[twitter-dev] OAuth singing on BlackBerry

Thu, 05 Aug 2010 17:56:26 -0700 

I am having a really tough time trying to figure out how to sign my
OAuth request.  I am trying to follow the example at 
http://dev.twitter.com/pages/xauth
and my signature does not come out the same as it does in the
example...

I am doing....

public static void xauth(){
        try {
            String twitter_url="https://api.twitter.com/oauth/
access_token";
            String oauth_consumer_key = "sGNxxnqgZRHUt6NunK3uw";
            String oauth_consumer_secret =
"5kEQypKe7lFHnufLtsocB1vAzO07xLFgp2Pc4sp2vk";
            String oauth_nonce =
"WLxsobj4rhS2xmCbaAeT4aAkRfx4vSHX4OnYpTE77hA";
            String oauth_signature_method = "HMAC-SHA1";
            String oauth_timestamp = "1276101652";
            String oauth_version = "1.0";
            String x_auth_mode = "client_auth";
            String x_auth_password = "%&123!aZ+()456242134";
            String x_auth_username = "tpFriendlyGiant";

            String postBody = "x_auth_mode="+x_auth_mode
+"&x_auth_password="+encodeUTF8(x_auth_password)+
                "&x_auth_username="+encodeUTF8(x_auth_username);

            String baseString = "POST&"+encodeUTF8(twitter_url)+
                "&oauth_consumer_key%3D"+oauth_consumer_key +
                "%26oauth_nonce%3D"+oauth_nonce+
                "%26oauth_signature_method%3D"+oauth_signature_method+
                "%26oauth_timestamp%3D"+oauth_timestamp+
                "%26oauth_version%3D"+oauth_version+
                "%26"+encodeUTF8(postBody);

            String signingSecret = encodeUTF8(oauth_consumer_secret)
+"&";

            String signature = hmacsha1(signingSecret, baseString);

            String header = new StringBuffer("OAuth oauth_nonce=
\"").append(oauth_nonce).append("\", oauth_signature_method=\"")
                .append(oauth_signature_method).append("\",
oauth_timestamp=\"").append(oauth_timestamp).append("\",
oauth_consumer_key=\"")
                .append(oauth_consumer_key).append("\",
oauth_signature=\"").append(signature).append("\", oauth_version=\"")
                .append(oauth_version).append("\"").toString();

            System.out.println("Header = " + header);
        } catch (CryptoTokenException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (CryptoUnsupportedOperationException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (IOException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
    }

    private static String hmacsha1(String key, String message) throws
CryptoTokenException,
        CryptoUnsupportedOperationException, IOException {
        HMACKey k = new HMACKey(key.getBytes());
        HMAC hmac = new HMAC(k, new SHA1Digest());
        hmac.update(message.getBytes());
        byte[] mac = hmac.getMAC();
        return Base64OutputStream.encodeAsString(mac, 0, mac.length,
false, false);
    }

Everything matches the example, but when they sign they get...

oauth_signature="yUDBrcMMm6ghqBEKCFKVoJPIacU%3D"

and I get...

MUYmiobRdoK6s0ZVqo4xQNNO17w=

Can anyone see anything I am doing wrong?

Thanks,
Kevin

Reply via email to