Sheesh, digests are always such a PITA.  I wrote my own HTTP/DIGEST
auth routine once and what a pain to wade through the RFC and try to
get coding to work.  I'd really like NOT to have to do that, BUT, I
want to be articulate enough (code-wise) so I'm not just blindly
relying on someone's library.

So, for the single token solution, I would:

-- for each Twitter account with server-side access, I register "my-
server-side-app" at dev.twitter.com/..., obtaining the Access Token
(oauth_token) and Access Token Secret (oauth_token_secret);

-- somehow, I plug token/secret into my HTTP request; I'm OK with
using the HTTP Authorization header:
(example from: 
http://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iv-signing-requests/)
-----------------------------------------------------------------------------------------
GET /photos?size=original&file=vacation.jpg HTTP/1.1
Host: photos.example.net:80
Authorization: OAuth realm="http://photos.example.net/photos";,
oauth_consumer_key="dpf43f3p2l4k3l03", oauth_token="nnch734d00sl2jdk",
oauth_nonce="kllo9940pd9333jh", oauth_timestamp="1191242096",
oauth_signature_method="HMAC-SHA1", oauth_version="1.0",
oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D"
-----------------------------------------------------------------------------------------
oauth_consumer_key - check! (supplied by Twitter app registration
info)
oauth_token - check! (supplied by Twitter "my access token")

leaving me without a oauth_nonce or oauth_signature.


So, again, I ask (anyone) for some (fairly) LOW-LEVEL example Java
code; I'd like to know the lower-level coding mechanics WITHOUT
becoming married to the RFC AND not having to wade through someone's
framework.  Like Joe Friday used to say, "Just the facts..."

Thanks.




Reply via email to