Here is a dump of $signatureBaseString
GET&http%3A%2F%2Fapi.twitter.com%2F1%2Ffollowers%2Fids.json%3Fcursor
%3D-1%26user_id%3D130232354&oauth_consumer_key%3DOlPht6d2h3N1XYwCpCyx5Q
%26oauth_nonce
%3D7997664e2131b5c8f95fc3400b27c647%26oauth_signature_method%3DHMAC-
SHA1%26oauth_timestamp%3D1308152495%26oauth_token%3D130232354-
gI42iFYrX1Mtn72N5y1yr3WYSeQ6hfpposibfxY%26oauth_version%3D1.0
On Jun 15, 10:34 am, Taylor Singletary <taylorsinglet...@twitter.com>
wrote:
> Hi Jeff,
>
> This is close to what I'm looking for -- it has the authorization header
> which is important to see -- but what will really help us debug with you is
> the signature base string -- it's a string that contains many of the same
> values from the authorization header but presented in a specific format --
> this is the string that is signed to create your oauth_signature. This
> signature base string is usually the key to all OAuth problems, as the order
> of parameters and particular encoding of them in relation to the parameters
> on your query string or POST body are extremely important and somewhat
> fragile.
>
> I'm not sure which version of EpiOAuth you're using, but there's likely a
> method similar to this one. The value you want to debug/capture here is
> $signatureBaseString.
>
> protected function generateSignature($method = null, $url = null,
> $params = null)
> {
> if(empty($method) || empty($url))
> return false;
>
> // concatenating and encode
> $concatenatedParams =
> $this->encode_rfc3986($this->buildHttpQueryRaw($params));
>
> // normalize url
> $normalizedUrl = $this->encode_rfc3986($this->normalizeUrl($url));
> $method = $this->encode_rfc3986($method); // don't need this but why not?
>
> $signatureBaseString = "{$method}&{$normalizedUrl}&{$concatenatedParams}";
> return $this->signString($signatureBaseString);
> }
>
> @episod <http://twitter.com/intent/user?screen_name=episod> - Taylor
> Singletary
>
>
>
>
>
>
>
> On Wed, Jun 15, 2011 at 8:22 AM, Jeff <bigja...@gmail.com> wrote:
> > Taylor,
>
> > Thanks for the response. Hopefully, this is what you need. I dumped it
> > right before the request.
>
> > [
> > "Expect:",
> > "Authorization: OAuth realm=\"http:\/\/api.twitter.com\/1\/followers
> > \/ids.json\",
> > oauth_consumer_key=\"OlPht6d2h3N1XYwCpCyx5Q\",
> > oauth_token=\"130232354-
> > gI42iFYrX1Mtn72N5y1yr3WYSeQ6hfpposibfxY\",
> > oauth_nonce=\"71cc67f647043054dbd640b9b1f3d8fc\",
> > oauth_timestamp=\"1308151065\",
> > oauth_signature_method=\"HMAC-SHA1\",
> > oauth_version=\"1.0\",
> > oauth_signature=\"lYen9ON%2B5bVah%2BBHVGnPCMqBXQ8%3D
> > \"",
> > "User-Agent: "
> > ]
>
> > On Jun 15, 10:05 am, Taylor Singletary <taylorsinglet...@twitter.com>
> > wrote:
> > > This means that your signing is slightly wrong (and likely has been
> > slightly
> > > wrong for some time) when you're using parameters in your request. Can
> > you
> > > detail the signature base string and authorization header you are using
> > when
> > > building this request?
>
> > > @episod <http://twitter.com/intent/user?screen_name=episod> - Taylor
> > > Singletary
>
> > > On Wed, Jun 15, 2011 at 8:00 AM, Jeff <bigja...@gmail.com> wrote:
>
> > > > Tuesday morning around 10am CDT I noticed a change in the API
> > > > endpoint /version/followers/ids in how it operates.
>
> > > > If you provide the cursor parameter, such as:
>
> > > > /1/followers/ids.json?cursor=-1&user_id=12345 the method returns data
> > > > correctly, however it also return the error warning "Invalid OAuth
> > > > credentials detected". Here is the response from the API.
>
> > > > "data":{
> > > > "responseText":"{\"previous_cursor\":0,\"next_cursor_str\":\"0\",
> > > > \"previous_cursor_str\":\"0\",\"ids\":
> > > > [222126862,95945240,169607024,148845934,95447204,94401716],
> > > > \"next_cursor\":0}",
> > > > "headers":{
> > > > "Date":"Wed, 15 Jun 2011 14:39:54 GMT",
> > > > "Server":"hi",
> > > > "Status":"200 OK",
> > > > "X-Warning":"Invalid OAuth credentials detected",
> > > > "X-Transaction":"1308148794-15054-58845",
> > > > "X-RateLimit-Limit":"150",
> > > > "X-Frame-Options":"SAMEORIGIN",
> > > > "Last-Modified":"Wed, 15 Jun 2011 14:39:54 GMT",
> > > > "X-RateLimit-Remaining":"66",
> > > > "X-Runtime":"0.02003",
> > > > "Content-Type":"application\/json; charset=utf-8",
> > > > "Content-Length":"150",
> > > > "Pragma":"no-cache",
> > > > "X-RateLimit-Class":"api",
> > > > "X-Revision":"DEV",
> > > > "Expires":"Tue, 31 Mar 1981 05:00:00 GMT",
> > > > "Cache-Control":"no-cache, no-store, must-revalidate, pre-
> > > > check=0, post-check=0",
> > > > "X-MID":"c7827d770b9045b049f3967663b08dce7704a9fb",
> > > > "X-RateLimit-Reset":"1308150383",
> > > > "Vary":"Accept-Encoding",
> > > > "Connection":"close"
> > > > },
>
> > > > The problem here is that because it thinks the OAuth credentials are
> > > > "Invalid" it gives me a rate limit of 150.
>
> > > > If I remove the parameters "?cursor=-1&user_id=12345" and simply use
> > > > the endpoint /1/followers/ids.json it accepts my OAuth credentials as
> > > > valid and and returns the appropriate rate limit of 350. Although this
> > > > works, I need pagination as there are a lot of ids I need to retrieve.
>
> > > > This had been working correctly and I noticed the change yesterday
> > > > morning.
>
> > > > Any help on resolving this or letting me know if something has changed
> > > > when parameters are used with this endpoint would be greatly
> > > > appreciated.
>
> > > > Thanks,
> > > > Jeff
>
> > > > --
> > > > Twitter developer documentation and resources:
> >https://dev.twitter.com/doc
> > > > API updates via Twitter:https://twitter.com/twitterapi
> > > > Issues/Enhancements Tracker:
> > > >https://code.google.com/p/twitter-api/issues/list
> > > > Change your membership to this group:
> > > >https://groups.google.com/forum/#!forum/twitter-development-talk
>
> > --
> > Twitter developer documentation and resources:https://dev.twitter.com/doc
> > API updates via Twitter:https://twitter.com/twitterapi
> > Issues/Enhancements Tracker:
> >https://code.google.com/p/twitter-api/issues/list
> > Change your membership to this group:
> >https://groups.google.com/forum/#!forum/twitter-development-talk
--
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
https://groups.google.com/forum/#!forum/twitter-development-talk
