Hi Taylor, Here's one I just generated:
OAuth realm="http://api.twitter.com", oauth_consumer_key="9vjtaDCxlOYCRJqyp7XKzA", oauth_nonce="523A02EE", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1280166265", oauth_token="15389554-7q4tTgSwJ9oB6iWZh7DvRjkn60eKTc1T4VRkNl4", oauth_version="1.0", oauth_signature="ImtWt09x9StbIV5H3G7xC3PM4bc%3D" There's also another one in the first post. Thanks Gerard On Jul 26, 6:30 pm, Taylor Singletary <taylorsinglet...@twitter.com> wrote: > Gerard, > > Thanks for the code sample. Nothing is jumping out at me here.. can > you share an example signature base string? (likely generated > somewhere in the "AddSignatureToParameters" method in an intermediary > step). > > Taylor > > On Mon, Jul 26, 2010 at 10:12 AM, globaljobber > > > > <gerardn...@exciteinternet.co.uk> wrote: > > Hi Taylor, > > > I decided to post my code in brief. I can't expect you or anyone else > > to go through the real stuff line by line, so I've tried to simplify > > it so that a relatively quick look should perhaps show if there's > > somewhere I'm going wrong. The code shows the tasks done rather than > > detail.... > > > string requestUrl = "https://api.twitter.com/1/account/ > > verify_credentials.json"; > > > Parameters.Add("oauth_version", "1.0"); > > Parameters.Add("oauth_nonce", GenerateNonce()); > > Parameters.Add("oauth_timestamp", GenerateTimeStamp()); > > Parameters.Add("oauth_signature_method", "HMAC-SHA1"); > > Parameters.Add("oauth_consumer_key", consumerKey); > > Parameters.Add("oauth_consumer_secret", consumerSecret); > > > //Use these parameters to create the signature > > AddSignatureToParameters(requestUrl,Parameters,"GET",consumerSecret,tokenSecret); > > > //Now create the header > > string authHeader = "OAuth realm=\"http://api.twitter.com\""; > > > foreach(Parameter) > > { > > authHeader = authHeader + ", " + URLEncode(Parameter.Key) + "=" > > URLEncode(Paramter.Value) > > } > > > //Now build POST request to send to Twitpic > > requestUrl = "http://api.twitpic.com/2/upload.json"; > > > Requiredparameters.Add("key", "97bfc7bd3d7827ca44444444ef4eea82"); > > Requiredparameters.Add("message", "TestMessage"); > > > requestUrl = requestUrl + AddPerameters(Requiredparameters); > > > HttpWebRequest webRequest = > > (HttpWebRequest)WebRequest.Create(requestUrl); > > webRequest.Method = "POST"; > > webRequest.Headers.Add("X-Verify-Credentials-Authorization", > > authHeader); > > webRequest.Headers.Add("X-Auth-Service-Provider", "https:// > > api.twitter.com/1/account/verify_credentials.json"); > > > WebResponse response = webRequest.GetResponse(); > > string responseString = new > > StreamReader(response.GetResponseStream()).ReadToEnd(); > > > Hope this is not too hard to read or follow. > > > Thanks > > Gerard > > > On Jul 26, 5:31 pm, globaljobber <gerardn...@exciteinternet.co.uk> > > wrote: > >> Hi Taylor, > > >> Thanks again. Tried generating a header using Post instead of GET and > >> didn't work. > > >> I note in the sample PHP code, line 25, that a GET is used. > > >> I have read in numerous posts that a GET was used with the 'dummy' > >> request to generate the Header. > > >> I'm not a php programmer, I do C# ASP.Net for my sins, which doesn't > >> help. But I have tried to go through your PHP example, which I've seen > >> before and I reckon I am replicating what is being done. > > >> The header I generate is ok'd by Twitter api, i.e. get a 200 OK > >> response, but not using Echo. > > >> Thanks for your help thus far. > >> Gerard > > >> On Jul 26, 5:05 pm, Taylor Singletary <taylorsinglet...@twitter.com> > >> wrote: > > >> > Hi Gerard, > > >> > Steps 1-3 of this process are correct from the perspective of > >> > initially negotiating permissions for your user. Once you've performed > >> > steps 1-3 you shouldn't need to do these steps for this user again > >> > unless re-negotiating for the tokens. > > >> > Your step 4: I'll improve the documentation we have for OAuth Echo > >> > here, as it's not obvious that you should be performing a POST for > >> > verify_credentials in this case. The Authorization Header you generate > >> > for the verify_credentials request should be a POST, as that's what > >> > Twitpic will do. > > >> > Step 5: Yes, your OAuth authorization header for the > >> > verify_credentials request is presented in the > >> > X-Verify-Credentials-Authorization header, and X-Auth-Service-Provider > >> > contains "https://api.twitter.com/1/account/verify_credentials.json" > > >> > Let me know if the transition to POST works for you. I have some > >> > sample code in PHP available here:http://gist.github.com/490753 > > >> > Taylor > > >> > On Mon, Jul 26, 2010 at 8:21 AM, globaljobber > > >> > <gerardn...@exciteinternet.co.uk> wrote: > >> > > Just to check my process is correct: > > >> > > 1) Web page goes to twitter to get a request Token > > >> > > 2) Token request granted, and a URL for user is generated with this > >> > > Token > > >> > > 3) User authenticates app via Twitter pop-up > > >> > > 3) Twitter reponse redirects to new page which has Access Token and > >> > > access token secret given to it. > > >> > > 4) Using these tokens, and using GET and the following URL: 'https:// > >> > > api.twitter.com/1/account/verify_credentials.json' > > >> > > an authorisation header is generated. > > >> > > 5) This header, along with the other header: 'X-Auth-Service- > >> > > Provider' is then sent off using a post > >> > > tohttp://api.twitpic.com/2/upload.json > > >> > > Have I missed anything? > > >> > > Regards > >> > > Gerard > > >> > > On Jul 26, 4:03 pm, globaljobber <gerardn...@exciteinternet.co.uk> > >> > > wrote: > >> > >> Hi Taylor, > > >> > >> Thanks for your reply. I just tried that and still the same 401 error. > >> > >> The new header was like this with spaces after each comma: > > >> > >> OAuth realm="http://api.twitter.com", > >> > >> oauth_consumer_key="9cjtaDfffOYCRJqyp7XKzA", oauth_nonce="59E4358", > >> > >> oauth_signature_method="HMAC-SHA1", oauth_timestamp="1280156335", > >> > >> oauth_token="15389554-7q4tjgtwJ9oB6iWZh7DvRjkn60eKTc1T4VRkNl4", > >> > >> oauth_version="1.0", oauth_signature="ZmiBuqZC2SUsRx2%2B7x4O7TrDDWE > >> > >> %3D" > > >> > >> I'm also sure no call is made during the generation of the header. > > >> > >> According to other posts I've read, this header is created using a GET > >> > >> and uses the following URL: > > >> > >>https://api.twitter.com/1/account/verify_credentials.json > > >> > >> Any other ideas would be grateful, as I've spent over a week on trying > >> > >> to get Twitpic to work. > > >> > >> Thank you > >> > >> Gerard > > >> > >> On Jul 26, 3:38 pm, Taylor Singletary <taylorsinglet...@twitter.com> > >> > >> wrote: > > >> > >> > Hi Gerard, > > >> > >> > Though I know it doesn't sound like it should matter, can you try > >> > >> > your > >> > >> > request against Twitpic after inserting spaces after each comma in > >> > >> > your Authorization Header? Also want to make sure that you aren't > >> > >> > executing your verify_credentials request in the preparation > >> > >> > sequence > >> > >> > (calling the resource prior to TwitPic calling it would invalidate > >> > >> > it). > > >> > >> > Thanks, > >> > >> > Taylor > > >> > >> > On Mon, Jul 26, 2010 at 7:26 AM, globaljobber > > >> > >> > <gerardn...@exciteinternet.co.uk> wrote: > >> > >> > > Hi, > > >> > >> > > I am having trouble getting Twitpic to authorize an image upload > >> > >> > > request. > > >> > >> > > I have checked my Oauth 'X-Verify-Credentials-Authorization' > >> > >> > > authorization header with a call to > >> > >> > > 'https://api.twitter.com/'andIgeta200 OK status. So it appears my > >> > >> > > authentication requests are ok. > > >> > >> > > However if I take the same header construct and make a request to > >> > >> > > 'http://api.twitpic.com/2/upload.json'usingOAuthEchowithTwitpic I > >> > >> > > continually receive a 401 Unauthorized response. > > >> > >> > > My typical setup is this: > > >> > >> > > Parameters for Twitpic: > > >> > >> > > Requiredparameters.Add("key", "97bfc7ffddd827ca9630232def4eea82"); > >> > >> > > Requiredparameters.Add("message", "This is a test upload"); > > >> > >> > > requestUrl = OAuthUtility.AppendParametersForPOST("http:// > >> > >> > > api.twitpic.com/2/upload.json", Requiredparameters); > > >> > >> > > HttpWebRequest webRequest = > >> > >> > > (HttpWebRequest)WebRequest.Create(requestUrl); > >> > >> > > webRequest.Method = "POST"; > > >> > >> > > webRequest.Headers.Add("X-Verify-Credentials-Authorization", > >> > >> > > AuthorizationHeaderForAuth); > >> > >> > > webRequest.Headers.Add("X-Auth-Service-Provider", "https:// > >> > >> > > api.twitter.com/1/account/verify_credentials.json"); > > >> > >> > > where a typical AuthorizationHeaderForAuth looks like this: > > >> > >> > > OAuth realm="http:// > >> > >> > > api.twitter.com",oauth_consumer_key="9cjtddsslOYCRJqyp7XKzA",oauth_nonce="4D34866",oauth_signature_method="HMAC- > >> > >> > > SHA1",oauth_timestamp="1230153261",oauth_token="15322554-7q4tTvSwJ9oB6iWZh7DvRjkn60eKTc1T4VRkNl4",oauth_version="1.0",oauth_signature="gbMRJ1OA9JNiZGksnRyFdT6iP20%3D" > > >> > >> > > Can anyone please suggest where things may be going wrong? > > >> > >> > > Many thanks > >> > >> > > Gerard- Hide quoted text - > > >> > - Show quoted text -- Hide quoted text - > > >> - Show quoted text -- Hide quoted text - > > - Show quoted text -