Here is a dump of $signatureBaseString GET&http%3A%2F%2Fapi.twitter.com%2F1%2Ffollowers%2Fids.json%3Fcursor %3D-1%26user_id%3D130232354&oauth_consumer_key%3DOlPht6d2h3N1XYwCpCyx5Q %26oauth_nonce %3D7997664e2131b5c8f95fc3400b27c647%26oauth_signature_method%3DHMAC- SHA1%26oauth_timestamp%3D1308152495%26oauth_token%3D130232354- gI42iFYrX1Mtn72N5y1yr3WYSeQ6hfpposibfxY%26oauth_version%3D1.0
On Jun 15, 10:34 am, Taylor Singletary <taylorsinglet...@twitter.com> wrote: > Hi Jeff, > > This is close to what I'm looking for -- it has the authorization header > which is important to see -- but what will really help us debug with you is > the signature base string -- it's a string that contains many of the same > values from the authorization header but presented in a specific format -- > this is the string that is signed to create your oauth_signature. This > signature base string is usually the key to all OAuth problems, as the order > of parameters and particular encoding of them in relation to the parameters > on your query string or POST body are extremely important and somewhat > fragile. > > I'm not sure which version of EpiOAuth you're using, but there's likely a > method similar to this one. The value you want to debug/capture here is > $signatureBaseString. > > protected function generateSignature($method = null, $url = null, > $params = null) > { > if(empty($method) || empty($url)) > return false; > > // concatenating and encode > $concatenatedParams = > $this->encode_rfc3986($this->buildHttpQueryRaw($params)); > > // normalize url > $normalizedUrl = $this->encode_rfc3986($this->normalizeUrl($url)); > $method = $this->encode_rfc3986($method); // don't need this but why not? > > $signatureBaseString = "{$method}&{$normalizedUrl}&{$concatenatedParams}"; > return $this->signString($signatureBaseString); > } > > @episod <http://twitter.com/intent/user?screen_name=episod> - Taylor > Singletary > > > > > > > > On Wed, Jun 15, 2011 at 8:22 AM, Jeff <bigja...@gmail.com> wrote: > > Taylor, > > > Thanks for the response. Hopefully, this is what you need. I dumped it > > right before the request. > > > [ > > "Expect:", > > "Authorization: OAuth realm=\"http:\/\/api.twitter.com\/1\/followers > > \/ids.json\", > > oauth_consumer_key=\"OlPht6d2h3N1XYwCpCyx5Q\", > > oauth_token=\"130232354- > > gI42iFYrX1Mtn72N5y1yr3WYSeQ6hfpposibfxY\", > > oauth_nonce=\"71cc67f647043054dbd640b9b1f3d8fc\", > > oauth_timestamp=\"1308151065\", > > oauth_signature_method=\"HMAC-SHA1\", > > oauth_version=\"1.0\", > > oauth_signature=\"lYen9ON%2B5bVah%2BBHVGnPCMqBXQ8%3D > > \"", > > "User-Agent: " > > ] > > > On Jun 15, 10:05 am, Taylor Singletary <taylorsinglet...@twitter.com> > > wrote: > > > This means that your signing is slightly wrong (and likely has been > > slightly > > > wrong for some time) when you're using parameters in your request. Can > > you > > > detail the signature base string and authorization header you are using > > when > > > building this request? > > > > @episod <http://twitter.com/intent/user?screen_name=episod> - Taylor > > > Singletary > > > > On Wed, Jun 15, 2011 at 8:00 AM, Jeff <bigja...@gmail.com> wrote: > > > > > Tuesday morning around 10am CDT I noticed a change in the API > > > > endpoint /version/followers/ids in how it operates. > > > > > If you provide the cursor parameter, such as: > > > > > /1/followers/ids.json?cursor=-1&user_id=12345 the method returns data > > > > correctly, however it also return the error warning "Invalid OAuth > > > > credentials detected". Here is the response from the API. > > > > > "data":{ > > > > "responseText":"{\"previous_cursor\":0,\"next_cursor_str\":\"0\", > > > > \"previous_cursor_str\":\"0\",\"ids\": > > > > [222126862,95945240,169607024,148845934,95447204,94401716], > > > > \"next_cursor\":0}", > > > > "headers":{ > > > > "Date":"Wed, 15 Jun 2011 14:39:54 GMT", > > > > "Server":"hi", > > > > "Status":"200 OK", > > > > "X-Warning":"Invalid OAuth credentials detected", > > > > "X-Transaction":"1308148794-15054-58845", > > > > "X-RateLimit-Limit":"150", > > > > "X-Frame-Options":"SAMEORIGIN", > > > > "Last-Modified":"Wed, 15 Jun 2011 14:39:54 GMT", > > > > "X-RateLimit-Remaining":"66", > > > > "X-Runtime":"0.02003", > > > > "Content-Type":"application\/json; charset=utf-8", > > > > "Content-Length":"150", > > > > "Pragma":"no-cache", > > > > "X-RateLimit-Class":"api", > > > > "X-Revision":"DEV", > > > > "Expires":"Tue, 31 Mar 1981 05:00:00 GMT", > > > > "Cache-Control":"no-cache, no-store, must-revalidate, pre- > > > > check=0, post-check=0", > > > > "X-MID":"c7827d770b9045b049f3967663b08dce7704a9fb", > > > > "X-RateLimit-Reset":"1308150383", > > > > "Vary":"Accept-Encoding", > > > > "Connection":"close" > > > > }, > > > > > The problem here is that because it thinks the OAuth credentials are > > > > "Invalid" it gives me a rate limit of 150. > > > > > If I remove the parameters "?cursor=-1&user_id=12345" and simply use > > > > the endpoint /1/followers/ids.json it accepts my OAuth credentials as > > > > valid and and returns the appropriate rate limit of 350. Although this > > > > works, I need pagination as there are a lot of ids I need to retrieve. > > > > > This had been working correctly and I noticed the change yesterday > > > > morning. > > > > > Any help on resolving this or letting me know if something has changed > > > > when parameters are used with this endpoint would be greatly > > > > appreciated. > > > > > Thanks, > > > > Jeff > > > > > -- > > > > Twitter developer documentation and resources: > >https://dev.twitter.com/doc > > > > API updates via Twitter:https://twitter.com/twitterapi > > > > Issues/Enhancements Tracker: > > > >https://code.google.com/p/twitter-api/issues/list > > > > Change your membership to this group: > > > >https://groups.google.com/forum/#!forum/twitter-development-talk > > > -- > > Twitter developer documentation and resources:https://dev.twitter.com/doc > > API updates via Twitter:https://twitter.com/twitterapi > > Issues/Enhancements Tracker: > >https://code.google.com/p/twitter-api/issues/list > > Change your membership to this group: > >https://groups.google.com/forum/#!forum/twitter-development-talk -- Twitter developer documentation and resources: https://dev.twitter.com/doc API updates via Twitter: https://twitter.com/twitterapi Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list Change your membership to this group: https://groups.google.com/forum/#!forum/twitter-development-talk