On 8/11/10 5:52 PM, isaiah1112 wrote:
> I have been developing a complete OAuth Library for Twitter in
> AppleScript (I know, some people thought it was impossible but it
> isn't).  The trouble is, I can authorize OAuth and get my token and
> secret from Twitter without any issues. However, once I try to make a
> call to the API the script will not validate my signature.  I am using
> the exact same methods to create my base string and signature that I
> used to authorize OAuth so I know it has to be an issue with either my
> header or base string parameters for this call...  If someone could
> look this over and tell me if everything checks out that would be
> great!
> This is a simple call to get https://api.twitter.com/1/direct_messages.xml
> api....
> Base string is
> GET&https%3A%2F%2Fapi.twitter.com
> %2F1%2Fdirect_messages.xml&oauth_consumer_key%3D2qKWThvrdoDBKeQCmIMA2w
> %26oauth_nonce
> %3D28e0ef3fec75d92e6fc95460ffef4581ffd1d8f1%26oauth_signature_method
> %3DHMAC-SHA1%26oauth_token%3D90908405-
> B0SOI7v64YMcx7VOPTOvSieUOztDNPStWVY9rnabJ%26oauth_timestamp
> %3D1281541844%26oauth_version%3D1.0
> The header for this call is listed as
> Authorization: OAuth oauth_consumer_key="2qKWThvrdoDBKeQCmIMA2w",
> oauth_nonce="28e0ef3fec75d92e6fc95460ffef4581ffd1d8f1",
> oauth_signature_method="HMAC-SHA1",
> oauth_signature="%2B8UDpXZN9SwZsUBsFNv%2B518sLg0%3D",
> oauth_token="90908405-B0SOI7v64YMcx7VOPTOvSieUOztDNPStWVY9rnabJ",
> oauth_timestamp="1281541844",
> oauth_version="1.0"
> If you would like any other information to test this out for yourself
> please let me know!

If your code works with non-authorized requests and not with authorized
ones, then I think that the issue would have to be with generating your
"key". Make sure that you use <consumer secret>&<user secret>.

If this is not the case, then please try generating a signature for
verify_credentials.json, using the consumer key "GDdmIQH6jhtmLUypg82g",
consumer secret "MCD8BKwGdgPHvAuvgvz4EQpqDAtx89grbuNMRd7Eh98", user
token "819797-Jxq8aYUDRmykzVKrgoLhXSq67TEa5ruc4GJC2rWimw" and user
secret "J6zix3FfA9LofH0awS24M3HcBYXO5nI1iYe8EfBA". Please post the base
string and the signature which you generate.


PS: Those keys which I named aren't actual keys, I took them from

Reply via email to