Hi Chris,
On our developer resources page you can find some libraires which handle
this process for you. You may find these a helpful reference to see how
others have implemented the OAuth specification.
The libraries are at this link:
http://dev.twitter.com/pages/libraries
The 401 error can be returned for a couple of reasons. The response body the
API returns contains more information about the cause of the error. Often
this reason is enough to be able to know what action is needed in your code.
To answer your questions:
- From what I understand in the doc, do the parameters for a POST
request go in the body? (I saw a reference to adding them as query
params in the url string but that seems to have been removed).
POST parameters are best sent in the body of the request.
- Looking at the OAuth spec and the example on the auth page, can I
assume POST parameters are ordered alphabetically along with the other
params when building the base string? Do they have to be doubly url
encoded?
It is more correct to say parameters are sorted by name, using
lexicographical byte value ordering. If two parameters share the same name,
they are ordered according to their value.
One thing that may help is to think of the POST parameters the same as GET
parameters when you are constructing your basestring. To the OAuth signing
process the difference is the word POST, the rest of the signing process is
the same.
Best,
@themattharris <https://twitter.com/intent/follow?screen_name=themattharris>
Developer Advocate, Twitter
On Sat, Jun 18, 2011 at 7:22 AM, Chris Mowforth <ch...@mowforth.com> wrote:
> Hey all, I'm playing around with the Twitter OAuth API, having rolled
> my own clients in both ruby and Objective-C. I've managed to authorise
> myself successfully and send status updates, but api methods like
> direct_messages/new always give me 401 errors.
>
> I know I'm missing something elementary in the way I'm making the
> calls, so I just want to clarify a couple of things:
>
> - From what I understand in the doc, do the parameters for a POST
> request go in the body? (I saw a reference to adding them as query
> params in the url string but that seems to have been removed).
>
> - Looking at the OAuth spec and the example on the auth page, can I
> assume POST parameters are ordered alphabetically along with the other
> params when building the base string? Do they have to be doubly url
> encoded?
>
> Here's a quick excerpt of the ruby client I put together:
> https://gist.github.com/1033130
>
> --
> Twitter developer documentation and resources: https://dev.twitter.com/doc
> API updates via Twitter: https://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> https://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> https://groups.google.com/forum/#!forum/twitter-development-talk
>
--
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
https://groups.google.com/forum/#!forum/twitter-development-talk
