Hello Taylor,
I did as instructed.
I ensured that the my application makes the same signature as in
http://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iv-signing-requests/
when i put in my data. I tested around 10 rounds and all gave me
accurate match.
For the last one.
My base url is
POST&http%3A%2F%2Fapi.twitter.com%3A%2Foauth
%2Frequest_token&oauth_callback%3Doob%26oauth_consumer_key
%3DN3jplhm1n1ypCzg2eWEg2w%26oauth_nonce%3DMnt1UWDYvHtA
%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp
%3D1282348605%26oauth_token%3D%26oauth_version%3D1.0
And my signature is
S7hJdJeFE3sFf7qOID3pwModxAw%3D
But again i get the same results
On emulator i get 'Failed to validate oauth signature and token'
On device i get '401 unauthorized'
:(
On Aug 20, 8:00 pm, Taylor Singletary <taylorsinglet...@twitter.com>
wrote:
> The callback will be *executed *following the authorization step, but
> defining what that callback should be happens on the request token step.
>
> Taylor
>
> On Fri, Aug 20, 2010 at 7:53 AM, Mukha Mudra
> <chandran.biju...@gmail.com>wrote:
>
>
>
> >http://oauth.net/core/1.0/#anchor9
> > This states that the callback parameter will come in for the
> > Authorization step once the request token is obtained.
> > Is the doc outdated or am i misinterpreting it?
>
> > On Aug 20, 7:19 pm, Taylor Singletary <taylorsinglet...@twitter.com>
> > wrote:
> > > It sounds like your HMAC-SHA1 signature generation is not correct. I
> > would
> > > recommend going to the most basic examples in the OAuth specification (
> > best
> > > walked through here:
> >http://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iv-signin...)
> > > and make sure you can create the same signatures as the examples --
> > > without ever making an actual API call -- before proceeding further.
>
> > > Once you are sure your signature generation algorithm can handle the
> > basic
> > > examples in the specification, move on to Twitter-specific requests.
> > Attempt
> > > exotic requests, like status updates with UTF-8 characters and spaces.
>
> > > Also important to note that the OAuth specification requires an
> > > oauth_callback to be provided on the request_token step, regardless of
> > > whether you've pre-specified it in your application record or not. If
> > you're
> > > not doing a URL-based callback, you should be providing
> > oauth_callback=oob.
>
> > > Taylor
>
> > > On Fri, Aug 20, 2010 at 2:40 AM, Mukha Mudra <chandran.biju...@gmail.com
> > >wrote:
>
> > > > I STILL AM NOT ABLE TO GET THIS DONE
> > > > The base url is
> > > > POST&http%3A%2F%2Fapi.twitter.com%2Foauth
> > > > %2Frequest_token&oauth_consumer_key%3DN3jplhm1n1ypCzg2eWEg2w
> > > > %26oauth_nonce%3Dkh1282296538%26oauth_signature_method%3DHMAC-
> > > > SHA1%26oauth_timestamp%3D1282296538%26oauth_version%3D1.0
>
> > > > The signature created is somewhat like this
> > > > yIVws5LaQmJq+ysYrKXLZ0l01wI
>
> > > > It is without = in the end. Is it mandatory to append it.
> > > > I am referring this site.
> >http://hueniverse.com/2008/10/beginners-guide-
> > > > to-oauth-part-iv-signing-requests/
> > > > When i put my values, the base url is same that is generated. But the
> > > > signature created by my program is different.
>
> > > > On emulator i get 'Failed to validate oauth signature and token'
> > > > On device i get '401 unauthorized'
>
> > > > Has anyone tried it on Symbian before??
> > > > Plz help....
>
> > > > On Aug 19, 3:15 pm, Tom van der Woerdt <i...@tvdw.eu> wrote:
> > > > > Yes, it is, and although this is one of the three forms you can use,
> > the
> > > > > header authorization is preferred.
>
> > > > > Tom
>
> > > > > On 8/19/10 10:06 AM, Mukha Mudra wrote:
>
> > > > > > I read in the documentation example the following.
> > > > > > Authorization: OAuth realm="http://photos.example.net/";,
> > > > > > oauth_consumer_key="dpf43f3p2l4k3l03",
> > > > > > oauth_token="nnch734d00sl2jdk",
> > > > > > oauth_signature_method="HMAC-SHA1",
> > > > > > oauth_signature="tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM
> > > > > > %3D",
> > > > > > oauth_timestamp="1191242096",
> > > > > > oauth_nonce="kllo9940pd9333jh",
> > > > > > oauth_version="1.0"
>
> > > > > > Is this header required?
>
> > > > > > On Aug 19, 11:23 am, Mukha Mudra <chandran.biju...@gmail.com>
> > wrote:
> > > > > >> Ok tried that.
> > > > > >> Base url
> > > > > >> POST&https%3A%2F%2Fapi.twitter.com%2Foauth
> > > > > >> %2Frequest_token&oauth_consumer_key
>
> > > > %3D*******************************************%26oauth_signature_method
> > > > > >> %3DHMAC-SHA1%26oauth_nonce%3Dkh2147483647%26oauth_timestamp
> > > > > >> %3D1282198197%26oauth_version%3D1.0
>
> > > > > >> When i use https i get Twitter Is Over Capacity
> > > > > >> When i use http i get 401 Unauthorised
> > > > > >> I am trying to access from a SYmbian Http client.Will that make
> > any
> > > > > >> difference?
> > > > > >> The User Agent in header is "SimpleClient 1.0"
>
> > > > > >> On Aug 19, 11:05 am, Mukha Mudra <chandran.biju...@gmail.com>
> > wrote:
>
> > > > > >>> Thanks Matt let me try that.. I read in the documentation that
> > > > > >>> oauth_version is OPTIONAL and if not submitted the Service
> > Provider
> > > > > >>> will take it as 1.0. Anyways will try that. Also can you tell me
> > > > > >>> should be using just http or https for url?
>
> > > > > >>> On Aug 19, 10:43 am, Matt Harris <thematthar...@twitter.com>
> > wrote:
>
> > > > > >>>> Hi Mukha,
>
> > > > > >>>> Your base string and API seems to be missing the oauth_version
> > > > parameter
> > > > > >>>> which you should be setting to 1.0. Also, the URL in your base
> > > > string is
> > > > > >>>> seems to be missing the protocol 'http'. Yours starts
> > POST&%3A%2F%2F
> > > > when it
> > > > > >>>> should be POST&http%3A%2F%2F
>
> > > > > >>>> Hope that helps,
> > > > > >>>> Matt
>
> > > > > >>>> On Wed, Aug 18, 2010 at 8:53 PM, Mukha Mudra <
> > > > chandran.biju...@gmail.com>wrote:
>
> > > > > >>>>> Thanks Taylor.
> > > > > >>>>> I changed that and base string is now like this
> > > > > >>>>> POST&%3A%2F%2Fapi.twitter.com%2Foauth
> > > > > >>>>> %2Frequest_token&oauth_consumer_key%3D*************************
> > > > > >>>>> %26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp
> > > > > >>>>> %3D1282189027%26oauth_nonce%3Dkh432142249
>
> > > > > >>>>> I call the url with query parameters according to the Jane
> > example
> > > > > >>>>> provided in Appendix of documentation.
>
> > > >http://api.twitter.com/oauth/request_token?oauth_consumer_key=*******.
> > ..
>
> > > > > >>>>> But now i get "401 Unauthorized"
> > > > > >>>>> I have checked my consumer key and secret key.They seem to be
> > > > > >>>>> alright.What could be happening?
> > > > > >>>>> Should open another post for this?
>
> > > > > >>>>> On Aug 19, 12:17 am, Taylor Singletary <
> > > > taylorsinglet...@twitter.com>
> > > > > >>>>> wrote:
> > > > > >>>>>> There are many elements to Twitter, the API, and the stack the
> > > > runs the
> > > > > >>>>>> whole site. It is possible, though rare, that you'll see this
> > > > error in
> > > > > >>>>> other
> > > > > >>>>>> conditions.
>
> > > > > >>>>>> Looking at your signature base string here, I notice that you
> > > > don't
> > > > > >>>>> include
> > > > > >>>>>> a separator between the URL you are executing and the
> > parameters
> > > > -- that
> > > > > >>>>>> first %26 you have in your signature base string shouldn't be
> > > > encoded..
> > > > > >>>>> it
> > > > > >>>>>> should just be "&" as it works as a separator between
> > portions:
>
> > > > > >>>>>> $HTTP_METHOD + "&" percent_encoded($REQUEST_URI) + "&"
> > > > > >>>>>> percent_encoded($URL_ENCODED_PARAMETERS)
>
> > > > > >>>>>> Taylor
>
> > > > > >>>>>> On Wed, Aug 18, 2010 at 12:03 PM, Tom van der Woerdt <
> > > > i...@tvdw.eu>
> > > > > >>>>> wrote:
>
> > > > > >>>>>>> On 8/18/10 8:24 PM, Mukha Mudra wrote:
> > > > > >>>>>>>> Hi All,
> > > > > >>>>>>>> I just began to connect a Symbian application to
> > > > Twitter
> > > > > >>>>> via
> > > > > >>>>>>>> the REST API.
>
> > > > > >>>>>>>> The base URL used in signature is as follows
> > > > > >>>>>>>> POST&%3A%2F%2Fapi.twitter.com%2Foauth%2Frequest_token
> > > > > >>>>>>>> %26oauth_consumer_key%3D***************************
> > > > > >>>>>>>> %26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp
> > > > > >>>>>>>> %3D1282155396%26oauth_nonce%3Dkh511263264
>
> > > > > >>>>>>>> In response i get the Twitter Over Capacity html page.
>
> > > > > >>>>>>>> Since I have just begun , I am not sure that apart from
> > server
> > > > > >>>>>>>> overloading , by any chance, does a wrong invocation of the
> > API
> > > > also
> > > > > >>>>>>>> gives this error.
>
> > > > > >>>>>>>> Regards
> > > > > >>>>>>>> Biju
>
> > > > > >>>>>>> It does not.
>
> > > > > >>>>>>> Tom
>
> > > > > >>>> --
>
> > > > > >>>> Matt Harris
> > > > > >>>> Developer Advocate, Twitterhttp://twitter.com/themattharris
