Thanks, I know how xAuth works. ;-) This isn't xAuth though. The Base String consists of all parameters you send to Twitter. You aren't sending x_auth_username/x_auth_password (nor should you) so it shouldn't be in the Base String.
You may be confused between xAuth and OAuth here: xAuth is simply an extension to OAuth, so that Desktop applications can easily exchange usernames/passwords for credentials. However, a call to any other endpoint than access_token is not at all related to xAuth, so you should not be sending the username and/or password. That's what credentials are for :-) Tom On 9/20/10 8:35 PM, andy wrote: > I use xauth, so I can log in directly from my application for Twitter. > For pure OAuth it läft an extra URL on Twitter and you get a pin code > with which I return to my application needs. > > The xauth-i parameter to give, as it is described in the Twitter > documentation. > > Would in my GET request, the parameters are passed with xauth? > > > > > On 20 Sep., 20:23, Tom van der Woerdt <[email protected]> wrote: >> No, that's no problem. >> >> What I *did* just notice is that the parameters in your Base String >> don't match the parameters in your GET. Why are you sending x_auth_*? >> >> Tom >> >> On 9/20/10 8:21 PM, andy wrote: >> >>> Thank you for the quick help, I've just seen that the parameters >>> since_id, since_date, max_id, count, page I have not supplied. >>> Can there be a problem because in the absence of these? >> >>> On 20 Sep., 20:10, Tom van der Woerdt <[email protected]> wrote: >>>> Yes, OAuth is the authentication layer. If you are asked for a password, >>>> just click cancel (but really, it shouldn't ask you for one). >> >>>> Tom >> >>>> On 9/20/10 8:07 PM, andy wrote: >> >>>>> Hello Tom, >> >>>>> I get an successfull response with the oauthToken, oauthSecret, >>>>> userId, Screenname. >> >>>>> My basestring to generate my signature ist this: >>>>> POST&https%3A%2F%2Fapi.twitter.com%2Foauth >>>>> %2Faccess_token&oauth_consumer_key%3D...myKey...%26oauth_nonce >>>>> %3D4093828128%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp >>>>> %3D1284991785%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth >>>>> %26x_auth_password%3D...myTwitterPassword....%26x_auth_username >>>>> %3D...myTwitterUserName... >> >>>>> When I send a request with GET-Parameter it will open a Window, where >>>>> should I enter my user data. After this I will get following XML-Code: >> >>>>> <hash> >>>>> - >>>>> <request> >>>>> /1/statuses/home_timeline.xml? >>>>> oauth_timestamp=1284991785&oauth_token=..myOauthToken..&oauth_consumer_key=...myConsumer_Key...&oauth_signature_method=HMAC- >>>>> SHA1&oauth_version=1.0& >>>>> oauth_nonce=0EEC37AC-3B39-9DC5-4316-2F7A999B057B&oauth_signature=..myGeneratedSignanture >>>>> </request> >>>>> <error>Could not authenticate you.</error> >>>>> </hash> >> >>>>> The Signantur is indeed meant to be autentifizieren the user, or not? > -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
