Without getting to deep into this, some advice:

* Use HTTP header based authentication instead of attaching OAuth parameters
to the query string. It makes it much more difficult to receive assistance
from others when you use query-string based auth and increases the chances
of an encoding error exponentially.

* Avoid strange characters in an oauth_nonce. When possible, avoid the "~"
character entirely -- depending on the language and libraries you are using,
some are less spec compliant than others on characters like tilde

* That you were able to negotiate oauth_tokens through xAuth is a good sign
that your code does something right. POSTs are harder than GETs. There must
be something simple wrong with your GET. Look very closely. Compare to the
spec if necessary. Compare to other code that produces the correct results.

Taylor

On Thu, Oct 14, 2010 at 4:06 AM, Georgooty varghese <georgo...@gmail.com>wrote:

>  Before I have implemented a twitter client in C# using xAuth
> authentication . At that application I have used xauth params for each url
> signin. Any problem I didn't get. That aclient application works fine.
>
>  Now I have changed language C# to C. I have used liboauth library. I got
> oauth_token and oauth_token_secret values successfully. Then I have try to
> get home tweets. But i got incorrect signature.
>
> Base URL
> --------------
>
> GET&http%3A%2F%2Fapi.twitter.com
> %2F1%2Fstatuses%2Fhome_timeline.json&oauth_consumer_key%3DOm
>
> TQVOKDomNbrHuuudS4Q%26oauth_nonce%3DuQTDMWP-6tFdwTAbDwiHeyrP7NEZ%26oauth_signature_method%3DHMAC-SH
>
> A1%26oauth_timestamp%3D1287053858%26oauth_token%3D144717423-P3to4wvZPFsgrIQWBAZPjlEAm39tfEtaao7HQWA7%26oauth_version%3D1.0
>
> Signature
> -------------
> FcKenujneOtQklp6HZYDkRc7BYzelW9Fsadj324RE&dirvhD970MRu
>                            oQxPM2uOfzocpkRT3m0LKn0HPDcKkM
>
> URL
> ------
>
> http://api.twitter.com/1/statuses/home_timeline.json?oauth_consumer_key=OmTQVOKDomNbrHuuudS4Q&o
>
> auth_nonce=uQTDMWP-6tFdwTAbDwiHeyrP7NEZ&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1287053858
>
> &oauth_token=144717423-P3to4wvZPFsgrIQWBAZPjlEAm39tfEtaao7HQWA7&oauth_version=1.0&oauth_signature=wgRPZqaIJU%2BrkHOSAN99JreWLr4%3D
>
> Error response look like below.
> -----------------------------------------------
>
> Header received header name:Date Value:Thu, 14 Oct 2010 10:57:39 GMT
>> NN 2010-10-14 16:27:39.700 Header received header name:Server Value:hi
>> NN 2010-10-14 16:27:39.700 Header received header name:Status Value:401
>> Unauthorized
>> NN 2010-10-14 16:27:39.700 Header received header name:WWW-Authenticate
>> Value:Basic realm="Twitter API"
>> NN 2010-10-14 16:27:39.700 Header received header name:Content-Type
>> Value:application/json; charset=utf-8
>> NN 2010-10-14 16:27:39.700 Header received header name:Content-Length
>> Value:350
>> NN 2010-10-14 16:27:39.700 Header received header name:Cache-Control
>> Value:no-cache, max-age=300
>> NN 2010-10-14 16:27:39.700 Header received header name:Set-Cookie
>> Value:k=121.241.181.70.1287053859204701; path=/;
>>                            expires=Thu, 21-Oct-10 10:57:39 GMT; domain=.
>> twitter.com
>> NN 2010-10-14 16:27:39.700 Header received header name:Set-Cookie
>> Value:guest_id=128705385920759845; path=/; expires=Sat, 13
>>                            Nov 2010 10:57:39 GMT
>> NN 2010-10-14 16:27:39.700 Header received header name:Set-Cookie
>>
>> Value:_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCI9ZY6orAToHaWQiJWNhNWJkMWFkNWNkZDQ0%250ANzkzZTUxZTdmMD
>>
>> AxY2YwMDNhIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--39a08a
>>                            fc637e1b3666e4066c100f477a9bfbd5b4; domain=.
>> twitter.com; path=/
>> NN 2010-10-14 16:27:39.700 Header received header name:Expires Value:Thu,
>> 14 Oct 2010 11:02:39 GMT
>> NN 2010-10-14 16:27:39.700 Header received header name:Vary
>> Value:Accept-Encoding
>> NN 2010-10-14 16:27:39.700 Header received header name:Connection
>> Value:close
>> NN 2010-10-14 16:27:39.700 Data:{"error":"Incorrect
>>
>> signature","request":"/1/statuses/home_timeline.json?oauth_consumer_key=OmTQVOKDomNbrHuuudS4Q&oauth
>>
>> _nonce=uQTDMWP-6tFdwTAbDwiHeyrP7NEZ&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1287053858&oau
>>
>> th_token=144717423-P3to4wvZPFsgrIQWBAZPjlEAm39tfEtaao7HQWA7&oauth_version=1.0&oauth_signature=wgRPZ
>>                            qaIJU%252BrkHOSAN99JreWLr4%253D"}
>>
>
>
> .Now I am strucked.   Any body please help me.........
>
> Regards,
> George
>
>>
>> On Thu, Oct 14, 2010 at 12:11 PM, Georgooty varghese <georgo...@gmail.com
>> > wrote:
>>
>>>
>>>
>>> Base string look like
>>>
>>> GET&http%3A%2F%2Fapi.twitter.com
>>> %2F1%2Fstatuses%2Fhome_timeline.json&oauth_consumer_key%3DOmTQVOKDomNbrHuuudS
>>>
>>> 4Q%26oauth_nonce%3DrkocKD.~GoWoUPUGvtdxPdNw4%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1287038316%26oauth_token%3D144717423-hrxCod9d6GMVnuLcYPHucluTxoDO68wFpGzkfn3h%26oauth_version%3D1.0
>>>
>>> signature
>>>
>>> FcKenujneOtQklp6HZYDkRc7BYzelW9Fsadj324RE&pVccpaABnoClLwzrPQSglNdWkvL8sr3Z9xwvGXDfg
>>>
>>> Please help me...
>>>
>>>
>>>
>>>
>>>
>>> On Thu, Oct 14, 2010 at 11:54 AM, Tom van der Woerdt <i...@tvdw.eu>wrote:
>>>
>>>> Could you give us your Base String?
>>>>
>>>> Tom
>>>>
>>>>
>>>> On Oct 14, 2010, at 8:00 AM, Georgooty varghese <georgo...@gmail.com>
>>>> wrote:
>>>>
>>>> Thanks for quick reply.
>>>>
>>>> Now i have removed xAuth stuff in GET parameter.
>>>>
>>>> Now uri is look like
>>>>
>>>>
>>>> <http://api.twitter.com/1/statuses/home_timeline.json?oauth_consumer_key=********&;>
>>>> http://api.twitter.com/1/statuses/home_timeline.json?oauth_consumer_key=********&;
>>>>
>>>> oauth_nonce=uL0qgrUAvpXplm1jw8GKScISb.ROJ8&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1287035395&oauth_token=*******&oauth_version=1.0&oauth_signature=fplh8jf6dACb%2FPfUBEGxUmhE5ZE%3D
>>>>
>>>> But unfortunatly it doesn't work..
>>>>
>>>> I got Incorrect signature.
>>>>
>>>> Could you please help me..
>>>>
>>>> I am waiting for you response.
>>>>
>>>> On Thu, Oct 14, 2010 at 11:17 AM, Tom van der Woerdt < <i...@tvdw.eu>
>>>> i...@tvdw.eu> wrote:
>>>>
>>>>> Don't use xAuth, use OAuth. Leave the x_auth_ stuff and use your
>>>>> oauth_token and oauth_token_secret.
>>>>>
>>>>> Oh, and look at what xAuth actually is. It's no replacement for OAuth.
>>>>>
>>>>> Tom
>>>>>
>>>>>
>>>>> On 10/14/10 5:22 AM, Georgooty varghese wrote:
>>>>> > Dear Twitter,
>>>>> >
>>>>> >  I have implemented a twitter client application in C using xAuth
>>>>> > authentication. I got auth token and token secret.
>>>>> > Then I wont be able to get home tweets. Exception is Incorrect
>>>>> signature.
>>>>> >
>>>>> > URL is
>>>>> > <http://api.twitter.com/1/statuses/home_timeline.json>
>>>>> http://api.twitter.com/1/statuses/home_timeline.json?
>>>>> >  oauth_consumer_key=************************&oauth_nonce=
>>>>> >   HswRm6~rUgKTz1ZjkIO&oauth_signature_method=HMAC-SHA1&
>>>>> >
>>>>> oauth_timestamp=1287026003&oauth_token=**************&oauth_version=1.
>>>>> >   0&x_auth_mode=client_auth&x_auth_password=*******&x_a
>>>>> >   uth_username=********&oauth_signature=5gqkckIqP56Z5e
>>>>> >   he02tlt6qMu%2BU%3D
>>>>> >
>>>>> > When this url is copy into internet explorer.. I get json file. But C
>>>>> -
>>>>> > coding i didnt get..
>>>>> >
>>>>> > Could u please help me?/
>>>>> >
>>>>> > I am waiting for your response.
>>>>> >
>>>>> > Regards,
>>>>> > George
>>>>> >
>>>>> > --
>>>>> > Twitter developer documentation and resources:
>>>>> <http://dev.twitter.com/doc>http://dev.twitter.com/doc
>>>>> > API updates via Twitter: <http://twitter.com/twitterapi>
>>>>> http://twitter.com/twitterapi
>>>>> > Issues/Enhancements Tracker:
>>>>> > <http://code.google.com/p/twitter-api/issues/list>
>>>>> http://code.google.com/p/twitter-api/issues/list
>>>>> > Change your membership to this group:
>>>>> > <http://groups.google.com/group/twitter-development-talk>
>>>>> http://groups.google.com/group/twitter-development-talk
>>>>>
>>>>> --
>>>>> Twitter developer documentation and resources:
>>>>> <http://dev.twitter.com/doc>http://dev.twitter.com/doc
>>>>> API updates via Twitter: <http://twitter.com/twitterapi>
>>>>> http://twitter.com/twitterapi
>>>>> Issues/Enhancements Tracker:
>>>>> <http://code.google.com/p/twitter-api/issues/list>
>>>>> http://code.google.com/p/twitter-api/issues/list
>>>>> Change your membership to this group:
>>>>> <http://groups.google.com/group/twitter-development-talk>
>>>>> http://groups.google.com/group/twitter-development-talk
>>>>>
>>>>
>>>>  --
>>>> Twitter developer documentation and resources:
>>>> <http://dev.twitter.com/doc>http://dev.twitter.com/doc
>>>> API updates via Twitter: <http://twitter.com/twitterapi>
>>>> http://twitter.com/twitterapi
>>>> Issues/Enhancements Tracker:
>>>> <http://code.google.com/p/twitter-api/issues/list>
>>>> http://code.google.com/p/twitter-api/issues/list
>>>> Change your membership to this group:
>>>> <http://groups.google.com/group/twitter-development-talk>
>>>> http://groups.google.com/group/twitter-development-talk
>>>>
>>>>  --
>>>> Twitter developer documentation and resources:
>>>> http://dev.twitter.com/doc
>>>> API updates via Twitter: http://twitter.com/twitterapi
>>>> Issues/Enhancements Tracker:
>>>> http://code.google.com/p/twitter-api/issues/list
>>>> Change your membership to this group:
>>>> http://groups.google.com/group/twitter-development-talk
>>>>
>>>
>>>
>>
>  --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Reply via email to