Sheesh, digests are always such a PITA.  I wrote my own HTTP/DIGEST
auth routine once and what a pain to wade through the RFC and try to
get coding to work.  I'd really like NOT to have to do that, BUT, I
want to be articulate enough (code-wise) so I'm not just blindly
relying on someone's library.

So, for the single token solution, I would:

-- for each Twitter account with server-side access, I register "my-
server-side-app" at, obtaining the Access Token
(oauth_token) and Access Token Secret (oauth_token_secret);

-- somehow, I plug token/secret into my HTTP request; I'm OK with
using the HTTP Authorization header:
(example from:
GET /photos?size=original&file=vacation.jpg HTTP/1.1
Authorization: OAuth realm="";,
oauth_consumer_key="dpf43f3p2l4k3l03", oauth_token="nnch734d00sl2jdk",
oauth_nonce="kllo9940pd9333jh", oauth_timestamp="1191242096",
oauth_signature_method="HMAC-SHA1", oauth_version="1.0",
oauth_consumer_key - check! (supplied by Twitter app registration
oauth_token - check! (supplied by Twitter "my access token")

leaving me without a oauth_nonce or oauth_signature.

So, again, I ask (anyone) for some (fairly) LOW-LEVEL example Java
code; I'd like to know the lower-level coding mechanics WITHOUT
becoming married to the RFC AND not having to wade through someone's
framework.  Like Joe Friday used to say, "Just the facts..."


Reply via email to