Hi,

I don't have a java compiler ready so I can't test your code.

The page about xAuth shows all steps between the start and the actual
signature. Try reproducing every single one of these values. (Usually
you can simply log all steps and then compare the results with the
xauth page.)

Tom


On Aug 6, 2:56 am, BBTweet Media Player <bbtweetme...@gmail.com>
wrote:
> I am having a really tough time trying to figure out how to sign my
> OAuth request.  I am trying to follow the example 
> athttp://dev.twitter.com/pages/xauth
> and my signature does not come out the same as it does in the
> example...
>
> I am doing....
>
> public static void xauth(){
>         try {
>             String twitter_url="https://api.twitter.com/oauth/
> access_token";
>             String oauth_consumer_key = "sGNxxnqgZRHUt6NunK3uw";
>             String oauth_consumer_secret =
> "5kEQypKe7lFHnufLtsocB1vAzO07xLFgp2Pc4sp2vk";
>             String oauth_nonce =
> "WLxsobj4rhS2xmCbaAeT4aAkRfx4vSHX4OnYpTE77hA";
>             String oauth_signature_method = "HMAC-SHA1";
>             String oauth_timestamp = "1276101652";
>             String oauth_version = "1.0";
>             String x_auth_mode = "client_auth";
>             String x_auth_password = "%&123!aZ+()456242134";
>             String x_auth_username = "tpFriendlyGiant";
>
>             String postBody = "x_auth_mode="+x_auth_mode
> +"&x_auth_password="+encodeUTF8(x_auth_password)+
>                 "&x_auth_username="+encodeUTF8(x_auth_username);
>
>             String baseString = "POST&"+encodeUTF8(twitter_url)+
>                 "&oauth_consumer_key%3D"+oauth_consumer_key +
>                 "%26oauth_nonce%3D"+oauth_nonce+
>                 "%26oauth_signature_method%3D"+oauth_signature_method+
>                 "%26oauth_timestamp%3D"+oauth_timestamp+
>                 "%26oauth_version%3D"+oauth_version+
>                 "%26"+encodeUTF8(postBody);
>
>             String signingSecret = encodeUTF8(oauth_consumer_secret)
> +"&";
>
>             String signature = hmacsha1(signingSecret, baseString);
>
>             String header = new StringBuffer("OAuth oauth_nonce=
> \"").append(oauth_nonce).append("\", oauth_signature_method=\"")
>                 .append(oauth_signature_method).append("\",
> oauth_timestamp=\"").append(oauth_timestamp).append("\",
> oauth_consumer_key=\"")
>                 .append(oauth_consumer_key).append("\",
> oauth_signature=\"").append(signature).append("\", oauth_version=\"")
>                 .append(oauth_version).append("\"").toString();
>
>             System.out.println("Header = " + header);
>         } catch (CryptoTokenException e) {
>             // TODO Auto-generated catch block
>             e.printStackTrace();
>         } catch (CryptoUnsupportedOperationException e) {
>             // TODO Auto-generated catch block
>             e.printStackTrace();
>         } catch (IOException e) {
>             // TODO Auto-generated catch block
>             e.printStackTrace();
>         }
>     }
>
>     private static String hmacsha1(String key, String message) throws
> CryptoTokenException,
>         CryptoUnsupportedOperationException, IOException {
>         HMACKey k = new HMACKey(key.getBytes());
>         HMAC hmac = new HMAC(k, new SHA1Digest());
>         hmac.update(message.getBytes());
>         byte[] mac = hmac.getMAC();
>         return Base64OutputStream.encodeAsString(mac, 0, mac.length,
> false, false);
>     }
>
> Everything matches the example, but when they sign they get...
>
> oauth_signature="yUDBrcMMm6ghqBEKCFKVoJPIacU%3D"
>
> and I get...
>
> MUYmiobRdoK6s0ZVqo4xQNNO17w=
>
> Can anyone see anything I am doing wrong?
>
> Thanks,
> Kevin

Reply via email to