauth_consumer_key=\"xxxxxxxxxxxxxxxxxxxxxxxx\",
> > > >   oauth_nonce=\"xxxxxxxxxxxxxxxxxxxxxxxxxxxx\",
> > > >   oauth_signature=\"xxxxxxxxxxxxxxxxxxxxxxxx\",
> > > >   oauth_signature_method=\"HMAC-SHA1\",
> > > >   oauth_timestamp=\"1276634179\",
> > > >   oauth_token=\"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\",
> > > >   oauth_version=\"1.0\"
> > > > Content-Length: 27
> > > > Host: api.twitter.com
>
> > > > With your post body being the status you are sending. Similar to:
>
> > > > status=something%20to%20say
>
> > > > Matt
>
> > > > On Jun 13, 8:32 pm, Craig <chanson9...@gmail.com> wrote:
>
> > > > > Ok, so I believe my signature is correct because if I take out the
> > > > > oauth_token parameter from the signature base I get an incorrect
> > > > > signature error instead of the invalid/used nonce error.  I am
> > > > > definitely posting to the correct url: "https://api.twitter.com/1/
> > > > > statuses/update.xml" because if I change it I get an invalid url
> > > > > response.  The nonce I'm generating is unique for every request I'm
> > > > > sending.  The timestamp is accurate to the number of seconds that have
> > > > > passed since unix epoch.  Obviously the invalid/used nonce error is
> > > > > garbage.
>
> > > > > Here's the formatting of my URL request in obj c:
>
> > > > > // Create the request
> > > > > NSString* requestString= [NSString
> > > > > stringWithFormat:@"%@",TWITTER_STATUS_UPDATE_URL];
> > > > > NSMutableURLRequest* request = [[NSMutableURLRequest alloc]
> > > > >                                 initWithURL:[NSURL
> > > URLWithString:requestString]
>
> > > cachePolicy:NSURLRequestReloadIgnoringCacheData
> > > > >                                     timeoutInterval:30.0];
> > > > > [request setHTTPMethod:@"POST"];
> > > > > [request addValue:authHeader forHTTPHeaderField:@"Authorization"];
> > > > > [request setValue:@"application/x-www-form-urlencoded"
> > > > > forHTTPHeaderField:@"Content-Type"];
> > > > > [request setValue:postBodyLength forHTTPHeaderField:@"Content-
> > > > > Length"];
> > > > > [request setHTTPBody:[postBody
> > > > > dataUsingEncoding:NSUTF8StringEncoding]];
>
> > > > > Any other ideas?  I'm at a total loss as to why this might be
> > > > > happening.
>
> > > > > Thanks,
> > > > > Craig
>
> > > > > On Jun 13, 3:42 pm, Craig <chanson9...@gmail.com> wrote:
>
> > > > > > No dice.  I just tried creating a new app and using the new
> > > keys/token
> > > > > > to tweet.  I'll go over my steps once more and see if I can track
> > > down
> > > > > > an issue somewhere...
>
> > > > > > On Jun 11, 8:53 pm, Taylor Singletary <taylorsinglet...@twitter.com>
> > > > > > wrote:
>
> > > > > > > xAuth in this case, I think, is unrelated to the issue. If you can
> > > use
> > > > > > > a different key and use the "my token" feature to get your access
> > > > > > > token, then try to tweet using that token, it will sufficiently
> > > > > > > express the problem I think.
>
> > > > > > > Taylor
>
> > > > > > > On Jun 11, 2010, at 2:48 PM, Craig <chanson9...@gmail.com> wrote:
>
> > > > > > > > Hello,
>
> > > > > > > > I have an iphone app that is using xauth.  I am able to obtain
> > > the
> > > > > > > > access token with no problem at all.  When I go to post a status
> > > > > > > > update, I receive an invalid / used nonce error.  It can't
> > > actually be
> > > > > > > > a used nonce since I have checked this multiple times.  Here are
> > > the
> > > > > > > > details of the post:
>
> > > > > > > > url:
> > > > > > > >http://api.twitter.com/1/statuses/update.xml
>
> > > > > > > > signature base string:
> > > > > > > > POST&http%3A%2F%2Fapi.twitter.com%2F1%2Fstatuses
> > > > > > > > %2Fupdate.xml&oauth_consumer_key%3Dmyconsumerkey%26oauth_nonce
> > > > > > > > %3D397vi5Ug1YHC3UAVUAoB%26oauth_signature_method%3DHMAC-
> > > > > > > > SHA1%26oauth_timestamp%3D1276292596%26oauth_token%3Dmytoken
> > > > > > > > %26oauth_version%3D1.0%26status%3Dmy%2520tweet
>
> > > > > > > > Authorization header:
> > > > > > > > OAuth oauth_nonce="397vi5Ug1YHC3UAVUAoB",
> > > oauth_signature_method="HMAC-
> > > > > > > > SHA1", oauth_timestamp="1276292596",
> > > > > > > > oauth_consumer_key="myconsumerkey", oauth_token="mytoken",
> > > > > > > > oauth_signature="yOh2zQPGDBlVEP5cDWhjddQWTLc%3D",
> > > oauth_version="1.0"
>
> > > > > > > > Content-Type:
> > > > > > > > [request setValue:@"application/x-www-form-urlencoded"
> > > > > > > > forHTTPHeaderField:@"Content-Type"];
>
> > > > > > > > I can see no reason why this shouldn't work.  Any help would be
> > > > > > > > greatly appreciated!
>
> > > > > > > > Thanks,
> > > > > > > > Craig

Reply via email to