Just going to chime in that I'm having the same problem with my own
implementation, despite following the documentation exactly. Even
sending the exact header that Tom linked to, "OAuth
oauth_signature_method="HMAC-SHA1", oauth_timestamp="1272323042",
oauth_version="1.0"", I'm still getting 401 Unauthorized returns from
the server. The same thing happens when I try to use an existing
library, which is why I turned to trying to make one myself to figure
out what's causing this error.

I've got my own post on this group with further details into my
specific problem, but getting an answer to this one would help me as


On Jul 30, 4:46 am, Andy Dixon <andy.di...@zxcreative.com> wrote:
> Hello,
> I'm trying to migrate my code across to using oAuth, and there is no class 
> for oAuth in the language I use, so I'm having to drop in at the deep end.
> At the moment, I am a bit stuck, I keep getting a 401 when I request a token.
> I have created this as my signature base string:
> POST&https%3A%2F%2Fapi.twitter.com%2Foauth%2Frequest_token&oauth_callback%3Doob%26oauth_consumer_key%3DAXpCOWR4c2IZVlSGNXvdZg%26auth_nonce%3DQP70eNmVz8jvdPevU3oJD2AfF7R7odC2XJcn4XlZJqk%26auth_signature_method%3DHMAC-SHA1%26auth_timestamp%3D1280511571%26auth_version%3D1.0
> Created a signed hash of this, using my Consumer Secret
> Base-64 encoded the hash since it was non-unicode
> URL Encoded the Base-64 string
> which then gives me:
> oAuth oauth_nonce="QP70eNmVz8jvdPevU3oJD2AfF7R7odC2XJcn4XlZJqk", 
> oauth_callback="oob", oauth_signature_method="HMAC-SHA1", 
> oauth_timestamp="1280511571", oauth_consumer_key="AXpCOWR4c2IZVlSGNXvdZg", 
> oauth_signature="4zCns2DZTQzmo2HpYY99dhJVl5A%3D", oauth_version="1.0"
> But when I make the POST request with the above set, I still get a 401 
> Unauthorised.
> Could someone steer me in the right direction please?
> Thanks :)
> Andy

Reply via email to