When trying to authorise the user I get given a 401 error with the
error message:{request":"/oauth/access_token","error":"Invalid / used

Looking at the debug output taken from libcurl and looking at values
it looks like it should be working to me, I've tested the signature
generation with the test values on the documentation and get back the
correct values so I'm confident the signature generated is valid.

The debug output from libcurl is as follows (secure data changed

> POST /oauth/access_token HTTP/1.1

Host: api.twitter.com
Content-Type: application/x-www-form-urlencoded
Authorization: OAuth
ouath_timestamp="1276784317", oauth_signature_method="HMAC-SHA1",
oauth_consumer_key="xxxxxxxxxxxxxxxxx", oauth_version="1.0",
Accept: application/json
Content-Length: 82

I'm then trying to post the following data:


I'm encoding values before adding to the header as can be seen with
signature, the password and username  are encoded as needed (although
currently testing with values with only valid characters so that
shouldn't be an issue)

looking at advice tips given on this board already I think I meet all
of them:

- I'm using HTTP headers adding the content type, authorization and
accept strings to the header using curl_slist_append and then use
curl_easy_setopt(curlhandle, CURLOPT_HTTPHEADER, headers) to set the
headers to those that I have created (as can be seen in debug dump)

- I'm using the libcurl POST functions to post the actual information:
curl_easy_setopt(curlhandle, CURLOPT_POST, 1);
curl_easy_setopt(curlhandle, CURLOPT_POSTFIELDS, data_char);
curl_easy_setopt(curlhandle, CURLOPT_POSTFIELDSIZE, data_length)

- I use the curl_easy_setopt(curlhandle, CURLOPT_SSL_VERIFYPEER,
FALSE) for SSL, without this the communication to API fails so assume
SSL is fine

- Post bosy is xAuth params in format required as can be seen in my
post string, will take the application/x-www-form-urlencoded property
from the header set in request

- paramaters in POST are url encoed but as stated this test example
isn't using unsafe characters

>From the error message I'd assume there is something about my nonce it
doesn't like but it is randomly generated each request and isn't the
same as past nonce ?

I'm not sure about the timestamp, the post was made at 15:18 (GMT +1,
UK) used in debug dump so gave me a timestamp of 1276784317

Any feedback as to why I'm getting the error would be great, been
looking at it for some time trying a fair few different ideas and not
able to get it working

Reply via email to