Hello again Tom,
OK, I've got my POST status update working, but now I want to GET
direct messages. Here is my GET base string:

GET&http%3A%2F%2Ftwitter.com%2Fdirect_messages.xml&oauth_consumer_key
%3Dwd0fPjdiRT6G9m9O7OYRg%26oauth_nonce
%3D8c8faf86e772390fb526%26oauth_signature_method%3DHMAC-
SHA1%26oauth_timestamp%3D1283872376%26oauth_token%3D17396968-
lorGbfmR4dJpPi98H7kmynjp4wEaFUoWRAsQJ1hem%26oauth_version%3D1.0%26count
%3D20

The sig checker reports:

Bad sorting!

All Base String parameters (query and POST parameters) must be sorted
alphabetically.

But I'm only providing one parameter at the moment, "count", so is
that correct?

Thanks a lot

Garry

On Sep 7, 3:16 pm, Tom van der Woerdt <i...@tvdw.eu> wrote:
> You sign using consumersecret&usersecret <-- the 2 secrets.
>
> Tom
>
> On 9/7/10 4:13 PM, Garry wrote:
>
>
>
> > Thanks Tom, OK, I've removed the source parameter, still no luck... My
> > new POST:
>
> > POST&http%3A%2F%2Ftwitter.com%2Fstatuses
> > %2Fupdate.xml&oauth_consumer_key%3Dwd0fPjXXXXX9m9O7OYRg%26oauth_nonce
> > %3Ddf4d3f58753ebc507840%26oauth_signature_method%3DHMAC-
> > SHA1%26oauth_timestamp%3D1283868421%26oauth_token%3D17396968-
> > lorGbfmR4dJpPi98XXXXXjp4wEaFUoWRAsQJ1hem%26oauth_version%3D1.0%26status
> > %3DTest%2520from%2520OAuth
>
> > I think maybe the problem is my signing, what should I be signing this
> > with? I'm not sure if I should be using the token&secret from my first
> > xAuth call, or is it something else?
>
> > Thanks
>
> > Garry
>
> > On Sep 7, 3:03 pm, Tom van der Woerdt <i...@tvdw.eu> wrote:
> >> I spotted a "source" in your Base String. You don't need to send that one.
>
> >> As long as you send these properly, it will work :
> >> oauth_consumer_key      wd0XXXXXX6G9m9O7OYRg
> >> oauth_nonce     e68644aad6fd745d5022
> >> oauth_signature_method  HMAC-SHA1
> >> oauth_timestamp 1283866974
> >> oauth_token     17396968-lorGbfmR4dJpPXXXXXynjp4wEaFUoWRAsQJ1hem
> >> oauth_version   1.0
> >> source  sndtweet
> >> status  Test from OAuth
> >> oauth_signature ??????
>
> >> Never add things to your base string if you don't send them, and make
> >> sure to add everything you send. :-)
>
> >> Tom
>
> >> On 9/7/10 3:54 PM, Garry wrote:
>
> >>> Hi all,
> >>> I have used the xAuth system to get myself this HTTP response:
>
> >>> HTTP/1.1 200 OK
> >>> (Clipped lots of other headers)
>
> >>> oauth_token=17396968-
> >>> lorGbfmR4dJpPi98HXXXXXX4wEaFUoWRAsQJ1hem&oauth_token_secret=BQ6nHHB0jMNnYNX
> >>>  
> >>> XXXXXK2RQh5JgMV20aL9a7E&user_id=17396968&screen_name=garrytaylor&x_auth_exp
> >>>  ires=0
>
> >>> OK, I guess I need to use at least part of this to sign my POST
> >>> requests for a status update, but I'm feeling pretty stupid at the
> >>> moment, and I'm not sure what to use. I've got the POST body like
> >>> this:
>
> >>> POST&http%3A%2F%2Ftwitter.com%2Fstatuses
> >>> %2Fupdate.xml&oauth_consumer_key%3Dwd0XXXXXX6G9m9O7OYRg%26oauth_nonce
> >>> %3De68644aad6fd745d5022%26oauth_signature_method%3DHMAC-
> >>> SHA1%26oauth_timestamp%3D1283866974%26oauth_token%3D17396968-
> >>> lorGbfmR4dJpPXXXXXynjp4wEaFUoWRAsQJ1hem%26oauth_version%3D1.0%26source
> >>> %3Dsndtweet%26status%3DTest%2520from%2520OAuth
>
> >>> And signing it with
>
> >>> CONSUMERSECRETKEY+"&"+oauth_token_secret
>
> >>> Is that even vaguely correct?
>
> >>> The OAuth tester is awesome, but I'm not sure if I'm even signing the
> >>> right stuff with the right thing at the moment...
>
> >>> Thanks a lot in advance...
>
> >>> Garry

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk?hl=en

Reply via email to