For the last call i rewrote my code to set the "Authorization"
RequestHeader to:
OAuth realm="",
oauth_consumer_key="[mykey]", oauth_signature_method="HMAC-SHA1",
oauth_token="[accesstoken]", oauth_version="1.0",
oauth_timestamp="1293101327", oauth_nonce="b37Zm8",

With result:
<?xml version="1.0" encoding="UTF-8"?>
  <error code="32">Could not authenticate you</error>
And with responseHeaders :
Via: 1.0 SMTTMG
Connection: Keep-Alive
Proxy-Support: Session-Based-Authentication
Connection: Proxy-Support
Transfer-Encoding: chunked
Expires: Thu, 23 Dec 2010 08:30:06 GMT
Date: Thu, 23 Dec 2010 08:00:06 GMT
Content-Type: application/xml; charset=utf-8
Server: hi
Status: 401 Unauthorized
WWW-Authenticate: Basic realm="Twitter API"
X-Runtime: 0.01106
Cache-Control: no-cache, max-age=1800
Set-Cookie: _twitter_sess=VERYLONGSIGNATUREacbd;;

Does that mean the the Authorization did not come through, since the
WWW-Authenticate says Basic?

On 22 dec, 14:50, Cujo <> wrote:
> I followed the whole oAuth chain to aquire an accesstoken for my
> application:
> Call 1:
> sent:[mykey]&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1293014232&oauth_n­once=OgIwk4&oauth_signature=[signature]
> result:
> oauth_token=[token]&oauth_token_secret=[tokensecret]&oauth_callback_confirm­ed=true
> Call 2: (after receiving a pincode)
> sent:[mykey]&oauth_token=[token]&oauth_signature_method=HMAC-SHA1&oauth_verifier­=[pincode]&oauth_timestamp=1293014245&oauth_nonce=UZN6pW&oauth_signature=[s­ignature]
> result:
> oauth_token=[accesstoken]&oauth_token_secret=[accesstokensecret]&user_id=42­198282&screen_name=kooijtje
>  Call 3: (i should be able to do a search since i have an access
> token)
> sent:[searchterm]&oauth_consumer_key=[mykey]&oauth_token=[accesstoken]&oauth_sig­nature_method=HMAC-SHA1&oauth_timestamp=1293014246&oauth_nonce=nV8zJ7&oauth­_signature=[signature]
> sent:[mykey]&oauth_nonce=wwQs4p&oauth_signature_method=HMAC-SHA1&oauth_timestamp­=1293024508&oauth_token=[accesstoken]&oauth_version=1.0&q=[Searchterm]&oaut­h_signature=[signature]
> Both are giving the following 401 error with this response:
> xml version="1.0" encoding="UTF-8"?>
> <hash>
>   <request>/1/users/search.xml?
> oauth_consumer_key=[mykey]&amp;oauth_nonce=dD7PvN&amp;oauth_signature_metho­d=HMAC-
> SHA1&amp;oauth_timestamp=[timestamp]&amp;oauth_token=[accesstoken]&amp;oaut­h_version=1.0&amp;q=[Searchterm]&amp;oauth_signature=[signature]</
> request>
>   <error>Incorrect signature</error>
> </hash>
> Currently through the lib i am using all parameters (including the q)
> are used to calculate the oauth_signature, is this wrong? Should only
> the oauth_* parameters be used? I tried this but still incorrect
> signature error.
> The algorithm for calculating seems to be signature correct since i am
> able to succesfull get an accesstoken?
> Any idea's?

Twitter developer documentation and resources:
API updates via Twitter:
Issues/Enhancements Tracker:
Change your membership to this group:

Reply via email to