Hey,
Looking at your example basestring it looks like you have your OAuth steps
confused. In your example you are sending an oauth_token with your request to
/oauth/request_token when you shouldn't be.
You can read more on the OAuth flow on our developer site:
http://dev.twitter.com/pages/auth
The specific section about request_token is here:
http://dev.twitter.com/pages/auth#request-token
Best
@themattharris
On Apr 20, 2011, at 9:10, galeyte <[email protected]> wrote:
> Is it possible to have any help ?
> here is the base string i'm generating :
>
> POST&https%3A%2F%2Fapi.twitter.com%2Foauth
> %2Frequest_token&oauth_callback%3Dhttp%253A%252F%252Flocalhost
> %253A3005%252Fthe_dance%252Fprocess_callback%253Fservice_provider_id
> %253D11%26oauth_consumer_key%3DVqqupffO63SXe1pt70gqDA%26oauth_nonce
> %3DbIMeZu%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp
> %3D1303315938%26oauth_token%3D278460982-
> BLIgYJ81sbHYUYg9JYodKM75fxCM1v1NrG9GuzIJ%26oauth_version%3D1.0
>
> the signature :
> 2sxwv2R1Q+taksgof+QGFlUwqmw=
>
> and the "AUTHORIZATION" header field i'm transmiting to
> https://api.twitter.com/oauth/request_token :
>
> OAuth oauth_nonce="bIMeZu",oauth_callback="http%3A%2F%2Flocalhost
> %3A3005%2Fthe_dance%2Fprocess_callback%3Fservice_provider_id
> %3D11",oauth_signature_method="HMAC-
> SHA1",oauth_timestamp="1303315938",oauth_consumer_key="VqqupffO63SXe1pt70gqDA",oauth_signature="2sxwv2R1Q
> %2Btaksgof%2BQGFlUwqmw%3D",oauth_version="1.0"
>
> I'm still getting the same response whereas the tools i check my work
> with say my basestring and signature are ok.
>
> Thanks.
>
> On 19 avr, 18:01, galeyte <[email protected]> wrote:
>> Hi again,
>>
>> So i've deleted my previous code, and started again to respect
>> twitter's doc and oauth thing i've seen before.
>> Here is my new code, header-based, calling the good endpoint url :
>>
>> function getSignature() {
>> var nonce = OAuth.nonce(31);
>> var time = OAuth.timestamp();
>> var parameters = ["oauth_token="+oauth_token,
>> "oauth_consumer_key="+consumer_key, "oauth_nonce="+nonce,
>> "oauth_signature_method=HMAC-SHA1",
>> "oauth_timestamp="+time,"oauth_version=1.0"];
>> parameters = parameters.sort();
>> var join = parameters.join("&");
>> var joindparameters = encodeURIComponent(join);
>> var baseString = "POST&"+encodeURIComponent(request_token_url)+
>> "&" + joindparameters;
>> var signature = b64_hmac_sha1(consumer_secret + "&" +
>> oauth_token_secret, baseString);
>> console.log(signature);
>> request_maker = new XMLHttpRequest();
>> request_maker.open("POST", request_token_url);
>> request_maker.setRequestHeader("Content-Type", "application/x-www-
>> form-urlencoded");
>> request_maker.onreadystatechange = oth_func;
>> var data = "OAuth oauth_nonce=\""+nonce+"\",
>> oauth_signature_method=\"HMAC-SHA1\", oauth_timestamp=\""+time+"\",
>> oauth_consumer_key=\""+consumer_key+"\", oauth_signature=
>> \""+encodeURIComponent(signature)+"\", oauth_version=\"1.0\"";
>> console.log(data);
>> request_maker.setRequestHeader("Authorization", data);
>> request_maker.send();
>>
>> }
>>
>> I'm totally sure about my basestring and my signature (checked
>> withhttp://oauth.googlecode.com/svn/code/javascript/example/signature.html)
>> I've tried with 2 composite signing key :
>> first : consumer_secret + "&" + oauth_token_secret
>> second: consumer_secret + "&"
>> but it did not change anything.
>>
>> On Apr 19, 3:47 pm, galeyte <[email protected]> wrote:
>>
>>
>>
>>
>>
>>
>>
>>> And i stop using OAuth javascript library, and i'm getting the same
>>> basestring and signature as oauth library examples
>>
>>> Here is the authorization header i send :
>>> OAuth realm='', oauth_nonce=1W3hagbtydTy8GBfkqxS3imJUDUfINi,
>>> oauth_timestamp=1303220837, oauth_consumer_key=[CONSUMER_KEY],
>>> oauth_signature_method=HMAC-SHA1, oauth_version=1.0,
>>> oauth_signature=ik0d0OV6JzLxQ/yeddowfSQCQgg=
>>
>>> On 19 avr, 14:44, galeyte <[email protected]> wrote:
>>
>>>> Ok so i've stopped using OAuth javascript library
>>
>>>> Here is my new code :
>>>> function getSignature() {
>>>> var nonce = OAuth.nonce(31);
>>>> var time = OAuth.timestamp();
>>>> var parameters = [encodeURIComponent("oauth_token="+oauth_token),
>>>> encodeURIComponent("oauth_consumer_key="+consumer_key),
>>>> encodeURIComponent("oauth_nonce="+nonce),
>>>> encodeURIComponent("oauth_signature_method=HMAC-
>>>> SHA1"),encodeURIComponent("oauth_timestamp="+time),
>>>> encodeURIComponent("oauth_version=1.0")];
>>>> parameters = parameters.sort();
>>>> var join = parameters.join("&");
>>>> var joindparameters = encodeURIComponent(join);
>>>> var baseString = "POST&"+encodeURIComponent(request_token_url)+
>>>> "&" + joindparameters;
>>>> console.log("baseString = " + baseString);
>>>> var signature = b64_hmac_sha1(consumer_secret +
>>>> "&"+oauth_token_secret, baseString);
>>>> console.log(signature);
>>>> request_maker = new XMLHttpRequest();
>>>> request_maker.open("POST", request_token_url);
>>>> var data = "OAuth realm='', oauth_nonce="+nonce+",
>>>> oauth_timestamp="+time+", oauth_consumer_key="+consumer_key+",
>>>> oauth_signature_method=HMAC-SHA1, oauth_version=1.0,
>>>> oauth_signature="+signature;
>>>> console.log(data);
>>>> request_maker.setRequestHeader("Authorization", data);
>>>> request_maker.onreadystatechange = oth_func;
>>>> request_maker.send();
>>
>>>> }
>>
>>>> and here is the BaseString it generates :
>>>> POST&https%3A%2F%2Fapi.twitter.com%2Foauth
>>>> %2Frequest_token&oauth_consumer_key%253D[OAUTH_CONSUMER_KEY]
>>>> %26oauth_nonce%253D9HQfzLWlhqFpZAaURHNHr5bkpvMlweg
>>>> %26oauth_signature_method%253DHMAC-SHA1%26oauth_timestamp
>>>> %253D1303216955%26oauth_token%253DOAUTH_TOKEN%26oauth_version%253D1.0
>>
>>>> and here is the signature :
>>>> N2K3D1ZjAd7h8urLAjeyUSTWFUU=
>>
>>>> I've tried generate the signature with composite signing key :
>>>> "consumer_secret" + "&" + "token_secret" and without the token_secret
>>
>>>> On 19 avr, 11:08, galeyte <[email protected]> wrote:
>>
>>>>> Hi,
>>
>>>>> Thanks for answering my question.
>>>>> I've tried a lot of things to reach oauth/request_token, and i've
>>>>> tried :
>>>>> request_maker.open("POST", "https://api.twitter.com/oauth/
>>>>> request_token")
>>>>> but nothing has changed !
>>
>>>>> here is my new code :
>>
>>>>> function signForm() {
>>>>> accessor = { consumerSecret: consumer_secret
>>>>> , tokenSecret : oauth_token_secret};
>>>>> message = { action: "https://api.twitter.com/oauth/request_token";
>>>>> , method: "POST"
>>>>> , parameters: []
>>>>> };
>>>>> message.parameters.push(["oauth_consumer_key=", consumer_key]);
>>>>> message.parameters.push(["oauth_callback=", oauth_callback]);
>>>>> message.parameters.push(["oauth_signature_method=",
>>>>> signature_method]);
>>>>> OAuth.setTimestampAndNonce(message);
>>>>> message.parameters.push(["oauth_version=", oauth_version]);
>>>>> OAuth.SignatureMethod.sign(message, accessor);
>>>>> return true;
>>
>>>>> }
>>
>>>>> function getSignature() {
>>>>> signForm();
>>>>> console.log(OAuth.SignatureMethod.getBaseString(message));
>>>>> console.log(OAuth.getParameter(message.parameters,
>>>>> "oauth_signature"));
>>>>> request_maker = new XMLHttpRequest();
>>>>> request_maker.open("POST", "https://api.twitter.com/oauth/
>>>>> request_token");
>>>>> request_maker.setRequestHeader("Host", "api.twitter.com");
>>>>> request_maker.setRequestHeader("Content-type", "application/x-www-
>>>>> form-urlencoded");
>>>>> request_maker.setRequestHeader("Authorization", "OAuth
>>>>> "+"oauth_signature_method="+signature_method
>>>>> +"&oauth_timestamp="+OAuth.getParameter(message.parameters,
>>>>> "oauth_timestamp")
>>>>> +"&oauth_nonce="+OAuth.getParameter(message.parameters, "oauth_nonce")
>>>>> +"&oauth_signature="+OAuth.getParameter(message.parameters,
>>>>> "oauth_signature"));
>>>>> request_maker.onreadystatechange = oth_func;
>>>>> request_maker.send("oauth_signature_method="+signature_method
>>>>> +"&oauth_timestamp="+OAuth.getParameter(message.parameters,
>>>>> "oauth_timestamp")
>>>>> +"&oauth_nonce="+OAuth.getParameter(message.parameters, "oauth_nonce")
>>>>> +"&oauth_signature="+escape(OAuth.getParameter(message.parameters,
>>>>> "oauth_signature")));
>>
>>>>> }
>>
>>>>> At first i thought it was my signature but i've checked again and it
>>>>> appears to be ok. maybe it's about base64 thing.
>>>>> I've also seen that when i checked request_token with that tool
>>>>> :http://oauth.googlecode.com/svn/code/javascript/example/requestToken....
>>>>> Request_token succees on https but fails on http.
>>
>>>>> On 18 avr, 21:14, Matt Harris <[email protected]> wrote:
>>
>>>>>> Hi,
>>
>>>>>> Looking at your code this line:
>>>>>> request_maker.open("POST", "https://api.twitter.com/oauth";);
>>
>>>>>> makes it look like you are making a request to:
>>>>>> https://api.twitter.com/oauth
>>
>>>>>> Double check you are sending the user to the correct endpoint. At this
>>>>>> point
>>>>>> of your flow I think you mean to make a request
>>>>>> tohttps://api.twitter.com/oauth/request_token.
>>
>>>>>> Best
>>>>>> @themattharris
>>>>>> Developer Advocate, Twitterhttp://twitter.com/themattharris
>>
>>>>>> On Fri, Apr 15, 2011 at 4:51 AM, galeyte <[email protected]> wrote:
>>>>>>> I don't have a 401 anymore but i recieve a "you are being redirected"
>>>>>>> page, so i can't get my request_token
>>>>>>> here is my code :
>>
>>>>>>> function getSignature() {
>>>>>>> var accessor = { consumerSecret: consumer_secret,
>>>>>>> tokenSecret: oauth_token_secret
>>>>>>> };
>>>>>>> var message = { method: "POST",
>>>>>>> action: "/request_token",
>>>>>>> parameters: []
>>>>>>> };
>>>>>>> message.parameters.push(["oauth_callback",
>>>>>>> OAuth.formEncode(oauth_callback)]);
>>>>>>> message.parameters.push(["oauth_consumer_key",
>>>>>>> OAuth.formEncode(consumer_key)]);
>>>>>>> message.parameters.push(["oauth_nonce", OAuth.nonce(32)]);
>>>>>>> message.parameters.push(["oauth_signature_method",
>>>>>>> signature_method]);
>>>>>>> message.parameters.push(["oauth_timestamp", OAuth.timestamp()]);
>>>>>>> OAuth.completeRequest(message, accessor);
>>>>>>> OAuth.SignatureMethod.sign(message, accessor);
>>>>>>> console.log(OAuth.getParameter(message.parameters,
>>>>>>> "oauth_signature"));
>>>>>>> var data = "Oauth oauth_consumer_key="+consumer_key
>>>>>>> +"&oauth_signature_method="+signature_method
>>>>>>> +"&oauth_callback="+OAuth.getParameter(message.parameters,
>>>>>>> "oauth_callback")
>>>>>>> +"&oauth_timestamp="+OAuth.getParameter(message.parameters,
>>>>>>> "oauth_timestamp")
>>>>>>> +"&oauth_nonce="+OAuth.getParameter(message.parameters, "oauth_nonce")
>>>>>>> +"&oauth_signature="+OAuth.getParameter(message.parameters,
>>>>>>> "oauth_signature");
>>>>>>> console.log(data);
>>>>>>> request_maker = new XMLHttpRequest();
>>>>>>> request_maker.open("POST", "https://api.twitter.com/oauth";);
>>>>>>> request_maker.setRequestHeader("Authorization", data);
>>>>>>> request_maker.onreadystatechange = oth_func;
>>>>>>> request_maker.send("Authorization OAuth" + data);
>>>>>>> }
>>
>>>>>>> I don't
>>
>> ...
>>
>> plus de détails »
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
--
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
http://groups.google.com/group/twitter-development-talk
