Yep, that's exactly what my token request looks like, but I get 401
every time... :(

On Mar 15, 10:47 pm, Taylor Singletary <taylorsinglet...@twitter.com>
wrote:
> Hi Georgina,
>
> I'm sure you're pretty close to figuring this out. A few tips when you've
> gotten to this point:
>
> - Make sure that you're transporting the request correctly
>   - If you're using header-based OAuth, make sure that your HTTP
> Authorization header is being properly setup and formatted. This will be
> language-specific. Also make sure that you aren't repeating any of the
> oauth_* parameters in the POST body or URL of your actual executed request.
> Only parameters that don't begin with oauth_* should appear in the POST body
> or query string. (In other words, don't present double authentication)
>   - Make sure that your HTTP verbs are in agreement
>     - If you're sending a POST, make sure your HTTP client is actually
> sending a POST and that your OAuth signature base string's method component
> matched
>
> Here's a quick walkthrough of all the steps involved in obtaining an access
> token (though with my keys instead of yours).. note the signature base
> string, authorization header, URL, and POST body for each step (keeping in
> mind that the authorize step is kind of special in that it happens in a
> browser).
>
> Request Token Step
> ------
> Request URL:https://api.twitter.com/oauth/request_token
> HTTP Method: POST
> POST body: (empty)
> Signature Basestring:
> POST&https%3A%2F%2Fapi.twitter.com
> %2Foauth%2Frequest_token&oauth_callback%3Dhttp%253A%252F%252Flocalhost%253A 
> 3005%252Fthe_dance%252Fprocess_callback%253Fservice_provider_id%253D1%26oau 
> th_consumer_key%3DOqEqJeafRSF10jBMStrZg%26oauth_nonce%3DK7ny27JTpKVsTgdyLdD 
> fmQQWVLERj2zAK5BslRsqyw%26oauth_signature_method%3DHMAC-SHA1%26oauth_timest 
> amp%3D1300228849%26oauth_version%3D1.0
>
> Authorization Header: OAuth
> oauth_nonce="K7ny27JTpKVsTgdyLdDfmQQWVLERj2zAK5BslRsqyw",
> oauth_callback="http%3A%2F%2Flocalhost%3A3005%2Fthe_dance%2Fprocess_callbac 
> k%3Fservice_provider_id%3D1",
> oauth_signature_method="HMAC-SHA1", oauth_timestamp="1300228849",
> oauth_consumer_key="OqEqJeafRSF10jBMStrZg",
> oauth_signature="Pk%2BMLdv028fxCErFyi8KXFM%2BddU%3D", oauth_version="1.0"
>
> Response Body:
> oauth_token=IPPjb9gdAB15Gnw7to8idfCfePqJgem9MVyhcEkPsU&oauth_token_secret=x 
> xxx&oauth_callback_confirmed=true
>
> Authorization Step
> -----
> Request 
> URL:https://api.twitter.com/oauth/authorize?oauth_token=IPPjb9gdAB15Gnw7t...
> HTTP Method: GET
> POST Body: N/A
> Signature Basestring: N/A
> Authorization Header: N/A
>
> Access Token Step
> -----
> Request URL:https://api.twitter.com/oauth/access_token
> HTTP Method: POST
> POST Body: (empty)
>
> Signature Basestring:
> POST&https%3A%2F%2Fapi.twitter.com
> %2Foauth%2Faccess_token&oauth_consumer_key%3DOqEqJeafRSF10jBMStrZg%26oauth_ 
> nonce%3DFCKJcpPIhJpOLV1VQtP560IH0rKI9jMPrlkzqQWoA%26oauth_signature_method% 
> 3DHMAC-SHA1%26oauth_timestamp%3D1300228855%26oauth_token%3DIPPjb9gdAB15Gnw7 
> to8idfCfePqJgem9MVyhcEkPsU%26oauth_verifier%3DPmThbFiYNd3TOoFRBbFwwRRPHB3Pl 
> kFbxmX4lCqmnc%26oauth_version%3D1.0
>
> Authorization Header: OAuth
> oauth_nonce="FCKJcpPIhJpOLV1VQtP560IH0rKI9jMPrlkzqQWoA",
> oauth_signature_method="HMAC-SHA1", oauth_timestamp="1300228855",
> oauth_consumer_key="OqEqJeafRSF10jBMStrZg",
> oauth_token="IPPjb9gdAB15Gnw7to8idfCfePqJgem9MVyhcEkPsU",
> oauth_verifier="PmThbFiYNd3TOoFRBbFwwRRPHB3PlkFbxmX4lCqmnc",
> oauth_signature="AFJr%2BdS%2FmWgPbMtJR3vdwMA4cTk%3D", oauth_version="1.0"
>
> Response Body:
> oauth_token=819797-bAOfajtcYw8xHm1UQ3v5V5WfUb90zN7OWlWmvl8ZU0&oauth_token_s 
> ecret=xxxxx&user_id=819797&screen_name=episod
>
>
>
>
>
>
>
> On Tue, Mar 15, 2011 at 7:22 AM, lappynet <georgina.hug...@gmail.com> wrote:
> > Thanks for everyone's help on this. I think that I now have this
> > working (twitter documentation values match up).
>
> > My problem now is that although I'm confident of my algorithm, twitter
> > is always responding 401. I've debugged my network service and the
> > message being returned is Incorrect Signature. I do not understand how
> > this can be... :S
>
> > On Mar 15, 6:03 am, kamesh SmartDude <kamesh.smartd...@gmail.com>
> > wrote:
> > > Hai lappynet,
>
> > > I Used GET method to retrive the Request Token And I Avoided the OAuth
> > > Callback, because it was registered when i registered my app.
>
> > > Below is the method how i am  doing.
>
> > >  ****** SignatureBase String is *****
>
> > > GET&https%3A%2F%2Fapi.twitter.com
> > > %2Foauth%2Frequest_token&oauth_consumer_key%3Dpppppppp
>
> > %26oauth_nonce%3DydBxFJKdzK%26oauth_signature_method%3DHMAC-SHA1%26oauth_ti
> > mestamp%3D1300167727%26oauth_version%3D1.0
>
> > > Signature Key U are appending "&" and it is correct.
>
> > > i am adding the oauth header like below
>
> > > OAuth realm="Twitter API", oauth_consumer_key=pppppppp,
> > > oauth_nonce=ydBxFJKdzK,
> > oauth_signature=89%2BSoLKBdE%2FeHN5PFRxNl3G7tNo%3D,
> > > oauth_signature_method=HMAC-SHA1, oauth_timestamp=1300167727,
> > > oauth_version=1.0
>
> > > I think u might have some problem with generating the signature.
>
> > > Try this,
> > > //kamesh
>
> > > On Mon, Mar 14, 2011 at 8:16 PM, lappynet <georgina.hug...@gmail.com>
> > wrote:
> > > > cURL... I've heard about this, but I don't really know about it. Is
> > > > there a windows version as I don't have access to other OSs at work
> > > > (*sigh*)?
>
> > > > On Mar 14, 2:18 pm, Taylor Singletary <taylorsinglet...@twitter.com>
> > > > wrote:
> > > > > Hi Georgina,
>
> > > > > Everything appears correct with your base string for this step.
>
> > > > > Are you performing this operation through a HTTP proxy of any kind?
> > Have
> > > > you
> > > > > tried producing a valid OAuth header and executed it in curl (without
> > > > having
> > > > > "executed it" in C# first)? I'm not familiar with C#'s HTTP request
> > > > > libraries and the configuration options available to you in it.
>
> > > > > We were having an issue with occasionally hanging connections
> > recently
> > > > and
> > > > > it's possible that it may be related -- but if that's the case, you
> > > > > shouldn't have it occur to you every time -- it would be one out of X
> > > > times.
>
> > > > > I'm curious where the connection is hanging -- while you are sending
> > HTTP
> > > > > request headers or when your HTTP client is awaiting a response?
>
> > > > > Thanks,
> > > > > Taylor
>
> > > > > On Mon, Mar 14, 2011 at 7:02 AM, lappynet <georgina.hug...@gmail.com
>
> > > > wrote:
> > > > > > Hi
>
> > > > > > I'm using C#.NET to produce an oob client. I've fallen at the first
> > > > > > hurdle though as I'm failing to make the token request.
>
> > > > > > I've gone through many iterations, and am no longer receiving a
> > 417,
> > > > > > 404, or 401. This is very positive! Now my application hangs whilst
> > > > > > waiting for a response from twitter. (I left it running for an hour
> > > > > > over lunch and still nothing happened, and the code didn't appear
> > to
> > > > > > want to step through.)
>
> > > > > > I've tried with the values detailed in the documentation to have a
> > > > > > look at the variables that have been produced from them in my
> > > > > > algorithm. I think that I've traced it down to being the way I
> > > > > > generate the signature string:
>
> > > > > > string signingKey = Uri.EscapeDataString(ConsumerSecret) + "&";
> > > > > > HMACSHA1 hasher = new HMACSHA1(new
> > > > > > ASCIIEncoding().GetBytes(signingKey));
> > > > > > string signatureString =
> > Convert.ToBase64String(hasher.ComputeHash(new
> > > > > > ASCIIEncoding().GetBytes(baseString)));
>
> > > > > > My base string is:
>
> > > > > > POST&https%3A%2F%2Fapi.twitter.com%2Foauth
> > > > > > %2Frequest_token&oauth_callback%3Doob%26oauth_consumer_key%XXX
> > > > > > %26oauth_nonce%3DNjM0MzU3MDgxMDEyMDcwODkw%26oauth_signature_method
> > > > > > %3DHMAC-SHA1%26oauth_timestamp%3D1300111301%26oauth_version%3D1.0
>
> > > > > > Any pointers as to where I may be going wrong?
>
> > > > > > Thanks in advance
> > > > > > Georgina
>
> > > > > > --
> > > > > > Twitter developer documentation and resources:
> > > >http://dev.twitter.com/doc
> > > > > > API updates via Twitter:http://twitter.com/twitterapi
> > > > > > Issues/Enhancements Tracker:
> > > > > >http://code.google.com/p/twitter-api/issues/list
> > > > > > Change your membership to this group:
> > > > > >http://groups.google.com/group/twitter-development-talk
>
> > > > --
> > > > Twitter developer documentation and resources:
> >http://dev.twitter.com/doc
> > > > API updates via Twitter:http://twitter.com/twitterapi
> > > > Issues/Enhancements Tracker:
> > > >http://code.google.com/p/twitter-api/issues/list
> > > > Change your membership to this group:
> > > >http://groups.google.com/group/twitter-development-talk
>
> > --
> > Twitter developer documentation and resources:http://dev.twitter.com/doc
> > API updates via Twitter:http://twitter.com/twitterapi
> > Issues/Enhancements Tracker:
> >http://code.google.com/p/twitter-api/issues/list
> > Change your membership to this group:
> >http://groups.google.com/group/twitter-development-talk

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Reply via email to