Yep, that's exactly what my token request looks like, but I get 401 every time... :(
On Mar 15, 10:47 pm, Taylor Singletary <[email protected]> wrote: > Hi Georgina, > > I'm sure you're pretty close to figuring this out. A few tips when you've > gotten to this point: > > - Make sure that you're transporting the request correctly > - If you're using header-based OAuth, make sure that your HTTP > Authorization header is being properly setup and formatted. This will be > language-specific. Also make sure that you aren't repeating any of the > oauth_* parameters in the POST body or URL of your actual executed request. > Only parameters that don't begin with oauth_* should appear in the POST body > or query string. (In other words, don't present double authentication) > - Make sure that your HTTP verbs are in agreement > - If you're sending a POST, make sure your HTTP client is actually > sending a POST and that your OAuth signature base string's method component > matched > > Here's a quick walkthrough of all the steps involved in obtaining an access > token (though with my keys instead of yours).. note the signature base > string, authorization header, URL, and POST body for each step (keeping in > mind that the authorize step is kind of special in that it happens in a > browser). > > Request Token Step > ------ > Request URL:https://api.twitter.com/oauth/request_token > HTTP Method: POST > POST body: (empty) > Signature Basestring: > POST&https%3A%2F%2Fapi.twitter.com > %2Foauth%2Frequest_token&oauth_callback%3Dhttp%253A%252F%252Flocalhost%253A > 3005%252Fthe_dance%252Fprocess_callback%253Fservice_provider_id%253D1%26oau > th_consumer_key%3DOqEqJeafRSF10jBMStrZg%26oauth_nonce%3DK7ny27JTpKVsTgdyLdD > fmQQWVLERj2zAK5BslRsqyw%26oauth_signature_method%3DHMAC-SHA1%26oauth_timest > amp%3D1300228849%26oauth_version%3D1.0 > > Authorization Header: OAuth > oauth_nonce="K7ny27JTpKVsTgdyLdDfmQQWVLERj2zAK5BslRsqyw", > oauth_callback="http%3A%2F%2Flocalhost%3A3005%2Fthe_dance%2Fprocess_callbac > k%3Fservice_provider_id%3D1", > oauth_signature_method="HMAC-SHA1", oauth_timestamp="1300228849", > oauth_consumer_key="OqEqJeafRSF10jBMStrZg", > oauth_signature="Pk%2BMLdv028fxCErFyi8KXFM%2BddU%3D", oauth_version="1.0" > > Response Body: > oauth_token=IPPjb9gdAB15Gnw7to8idfCfePqJgem9MVyhcEkPsU&oauth_token_secret=x > xxx&oauth_callback_confirmed=true > > Authorization Step > ----- > Request > URL:https://api.twitter.com/oauth/authorize?oauth_token=IPPjb9gdAB15Gnw7t... > HTTP Method: GET > POST Body: N/A > Signature Basestring: N/A > Authorization Header: N/A > > Access Token Step > ----- > Request URL:https://api.twitter.com/oauth/access_token > HTTP Method: POST > POST Body: (empty) > > Signature Basestring: > POST&https%3A%2F%2Fapi.twitter.com > %2Foauth%2Faccess_token&oauth_consumer_key%3DOqEqJeafRSF10jBMStrZg%26oauth_ > nonce%3DFCKJcpPIhJpOLV1VQtP560IH0rKI9jMPrlkzqQWoA%26oauth_signature_method% > 3DHMAC-SHA1%26oauth_timestamp%3D1300228855%26oauth_token%3DIPPjb9gdAB15Gnw7 > to8idfCfePqJgem9MVyhcEkPsU%26oauth_verifier%3DPmThbFiYNd3TOoFRBbFwwRRPHB3Pl > kFbxmX4lCqmnc%26oauth_version%3D1.0 > > Authorization Header: OAuth > oauth_nonce="FCKJcpPIhJpOLV1VQtP560IH0rKI9jMPrlkzqQWoA", > oauth_signature_method="HMAC-SHA1", oauth_timestamp="1300228855", > oauth_consumer_key="OqEqJeafRSF10jBMStrZg", > oauth_token="IPPjb9gdAB15Gnw7to8idfCfePqJgem9MVyhcEkPsU", > oauth_verifier="PmThbFiYNd3TOoFRBbFwwRRPHB3PlkFbxmX4lCqmnc", > oauth_signature="AFJr%2BdS%2FmWgPbMtJR3vdwMA4cTk%3D", oauth_version="1.0" > > Response Body: > oauth_token=819797-bAOfajtcYw8xHm1UQ3v5V5WfUb90zN7OWlWmvl8ZU0&oauth_token_s > ecret=xxxxx&user_id=819797&screen_name=episod > > > > > > > > On Tue, Mar 15, 2011 at 7:22 AM, lappynet <[email protected]> wrote: > > Thanks for everyone's help on this. I think that I now have this > > working (twitter documentation values match up). > > > My problem now is that although I'm confident of my algorithm, twitter > > is always responding 401. I've debugged my network service and the > > message being returned is Incorrect Signature. I do not understand how > > this can be... :S > > > On Mar 15, 6:03 am, kamesh SmartDude <[email protected]> > > wrote: > > > Hai lappynet, > > > > I Used GET method to retrive the Request Token And I Avoided the OAuth > > > Callback, because it was registered when i registered my app. > > > > Below is the method how i am doing. > > > > ****** SignatureBase String is ***** > > > > GET&https%3A%2F%2Fapi.twitter.com > > > %2Foauth%2Frequest_token&oauth_consumer_key%3Dpppppppp > > > %26oauth_nonce%3DydBxFJKdzK%26oauth_signature_method%3DHMAC-SHA1%26oauth_ti > > mestamp%3D1300167727%26oauth_version%3D1.0 > > > > Signature Key U are appending "&" and it is correct. > > > > i am adding the oauth header like below > > > > OAuth realm="Twitter API", oauth_consumer_key=pppppppp, > > > oauth_nonce=ydBxFJKdzK, > > oauth_signature=89%2BSoLKBdE%2FeHN5PFRxNl3G7tNo%3D, > > > oauth_signature_method=HMAC-SHA1, oauth_timestamp=1300167727, > > > oauth_version=1.0 > > > > I think u might have some problem with generating the signature. > > > > Try this, > > > //kamesh > > > > On Mon, Mar 14, 2011 at 8:16 PM, lappynet <[email protected]> > > wrote: > > > > cURL... I've heard about this, but I don't really know about it. Is > > > > there a windows version as I don't have access to other OSs at work > > > > (*sigh*)? > > > > > On Mar 14, 2:18 pm, Taylor Singletary <[email protected]> > > > > wrote: > > > > > Hi Georgina, > > > > > > Everything appears correct with your base string for this step. > > > > > > Are you performing this operation through a HTTP proxy of any kind? > > Have > > > > you > > > > > tried producing a valid OAuth header and executed it in curl (without > > > > having > > > > > "executed it" in C# first)? I'm not familiar with C#'s HTTP request > > > > > libraries and the configuration options available to you in it. > > > > > > We were having an issue with occasionally hanging connections > > recently > > > > and > > > > > it's possible that it may be related -- but if that's the case, you > > > > > shouldn't have it occur to you every time -- it would be one out of X > > > > times. > > > > > > I'm curious where the connection is hanging -- while you are sending > > HTTP > > > > > request headers or when your HTTP client is awaiting a response? > > > > > > Thanks, > > > > > Taylor > > > > > > On Mon, Mar 14, 2011 at 7:02 AM, lappynet <[email protected] > > > > > wrote: > > > > > > Hi > > > > > > > I'm using C#.NET to produce an oob client. I've fallen at the first > > > > > > hurdle though as I'm failing to make the token request. > > > > > > > I've gone through many iterations, and am no longer receiving a > > 417, > > > > > > 404, or 401. This is very positive! Now my application hangs whilst > > > > > > waiting for a response from twitter. (I left it running for an hour > > > > > > over lunch and still nothing happened, and the code didn't appear > > to > > > > > > want to step through.) > > > > > > > I've tried with the values detailed in the documentation to have a > > > > > > look at the variables that have been produced from them in my > > > > > > algorithm. I think that I've traced it down to being the way I > > > > > > generate the signature string: > > > > > > > string signingKey = Uri.EscapeDataString(ConsumerSecret) + "&"; > > > > > > HMACSHA1 hasher = new HMACSHA1(new > > > > > > ASCIIEncoding().GetBytes(signingKey)); > > > > > > string signatureString = > > Convert.ToBase64String(hasher.ComputeHash(new > > > > > > ASCIIEncoding().GetBytes(baseString))); > > > > > > > My base string is: > > > > > > > POST&https%3A%2F%2Fapi.twitter.com%2Foauth > > > > > > %2Frequest_token&oauth_callback%3Doob%26oauth_consumer_key%XXX > > > > > > %26oauth_nonce%3DNjM0MzU3MDgxMDEyMDcwODkw%26oauth_signature_method > > > > > > %3DHMAC-SHA1%26oauth_timestamp%3D1300111301%26oauth_version%3D1.0 > > > > > > > Any pointers as to where I may be going wrong? > > > > > > > Thanks in advance > > > > > > Georgina > > > > > > > -- > > > > > > Twitter developer documentation and resources: > > > >http://dev.twitter.com/doc > > > > > > API updates via Twitter:http://twitter.com/twitterapi > > > > > > Issues/Enhancements Tracker: > > > > > >http://code.google.com/p/twitter-api/issues/list > > > > > > Change your membership to this group: > > > > > >http://groups.google.com/group/twitter-development-talk > > > > > -- > > > > Twitter developer documentation and resources: > >http://dev.twitter.com/doc > > > > API updates via Twitter:http://twitter.com/twitterapi > > > > Issues/Enhancements Tracker: > > > >http://code.google.com/p/twitter-api/issues/list > > > > Change your membership to this group: > > > >http://groups.google.com/group/twitter-development-talk > > > -- > > Twitter developer documentation and resources:http://dev.twitter.com/doc > > API updates via Twitter:http://twitter.com/twitterapi > > Issues/Enhancements Tracker: > >http://code.google.com/p/twitter-api/issues/list > > Change your membership to this group: > >http://groups.google.com/group/twitter-development-talk -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
