Hello Taylor!

I don't think the error has something to do with the access token,
because sometimes the error is thrown during my request to retrieve a
Request Token.
I'm afraid the error has something to do with encodings or something

Also, I would like to know if there is an "advised" way to generate
the nonce value.
I was using the formula of the OAuth library : it concatenates the
timestamp and a random integer value, and then it applies a MD5 hash
on it. Maybe you or someone else know another way that works to
generate this value.


Mounir Regragui

On 29 juil, 18:15, Taylor Singletary <taylorsinglet...@twitter.com>
> Hi Mounir,
> In this case I'm fairly confident then that it's the Twitter API
> implementation of OAuth that's at fault here and these invalid nonce errors
> are spurious for you. While I hate to suggest working around bugs like this,
> it might be your best strategy -- if you encounter an invalid nonce error,
> pause for a few moments, regenerate the request with a different nonce and
> timestamp, and try again.
> If you find a case where it's repeatably throwing you this error, for
> example -- you notice that it only happens for a certain access token, or it
> only happens when you're using certain characters in the POST body or nonce
> -- then please bring it to our attention.
> Scalability projects, among other things, have prevented our engineering
> team from rolling out a reimplementation of our OAuth back end that will fix
> aggravating issues like these, among other things.
> Taylor
> On Thu, Jul 29, 2010 at 12:43 AM, Mounir Regragui <reg.mou...@gmail.com>wrote:
> > Hello everybody,
> > Yesterday I was exposing an issue I encoutered.
> > My code was working perfectly, and then I started having a 401 error
> > code with this error message : "<error>Invalid / used nonce</error>"
> > when I make API calls.
> > I thought it was solved because yesterday I did some API calls that
> > made it through. However this issue is still here today.
> > Actually, when I make API calls (POST, GET or OAuth requests),
> > sometimes everything works fine, sometimes i have the "Invalid / used
> > nonce" error.
> > As I told Taylor yesterday, I am sure that that the system time is
> > correct (because when I change it, nothing works), and because as I
> > said, when i try to send a request with the exact same code running,
> > sometimes it fails, sometimes it does not.
> > Here are dumps of the communications
> > I tried to send a tweet, had an error :http://pastebin.com/ur2JYtnM
> > A few seconds later, i run the exact same code and it is valid :
> >http://pastebin.com/6knpLHBW
> > (I will reset my key and secret ^^)
> > I really do not know where the issue comes from, because the code was
> > running flawlessly last week!
> > Any kind of help appreciated.
> > Regards.
> > Mounir Regragui

Reply via email to