Hi Charles,

I see a few problems here in your trace -- thanks for sending it -- though
you mentioned your first one succeeded, it still appears to have a few
things technically wrong with it that you'll want to clear up so you can
rule them out as contributors to when you do have problems.

#1 - you're including your status message in your authorization header. The
authorization header should include only the relevant oauth_* related
parameters for the request

#2 - Not sure if this is just lost in translation, but space characters need
to be encoded to be valid in a POST body. This means that each space
character in your status message needs either a "+" character or a "%20"
where a space exists now. If you're using an OAuth library that does the
right thing, it should handle encoding the already-percent-encoded
characters when building the signature base string (by percent encoding them
again).

#3 - Recommend using a non-purely numerical nonce, though it's not
absolutely required as long as your nonce numbers are unique for all
requests across your application key

#4 - You have a percent in your POST body in the failed example. A POST body
cannot contain a "%" character unless it is used as a token identifier for
percent-encoding. You should be URL/percent encoding your percent characters
as well: "%25"

What are you using to calculate your OAuth
parameters/signature/authorization header?

Your real POST body in your failed example should look something like:
status=22%20Jul%2009%3A19%3A24%3A%20PROBLEM%3A%20some-router%20%5B1.2.3.4%5D%20%28Some%20test%20router%29%20is%20DOWN%3A%20PING%20CRITICAL%20-%20Packet%20loss%20%3D%20100%25

Your Authorization header should look more like (though the signature will
have changed due to the properly encoded POST body):

Authorization: OAuth realm="", oauth_nonce="61983556",
oauth_timestamp="1280832381",
oauth_consumer_key="[...]", oauth_signature_method="HMAC-SHA1",
oauth_version="1.0", oauth_token="[...]",
oauth_signature="1UQZftmmiDjrqWB%2Fs%2B89nLpVSSw%3D"

Hope this helps.
Taylor

On Tue, Aug 3, 2010 at 4:06 AM, Charles <charles.briscoe.sm...@gmail.com>wrote:

> Thanks Matt - tcpdump to the rescue!  One good and one bad transaction
> are shown below.  "[...]" is stuff I've removed.  As you can see, the
> only obvious difference, apart from signature generated, is that I've
> chopped the end off the tweet in the good transaction... and that such
> chopping-off pretty reliably makes the transaction succeed where the
> full tweet fails.  I'm afraid I don't have the base signature strings
> at present; I'd have to spend some time working out how oauth-proxy
> works and modifying it to output them...  Let me know if I need to do
> that.
>
> Good transaction:
>
> ---SENT---
> POST /1/statuses/update.xml HTTP/1.0
> content-length: 103
> Authorization: OAuth realm="", status="22 Jul 09:19:24: PROBLEM: some-
> router [1.2.3.4] (Some test router) is DOWN: PING CRITICAL - Pack",
> oauth_nonce="39099550", oauth_timestamp="1280832392",
> oauth_consumer_key="[...]", oauth_signature_method="HMAC-SHA1",
> oauth_version="1.0", oauth_token="[...]",
> oauth_signature="yplz8tgdTMG1UaTCjmdXWxCONbQ%3D"
> pragma: no-cache
> connection: close
> content-type: application/x-www-form-urlencoded
> host: api.twitter.com
> accept: */*
> user-agent: curl/7.18.2 (i486-pc-linux-gnu) libcurl/7.18.2 OpenSSL/
> 0.9.8g zlib/1.2.3.3 libidn/1.8 libssh2/0.18
>
> status=22 Jul 09:19:24: PROBLEM: some-router [1.2.3.4] (Some test
> router) is DOWN: PING CRITICAL - Pack
> ---END (no newline at end)---
>
> ---RECEIVED---
> HTTP/1.1 200 OK
> Date: Tue, 03 Aug 2010 10:46:32 GMT
> [...]
> ---END---
>
> Bad transaction:
>
> ---SENT---
> POST /1/statuses/update.xml HTTP/1.0
> content-length: 117
> Authorization: OAuth realm="", status="22 Jul 09:19:24: PROBLEM: some-
> router [1.2.3.4] (Some test router) is DOWN: PING CRITICAL - Packet
> loss = 100%", oauth_nonce="61983556", oauth_timestamp="1280832381",
> oauth_consumer_key="[...]", oauth_signature_method="HMAC-SHA1",
> oauth_version="1.0", oauth_token="[...]",
> oauth_signature="1UQZftmmiDjrqWB%2Fs%2B89nLpVSSw%3D"
> pragma: no-cache
> connection: close
> content-type: application/x-www-form-urlencoded
> host: api.twitter.com
> accept: */*
> user-agent: curl/7.18.2 (i486-pc-linux-gnu) libcurl/7.18.2 OpenSSL/
> 0.9.8g zlib/1.2.3.3 libidn/1.8 libssh2/0.18
>
> status=22 Jul 09:19:24: PROBLEM: some-router [1.2.3.4] (Some test
> router) is DOWN: PING CRITICAL - Packet loss = 100%
> ---END SENT (no terminating newline)---
>
> ---RECEIVED---
> HTTP/1.1 500 Internal Server Error
> Date: Tue, 03 Aug 2010 10:46:21 GMT
> Server: hi
> Status: 500 Internal Server Error
> [...]
>    <title>Twitter / Error</title>
> [...]
>          <h2>Something is technically wrong.</h2>
>          <p>Thanks for noticing...we're going to fix it up and have
> things back to normal soon.</p>
> [...]
> ---END RECEIVED---
>
> Thanks!
>
> --Charles
>

Reply via email to