Wil,

Does your OAuth code work against other aspects of the Twitter API? Can you
verify if your system's clock is within 5 minutes or so of the times
returned by our system? (You can see the current server time in an HTTP
header of any of our responses).

Are you sure that your code is actually POSTing the POST body along with the
request?

Seems like you are really close.

On Fri, Jun 25, 2010 at 10:10 AM, Wil <willi...@gmail.com> wrote:

> Hi John,
>
> Uhh, care to elaborate? I don't quite get what you meant...
>
> Thanks,
> Wil
>
> On Jun 24, 11:17 pm, John Kalucki <j...@twitter.com> wrote:
> > Aside from the oAuth issue, which others can address, the only valid
> > delimited value is length.
> >
> > -John
> >
> >
> >
> > On Thu, Jun 24, 2010 at 7:58 AM, Wil <willi...@gmail.com> wrote:
> > > I'm getting this response:
> >
> > > HTTP/1.1 401 Unauthorized
> > > Content-Length: 1296
> > > Cache-Control: must-revalidate,no-cache,no-store
> > > Content-Type: text/html; charset=iso-8859-1
> > > Server: Jetty(6.1.17)
> > > WWW-Authenticate: Basic realm="Firehose"
> >
> > >  <html>
> > > <head>
> > > <meta http-equiv="Content-Type" content="text/html;
> > > charset=ISO-8859-1"/>
> > > <title>Error 401 UNAUTHORIZED</title>
> > > </head>
> > > <body>
> > > <h2>HTTP ERROR: 401</h2>
> > > <p>Problem accessing /1/statuses/filter.json. Reason:
> > > <pre>    UNAUTHORIZED</pre></p>
> > > <hr /><i><small>Powered by Jetty://</small></i>
> >
> > > Here's what I POSTed(oauth tokens are filtered out):
> >
> > > REQUEST: POSThttp://stream.twitter.com/1/statuses/filter.json
> > > Authorization: OAuth
> >
> > >
> oauth_consumer_key="#####",oauth_token="########",oauth_nonce="#####",oauth
> _timestamp="#####",oauth_signature_method="HMAC-
> > > SHA1",oauth_signature="########",oauth_version="1.0",
> > > Content-Type: application/x-www-form-urlencoded
> > > Vary: Accept-Encoding
> > > Connection: close
> >
> > > source=softwarename&delimited=1&follow=156934710
> >
> > > On Jun 23, 1:33 am, John Kalucki <j...@twitter.com> wrote:
> > > > OAuthshould work fine onstream.twitter.com
> >
> > > > -John Kaluckihttp://twitter.com/jkalucki
> > > > Infrastructure, Twitter Inc.
> >
> > > > On Tue, Jun 22, 2010 at 10:00 AM, Wil <willi...@gmail.com> wrote:
> > > > > I'm a bit dumbfounded here...
> >
> > > > > I've been trying to login tostream.twitter.com usingOAuth
> > > > > (particularly, I've been trying to access
> > > > >http://stream.twitter.com/1/statuses/filter.json?follow=####). I
> used
> > > > > the access keys obtained fromhttps://
> > > api.twitter.com/oauth/access_token
> > > > > however, I've been getting 401 errors. I've tried basic
> authentication
> > > > > and it works fine.
> >
> > > > > Does that mean thatstream:statuses/filter is still can only accept
> > > > > basic authentication?
> >
> > > > > Regards,
> > > > > Wil
> >
> > > > > On May 25, 5:51 am, John Kalucki <j...@twitter.com> wrote:
> > > > >> We haven't announced our plans for streaming andoAuth, beyond
> stating
> > > that
> > > > >> User Streams will only be onoAuth.
> >
> > > > >> On Mon, May 24, 2010 at 1:57 PM, 140dev <140...@gmail.com> wrote:
> > > > >> > Does this mean that the streaming API will also make the switch
> from
> > > > >> > basic authentication toOAuthat the end of June?
> >
> > > > >> > On Mon, May 24, 2010 at 4:50 PM, Mark McBride <
> mmcbr...@twitter.com
> >
> > > > >> > wrote:
> > > > >> > >OAuthis now enabled onstream.twitter.com.  I'll also send a
> note
> > > out
> > > > >> > > to the announce list
> >
> > > > >> > >   ---Mark
> >
> > > > >> > >http://twitter.com/mccv
> >
> > > > >> > > On Mon, May 24, 2010 at 12:30 PM, Aaron Rankin <
> aran...@gmail.com
> >
> > > > >> > wrote:
> > > > >> > >> Hi,
> >
> > > > >> > >> Is there an ETA for enablingoauthonstream.twitter.com?
> >
> > > > >> > >> Thanks,
> > > > >> > >> Aaron
> >
> > > > >> > >> On May 13, 1:11 pm, John Kalucki <j...@twitter.com> wrote:
> > > > >> > >>> OAuthis not enabled onstream.twitter.com. You can try on
> > > > >> > >>> chirpstream.twitter.com.
> >
> > > > >> > >>> On Thu, May 13, 2010 at 10:53 AM, Lucas Vickers <
> > > > >> > lucasvick...@gmail.com> wrote:
> > > > >> > >>> > I am writing my own c++ basedOAuthlibrary.  I know there
> is
> > > liboauth
> > > > >> > >>> > but I like to do things myself to learn.
> >
> > > > >> > >>> > Anyhow I am trying to accesshttp://
> > > > >> >stream.twitter.com/1/statuses/sample.xml
> > > > >> > >>> > and I keep getting 401.
> >
> > > > >> > >>> > I have verified pretty much every parameter, and used the
> tool
> > > on
> >
> > >http://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iv-signin.
> ..
> > > > >> > >>> > to verify my signature is correct. I used twurl to obtain
> the
> > > user
> > > > >> > >>> > access tokens to my account.
> >
> > > > >> > >>> > After doing some reading I'm no longer convinced that
> > > thestreaming
> > > > >> > >>> > server even supportsoauth.
> >
> > > > >> > >>> > can you fill me in on the current status
> ofstream.twitter.comand
> > > > >> > >>> >oauth?
> >
> > > > >> > >>> > thanks!
> > > > >> > >>> > Lucas
> >
> > > > >> > >>> > On Apr 20, 11:02 pm, Jonathon Hill <jhill9...@gmail.com>
> > > wrote:
> > > > >> > >>> >> Thanks Taylor for the very detailed and helpful response!
> >
> > > > >> > >>> >> Jonathon
> >
> > > > >> > >>> >> On Apr 20, 1:17 pm, Taylor Singletary <
> > > taylorsinglet...@twitter.com
> >
> > > > >> > >>> >> wrote:
> >
> > > > >> > >>> >> > Hi Jonathon,
> >
> > > > >> > >>> >> > ForStreamingAPI access that isn't from the perspective
> of a
> > > user's
> > > > >> > >>> >> > account, you would use two-leggedOAuthto establish
> > > authentication
> > > > >> > instead
> > > > >> > >>> >> > of basic auth.
> >
> > > > >> > >>> >> > A two-leggedOAuthrequest is very similar to
> > > otherOAuthrequests:
> > > > >> > you have
> > > > >> > >>> >> > a specific resource you are trying to access, you have
> some
> > > > >> > parameters you
> > > > >> > >>> >> > want to pass to that resource, and you have
> anOAuthconsumer
> > > key
> > > > >> > andOAuth
> > > > >> > >>> >> > consumer secret. Which is unlike three-leggedOAuthwhere
> you
> > > also
> > > > >> > have
> > > > >> > >>> >> > oauth_tokens representing either a user/access_token or
> a
> > > request
> > > > >> > token in
> > > > >> > >>> >> > addition to the rest.
> >
> > > > >> > >>> >> > But the rules remain the same. You take all
> > > theOAuthparameters and
> > > > >> > the
> > > > >> > >>> >> > parameters you are sending to the resource, organize
> them,
> > > build a
> > > > >> > signature
> > > > >> > >>> >> > base string, then sign that with your consumer secret
> and
> > > send the
> > > > >> > request
> > > > >> > >>> >> > on to Twitter properly signed. The only difference is
> that
> > > there
> > > > >> > is no
> > > > >> > >>> >> > oauth_token and oauth_token_secret getting involved in
> the
> > > mix.
> >
> > > > >> > >>> >> > This is essentially what a two-legged request to
> > > thestreamingAPI
> > > > >> > would
> > > > >> > >>> >> > look like:
> >
> > > > >> > >>> >> > Signature Base String
> > > > >> > >>> >> > GET&http%3A%2F%2Fstream.twitter.com
> >
> > >
> %2F1%2Fstatuses%2Fsample.json&oauth_consumer_key%3Dri8JxYK2zzwSV5xIUfNNvQ%2
> > >
> ­6oauth_nonce%3DSJJqJPdaZrYuIogToapS6ueJRyWB4Rs2ox4HEbu4nW8%26oauth_signatu
> > >
> r­e_method%3DHMAC-SHA1%26oauth_timestamp%3D1271783743%26oauth_version%3D1.0
> >
> > > > >> > >>> >> > Signature
> > > > >> > >>> >> > Xi5jfuw2XqtU5KpNX9ZCtTptJS0=
> >
> > > > >> > >>> >> > Authorization Header
> >
> > > >OAuthoauth_nonce="SJJqJPdaZrYuIogToapS6ueJRyWB4Rs2ox4HEbu4nW8",
> > > > >> > >>> >> > oauth_signature_method="HMAC-SHA1",
> > > oauth_timestamp="1271783743",
> > > > >> > >>> >> > oauth_consumer_key="ri8JxYK2zzwSV5xIUfNNvQ",
> > > > >> > >>> >> > oauth_signature="Xi5jfuw2XqtU5KpNX9ZCtTptJS0%3D",
> > > > >> > oauth_version="1.0"
> >
> > > > >> > >>> >> > Taylor Singletary
> > > > >> > >>> >> > Developer Advocate, Twitterhttp://twitter.com/episod
> >
> > > > >> > >>> >> > On Tue, Apr 20, 2010 at 10:05 AM, Jonathon Hill <
> > > > >> > jhill9...@gmail.com> wrote:
> > > > >> > >>> >> > > One thing I meant to find out @chirp last week--what
> > > > >> > willoauthlook
> > > > >> > >>> >> > > like for theStreamingAPI? I'm having a hard time
> > > visualizing how
> > > > >> > >>> >> > > that will work.
> >
> > > > >> > >>> >> > > Thanks,
> >
> > > > >> > >>> >> > > Jonathon Hill
> > > > >> > >>> >> > > @compwright
> > > > >> > >>> >> > > Company52
> > > > >> > >>> >> > >http://company52.com
> >
> > > > >> > >>> >> > > --
> > > > >> > >>> >> > > Subscription settings:
> >
> > >http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
>

Reply via email to