On 8/11/10 8:38 PM, isaiah1112 wrote: > Ok... here is what I cam up with using the keys and secrets you > provided in your previous post > > Base String is: > > GET&https%3A%2F%2Fapi.twitter.com%2F1%2Faccount > %2Fverify_credentials.json&oauth_consumer_key%3DGDdmIQH6jhtmLUypg82g > %26oauth_nonce > %3D702fab381be61bb60f210dd07d80be722da33f05%26oauth_signature_method > %3DHMAC-SHA1%26oauth_token%3D819797- > Jxq8aYUDRmykzVKrgoLhXSq67TEa5ruc4GJC2rWimw%26oauth_timestamp > %3D1281551596%26oauth_version%3D1.0 > > consumersecret&usersecret is: > MCD8BKwGdgPHvAuvgvz4EQpqDAtx89grbuNMRd7Eh98&J6zix3FfA9LofH0awS24M3HcBYXO5nI1iYe8EfBA > > Thus the non-url encoded signature would be: > XUNmLwpiC2W0xyrxPs4yAMmHO9c= > > And the HTTP header would be (signature is URL encoded): > > Authorization: OAuth oauth_consumer_key="GDdmIQH6jhtmLUypg82g", > oauth_nonce="702fab381be61bb60f210dd07d80be722da33f05", > oauth_signature_method="HMAC-SHA1", > oauth_signature="XUNmLwpiC2W0xyrxPs4yAMmHO9c%3D", > oauth_token="819797-Jxq8aYUDRmykzVKrgoLhXSq67TEa5ruc4GJC2rWimw", > oauth_timestamp="1281551596", > oauth_version="1.0" > > Let me know if you came up with the same thing > > > On Aug 11, 10:00 am, Tom van der Woerdt <i...@tvdw.eu> wrote: >> On 8/11/10 5:52 PM, isaiah1112 wrote: >> >> >> >> >> >>> I have been developing a complete OAuth Library for Twitter in >>> AppleScript (I know, some people thought it was impossible but it >>> isn't). The trouble is, I can authorize OAuth and get my token and >>> secret from Twitter without any issues. However, once I try to make a >>> call to the API the script will not validate my signature. I am using >>> the exact same methods to create my base string and signature that I >>> used to authorize OAuth so I know it has to be an issue with either my >>> header or base string parameters for this call... If someone could >>> look this over and tell me if everything checks out that would be >>> great! >> >>> This is a simple call to gethttps://api.twitter.com/1/direct_messages.xml >>> api.... >> >>> Base string is >> >>> GET&https%3A%2F%2Fapi.twitter.com >>> %2F1%2Fdirect_messages.xml&oauth_consumer_key%3D2qKWThvrdoDBKeQCmIMA2w >>> %26oauth_nonce >>> %3D28e0ef3fec75d92e6fc95460ffef4581ffd1d8f1%26oauth_signature_method >>> %3DHMAC-SHA1%26oauth_token%3D90908405- >>> B0SOI7v64YMcx7VOPTOvSieUOztDNPStWVY9rnabJ%26oauth_timestamp >>> %3D1281541844%26oauth_version%3D1.0 >> >>> The header for this call is listed as >> >>> Authorization: OAuth oauth_consumer_key="2qKWThvrdoDBKeQCmIMA2w", >>> oauth_nonce="28e0ef3fec75d92e6fc95460ffef4581ffd1d8f1", >>> oauth_signature_method="HMAC-SHA1", >>> oauth_signature="%2B8UDpXZN9SwZsUBsFNv%2B518sLg0%3D", >>> oauth_token="90908405-B0SOI7v64YMcx7VOPTOvSieUOztDNPStWVY9rnabJ", >>> oauth_timestamp="1281541844", >>> oauth_version="1.0" >> >>> If you would like any other information to test this out for yourself >>> please let me know! >> >> If your code works with non-authorized requests and not with authorized >> ones, then I think that the issue would have to be with generating your >> "key". Make sure that you use <consumer secret>&<user secret>. >> >> If this is not the case, then please try generating a signature for >> verify_credentials.json, using the consumer key "GDdmIQH6jhtmLUypg82g", >> consumer secret "MCD8BKwGdgPHvAuvgvz4EQpqDAtx89grbuNMRd7Eh98", user >> token "819797-Jxq8aYUDRmykzVKrgoLhXSq67TEa5ruc4GJC2rWimw" and user >> secret "J6zix3FfA9LofH0awS24M3HcBYXO5nI1iYe8EfBA". Please post the base >> string and the signature which you generate. >> >> Tom >> >> PS: Those keys which I named aren't actual keys, I took them from >> dev.twitter.com.
Hi, Using exactly the same values as you provided (including the base string), I got XUNmLwpiC2W0xyrxPs4yAMmHO9c= as well. However, when I applied sort(), I got zKLhRH6fz/p7UtVsS25KPQGJWD0= Apparently, your oauth_token and oauth_timestamp are in the wrong order ;-) Tom