Hi again, So i've deleted my previous code, and started again to respect twitter's doc and oauth thing i've seen before. Here is my new code, header-based, calling the good endpoint url :
function getSignature() { var nonce = OAuth.nonce(31); var time = OAuth.timestamp(); var parameters = ["oauth_token="+oauth_token, "oauth_consumer_key="+consumer_key, "oauth_nonce="+nonce, "oauth_signature_method=HMAC-SHA1", "oauth_timestamp="+time,"oauth_version=1.0"]; parameters = parameters.sort(); var join = parameters.join("&"); var joindparameters = encodeURIComponent(join); var baseString = "POST&"+encodeURIComponent(request_token_url)+ "&" + joindparameters; var signature = b64_hmac_sha1(consumer_secret + "&" + oauth_token_secret, baseString); console.log(signature); request_maker = new XMLHttpRequest(); request_maker.open("POST", request_token_url); request_maker.setRequestHeader("Content-Type", "application/x-www- form-urlencoded"); request_maker.onreadystatechange = oth_func; var data = "OAuth oauth_nonce=\""+nonce+"\", oauth_signature_method=\"HMAC-SHA1\", oauth_timestamp=\""+time+"\", oauth_consumer_key=\""+consumer_key+"\", oauth_signature= \""+encodeURIComponent(signature)+"\", oauth_version=\"1.0\""; console.log(data); request_maker.setRequestHeader("Authorization", data); request_maker.send(); } I'm totally sure about my basestring and my signature (checked with http://oauth.googlecode.com/svn/code/javascript/example/signature.html) I've tried with 2 composite signing key : first : consumer_secret + "&" + oauth_token_secret second: consumer_secret + "&" but it did not change anything. On Apr 19, 3:47 pm, galeyte <gaetan...@gmail.com> wrote: > And i stop using OAuth javascript library, and i'm getting the same > basestring and signature as oauth library examples > > Here is the authorization header i send : > OAuth realm='', oauth_nonce=1W3hagbtydTy8GBfkqxS3imJUDUfINi, > oauth_timestamp=1303220837, oauth_consumer_key=[CONSUMER_KEY], > oauth_signature_method=HMAC-SHA1, oauth_version=1.0, > oauth_signature=ik0d0OV6JzLxQ/yeddowfSQCQgg= > > On 19 avr, 14:44, galeyte <gaetan...@gmail.com> wrote: > > > > > > > > > Ok so i've stopped using OAuth javascript library > > > Here is my new code : > > function getSignature() { > > var nonce = OAuth.nonce(31); > > var time = OAuth.timestamp(); > > var parameters = [encodeURIComponent("oauth_token="+oauth_token), > > encodeURIComponent("oauth_consumer_key="+consumer_key), > > encodeURIComponent("oauth_nonce="+nonce), > > encodeURIComponent("oauth_signature_method=HMAC- > > SHA1"),encodeURIComponent("oauth_timestamp="+time), > > encodeURIComponent("oauth_version=1.0")]; > > parameters = parameters.sort(); > > var join = parameters.join("&"); > > var joindparameters = encodeURIComponent(join); > > var baseString = "POST&"+encodeURIComponent(request_token_url)+ > > "&" + joindparameters; > > console.log("baseString = " + baseString); > > var signature = b64_hmac_sha1(consumer_secret + > > "&"+oauth_token_secret, baseString); > > console.log(signature); > > request_maker = new XMLHttpRequest(); > > request_maker.open("POST", request_token_url); > > var data = "OAuth realm='', oauth_nonce="+nonce+", > > oauth_timestamp="+time+", oauth_consumer_key="+consumer_key+", > > oauth_signature_method=HMAC-SHA1, oauth_version=1.0, > > oauth_signature="+signature; > > console.log(data); > > request_maker.setRequestHeader("Authorization", data); > > request_maker.onreadystatechange = oth_func; > > request_maker.send(); > > > } > > > and here is the BaseString it generates : > > POST&https%3A%2F%2Fapi.twitter.com%2Foauth > > %2Frequest_token&oauth_consumer_key%253D[OAUTH_CONSUMER_KEY] > > %26oauth_nonce%253D9HQfzLWlhqFpZAaURHNHr5bkpvMlweg > > %26oauth_signature_method%253DHMAC-SHA1%26oauth_timestamp > > %253D1303216955%26oauth_token%253DOAUTH_TOKEN%26oauth_version%253D1.0 > > > and here is the signature : > > N2K3D1ZjAd7h8urLAjeyUSTWFUU= > > > I've tried generate the signature with composite signing key : > > "consumer_secret" + "&" + "token_secret" and without the token_secret > > > On 19 avr, 11:08, galeyte <gaetan...@gmail.com> wrote: > > > > Hi, > > > > Thanks for answering my question. > > > I've tried a lot of things to reach oauth/request_token, and i've > > > tried : > > > request_maker.open("POST", "https://api.twitter.com/oauth/ > > > request_token") > > > but nothing has changed ! > > > > here is my new code : > > > > function signForm() { > > > accessor = { consumerSecret: consumer_secret > > > , tokenSecret : oauth_token_secret}; > > > message = { action: "https://api.twitter.com/oauth/request_token" > > > , method: "POST" > > > , parameters: [] > > > }; > > > message.parameters.push(["oauth_consumer_key=", consumer_key]); > > > message.parameters.push(["oauth_callback=", oauth_callback]); > > > message.parameters.push(["oauth_signature_method=", > > > signature_method]); > > > OAuth.setTimestampAndNonce(message); > > > message.parameters.push(["oauth_version=", oauth_version]); > > > OAuth.SignatureMethod.sign(message, accessor); > > > return true; > > > > } > > > > function getSignature() { > > > signForm(); > > > console.log(OAuth.SignatureMethod.getBaseString(message)); > > > console.log(OAuth.getParameter(message.parameters, > > > "oauth_signature")); > > > request_maker = new XMLHttpRequest(); > > > request_maker.open("POST", "https://api.twitter.com/oauth/ > > > request_token"); > > > request_maker.setRequestHeader("Host", "api.twitter.com"); > > > request_maker.setRequestHeader("Content-type", "application/x-www- > > > form-urlencoded"); > > > request_maker.setRequestHeader("Authorization", "OAuth > > > "+"oauth_signature_method="+signature_method > > > +"&oauth_timestamp="+OAuth.getParameter(message.parameters, > > > "oauth_timestamp") > > > +"&oauth_nonce="+OAuth.getParameter(message.parameters, "oauth_nonce") > > > +"&oauth_signature="+OAuth.getParameter(message.parameters, > > > "oauth_signature")); > > > request_maker.onreadystatechange = oth_func; > > > request_maker.send("oauth_signature_method="+signature_method > > > +"&oauth_timestamp="+OAuth.getParameter(message.parameters, > > > "oauth_timestamp") > > > +"&oauth_nonce="+OAuth.getParameter(message.parameters, "oauth_nonce") > > > +"&oauth_signature="+escape(OAuth.getParameter(message.parameters, > > > "oauth_signature"))); > > > > } > > > > At first i thought it was my signature but i've checked again and it > > > appears to be ok. maybe it's about base64 thing. > > > I've also seen that when i checked request_token with that tool > > > :http://oauth.googlecode.com/svn/code/javascript/example/requestToken.... > > > Request_token succees on https but fails on http. > > > > On 18 avr, 21:14, Matt Harris <thematthar...@twitter.com> wrote: > > > > > Hi, > > > > > Looking at your code this line: > > > > request_maker.open("POST", "https://api.twitter.com/oauth"); > > > > > makes it look like you are making a request to: > > > > https://api.twitter.com/oauth > > > > > Double check you are sending the user to the correct endpoint. At this > > > > point > > > > of your flow I think you mean to make a request > > > > tohttps://api.twitter.com/oauth/request_token. > > > > > Best > > > > @themattharris > > > > Developer Advocate, Twitterhttp://twitter.com/themattharris > > > > > On Fri, Apr 15, 2011 at 4:51 AM, galeyte <gaetan...@gmail.com> wrote: > > > > > I don't have a 401 anymore but i recieve a "you are being redirected" > > > > > page, so i can't get my request_token > > > > > here is my code : > > > > > > function getSignature() { > > > > > var accessor = { consumerSecret: consumer_secret, > > > > > tokenSecret: oauth_token_secret > > > > > }; > > > > > var message = { method: "POST", > > > > > action: "/request_token", > > > > > parameters: [] > > > > > }; > > > > > message.parameters.push(["oauth_callback", > > > > > OAuth.formEncode(oauth_callback)]); > > > > > message.parameters.push(["oauth_consumer_key", > > > > > OAuth.formEncode(consumer_key)]); > > > > > message.parameters.push(["oauth_nonce", OAuth.nonce(32)]); > > > > > message.parameters.push(["oauth_signature_method", > > > > > signature_method]); > > > > > message.parameters.push(["oauth_timestamp", OAuth.timestamp()]); > > > > > OAuth.completeRequest(message, accessor); > > > > > OAuth.SignatureMethod.sign(message, accessor); > > > > > console.log(OAuth.getParameter(message.parameters, > > > > > "oauth_signature")); > > > > > var data = "Oauth oauth_consumer_key="+consumer_key > > > > > +"&oauth_signature_method="+signature_method > > > > > +"&oauth_callback="+OAuth.getParameter(message.parameters, > > > > > "oauth_callback") > > > > > +"&oauth_timestamp="+OAuth.getParameter(message.parameters, > > > > > "oauth_timestamp") > > > > > +"&oauth_nonce="+OAuth.getParameter(message.parameters, "oauth_nonce") > > > > > +"&oauth_signature="+OAuth.getParameter(message.parameters, > > > > > "oauth_signature"); > > > > > console.log(data); > > > > > request_maker = new XMLHttpRequest(); > > > > > request_maker.open("POST", "https://api.twitter.com/oauth"); > > > > > request_maker.setRequestHeader("Authorization", data); > > > > > request_maker.onreadystatechange = oth_func; > > > > > request_maker.send("Authorization OAuth" + data); > > > > > } > > > > > > I don't now if it's me being dumb or anything else, but i really can't > > > > > find my mistake. > > > > > > -- > > > > > Twitter developer documentation and > > > > > resources:http://dev.twitter.com/doc > > > > > API updates via Twitter:http://twitter.com/twitterapi > > > > > Issues/Enhancements Tracker: > > > > >http://code.google.com/p/twitter-api/issues/list > > > > > Change your membership to this group: > > > > >http://groups.google.com/group/twitter-development-talk -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk