[twitter-dev] OAuth signature generation Help ("Failed to validate oauth signature and token")
I am newbie. I am trying to follow the instructions on the oauth page on how to generate signature, but I must be doing something wrong, I keep getting "Failed to validate oauth signature and token" Here is how the base string looks before normalizing: GET&http://twitter.com/oauth/ request_token&oauth_consumer_key=Xz2BKOKObTzpLrMXxJo2ww&oauth_nonce=blabla123&oauth_signature_method=HMAC- SHA1&oauth_token=&oauth_timestamp=1245887955090&oauth_version=1.0 GET&http%3A%2F%2Ftwitter.com%2Foauth%2Frequest_token&oauth_consumer_key %3DXz2BKOKObTzpLrMXxJo2ww%26oauth_nonce %3Dblabla123%26oauth_signature_method%3DHMAC-SHA1%26oauth_token%3D %26oauth_timestamp%3D1245887955090%26oauth_version%3D1.0 after generating signature: http%3A%2F%2Ftwitter.com%2Foauth%2Frequest_token%3Foauth_consumer_key %3DXz2BKOKObTzpLrMXxJo2ww%26oauth_nonce %3Dblabla123%26oauth_signature_method%3DHMAC-SHA1%26oauth_token%3D %26oauth_timestamp%3D1245887955090%26oauth_version %3D1.0%26oauth_signature%3D6odQgPJ5o%2FAuOIw0gt8CknlHIcc%3D Am I missing something here? I just cant find it. Please help me out
[twitter-dev] Failed to validate oauth signature and token
Hi, I am trying to follow the instructions of how to authenticate using oauth, but for some reason, when i try to get request_token, I get failed to validate signature and token. I am not sure what I am missing, can someone please take a second look at the following and let me know is missing? URL thats constructed: GET&http://twitter.com/oauth/ request_token&oauth_consumer_key=Xz2BKOKObTzpLrMXxJo2ww&oauth_nonce=blabla123&oauth_signature_method=HMAC- SHA1&oauth_token=&oauth_timestamp=1245887955090&oauth_version=1.0 URL after encoding and adding oauth_signature http%3A%2F%2Ftwitter.com%2Foauth%2Frequest_token%3Foauth_consumer_key %3DXz2BKOKObTzpLrMXxJo2ww%26oauth_nonce %3Dblabla123%26oauth_signature_method%3DHMAC-SHA1%26oauth_token%3D %26oauth_timestamp%3D1245887955090%26oauth_version %3D1.0%26oauth_signature%3D6odQgPJ5o%2FAuOIw0gt8CknlHIcc%3D Failed to validate oauth signature and token
[twitter-dev] OAuth: Failed to validate oauth signature and token -please help
Hi, I am trying to follow the instructions of how to authenticate using oauth, but for some reason, when i try to get request_token, I get failed to validate signature and token. I am not sure what I am missing, can someone please take a second look at the following and let me know is missing? URL thats constructed: GET&http://twitter.com/oauth/ request_token&oauth_consumer_key=Xz2BKOKObTzpLrMXxJo2ww&oauth_nonce=blabla123&oauth_signature_method=HMAC- SHA1&oauth_token=&oauth_timestamp=1245887955090&oauth_version=1.0 URL after encoding and adding oauth_signature http%3A%2F%2Ftwitter.com%2Foauth%2Frequest_token%3Foauth_consumer_key %3DXz2BKOKObTzpLrMXxJo2ww%26oauth_nonce %3Dblabla123%26oauth_signature_method%3DHMAC-SHA1%26oauth_token%3D %26oauth_timestamp%3D1245887955090%26oauth_version %3D1.0%26oauth_signature%3D6odQgPJ5o%2FAuOIw0gt8CknlHIcc%3D Failed to validate oauth signature and token
[twitter-dev] oauth_callback isn't redirecting correctly - what am i missing?
I am using javascript and proxy to basically make request_token call and once i get an unAuthorized token, I am then doing: http://twitter.com/oauth/authorize?oauth_token=KpQu4RvuEutVKvb9UUwHQpYDOzX5YRzYu71Z3Huieuc&oauth_callback=http://rr.mydomain.com:7070/tcallback.jsp - i think encode the above url and do a HTTP GET. but twitter after authorization, redirects to: http://rr.mydomain.com:7070/mydomain/http%3A%2F%2Ftwitter.com%2Foauth%2Fauthorize%3Foauth_token%3DKpQu4RvuEutVKvb9UUwHQpYDOzX5YRzYu71Z3Huieuc%26oauth_callback%3Dhttp%3A%2F%2Frr.mydomain.com%3A7070%2Ftcallback.jsp /, its not looking into aouth_callback section. What Am I missing?
[twitter-dev] Re: oauth_callback isn't redirecting correctly - what am i missing?
Thats exactly what I think I am doing, am I not? request_token(before encoding)... http://twitter.com/oauth/request_token?oauth_consumer_key=Xz2BKOKObTzpLrMXxJo2ww&oauth_nonce=nbmDOERzh6O&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1246057852&oauth_version=1.0&oauth_signature= for authorize(before encoding): http://twitter.com/oauth/authorize?oauth_token=&oauth_callback= Its even odd, I thought until I could resolve it, let me use the PIN and then revisit, but now, no matter what I do, it keeps redirecting :(( request_token url is same and authorize url is http://twitter.com/oauth/authorize?oauth_token= OR http://twitter.com/oauth/authorize?oauth_token=&oauth_callback=oob Thanks, goodTest On Jun 26, 3:22 pm, Abraham Williams <4bra...@gmail.com> wrote: > When you get the request token add > "oauth_callback%3Dhttp%3A%2F%2Frr.mydomain.com%3A7070%2Ftcallback.jsp" > and when you send the user for authorization only include oauth_token. > > Abraham > > On Fri, Jun 26, 2009 at 16:55, goodtest wrote: > > > I am using javascript and proxy to basically make request_token call > > and once i get an unAuthorized token, I am then doing: > >http://twitter.com/oauth/authorize?oauth_token=KpQu4RvuEutVKvb9UUwHQp... > > > - i think encode the above url and do a HTTP GET. > > > but twitter after authorization, redirects to: > >http://rr.mydomain.com:7070/mydomain/http%3A%2F%2Ftwitter.com%2Foauth... > > > /, its not looking > > into aouth_callback section. > > > What Am I missing? > > -- > Abraham Williams | Community Evangelist |http://web608.org > Hacker |http://abrah.am|http://twitter.com/abraham > Project |http://fireeagle.labs.poseurtech.com > This email is: [ ] blogable [x] ask first [ ] private.
[twitter-dev] oauth_callback is being cached at twitter?
As I am trying out oauth implementation, i looks like after some time twitter caches the oauth_callback. Since my implementation isnt fullyworking, I have sent several calls to authorize url with oauth_callback=, and again some other times, with oauth_callback=oob (since redirecting to some Url isn't working). But, the problem is even when I send oauth_callback=oob or no oauth_callback paramater, it still redirects to my old page. 1. Send the below request several times(say about 10 times) http://twitter.com/oauth/authorize?oauth_token=&oauth_callback= 2. now, send the following, http://twitter.com/oauth/authorize?oauth_token=&oauth_callback= 3. or this(without oauth_callback), http://twitter.com/oauth/authorize?oauth_token= For both Step2 and 3, twitter continues to redirect. Is this a bug
[twitter-dev] Re: oauth_callback isn't redirecting correctly - what am i missing?
Oh you meant, we should add oauth_callback to request_token call itself. I had actually tried that earlier, but i get "Failed to validate oauth signature and token" :( I also tried to use it as a part of generating signature, even that didnt work. One other thing I tried is to change the version from 1.0 to 1.0a - still no luck :( http%3A%2F%2Ftwitter.com%2Foauth%2Frequest_token%3Foauth_callback %3Dhttp%253A%252F%252Frr.domain.com%253A7070%252Fdomain%252F %26oauth_consumer_key%3DXz2BKOKObTzpLrMXxJo2ww%26oauth_nonce %3D6JM6MkAWdGg%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp %3D1246059588%26oauth_version%3D1.0a%26oauth_signature%3Duq8mWb %2BO1mcFR308RlpqNebinQE%3D On Jun 26, 4:28 pm, Abraham Williams <4bra...@gmail.com> wrote: > Look at the request_token request: > > http://twitter.com/oauth/request_token? > oauth_consumer_key=Xz2BKOKObTzpLrMXxJo2ww& > oauth_nonce=nbmDOERzh6O& > oauth_signature_method=HMAC-SHA1& > oauth_timestamp=1246057852& > oauth_version=1.0& > oauth_signature= > > There is no oauth_callback present. > > Abraham > > On Jun 26, 6:15 pm, goodtest wrote: > > > Thats exactly what I think I am doing, am I not? > > > request_token(before > > encoding)...http://twitter.com/oauth/request_token?oauth_consumer_key=Xz2BKOKObTz... > > > for authorize(before > > encoding):http://twitter.com/oauth/authorize?oauth_token=&oauth_callback= > url> > > > Its even odd, > > I thought until I could resolve it, let me use the PIN and then > > revisit, but now, no matter what I do, it keeps redirecting :(( > > request_token url is same > > and authorize url ishttp://twitter.com/oauth/authorize?oauth_token= > > ORhttp://twitter.com/oauth/authorize?oauth_token=&oauth_callback=oob > > > Thanks, > > goodTest > > > On Jun 26, 3:22 pm, Abraham Williams <4bra...@gmail.com> wrote: > > > > When you get the request token add > > > "oauth_callback%3Dhttp%3A%2F%2Frr.mydomain.com%3A7070%2Ftcallback.jsp" > > > and when you send the user for authorization only include oauth_token. > > > > Abraham > > > > On Fri, Jun 26, 2009 at 16:55, goodtest wrote: > > > > > I am using javascript and proxy to basically make request_token call > > > > and once i get an unAuthorized token, I am then doing: > > > >http://twitter.com/oauth/authorize?oauth_token=KpQu4RvuEutVKvb9UUwHQp... > > > > > - i think encode the above url and do a HTTP GET. > > > > > but twitter after authorization, redirects to: > > > >http://rr.mydomain.com:7070/mydomain/http%3A%2F%2Ftwitter.com%2Foauth... > > > > > /, its not looking > > > > into aouth_callback section. > > > > > What Am I missing? > > > > -- > > > Abraham Williams | Community Evangelist |http://web608.org > > > Hacker |http://abrah.am|http://twitter.com/abraham > > > Project |http://fireeagle.labs.poseurtech.com > > > This email is: [ ] blogable [x] ask first [ ] private.
[twitter-dev] If the twee begins with ' (single quote), then none of the words are tweeted
tweet: ' hi i am goodtest' observed: ' I am url encoding it but still i get the same issue.
[twitter-dev] tweeting with \ (backslash) breaks twitter via api
If i update my message with \bla bla bla I get:I have urlencoded it Something is technically wrong. Thanks for noticing�we're going to fix it up and have things back to normal soon.
[twitter-dev] update/status api is recognizing only the first word of the tweet :( please help
I thought everything was working until i just sent a tweet with 4
words, but only the first word is being posted for some reason. Please
help .
I think i have done all the url encoding stuffs, but somehow twitter
is only recognizing first word. What am i missing?
Url:
http://twitter.com/statuses/update.json?status=one two three
Post headers:
oauth_consumer_key=Xz2BKOKObTzpLrMXxJo2ww&oauth_nonce=Pz9MVSTc2EX&oauth_signature_method=HMAC-
SHA1&oauth_timestamp=1246644337&oauth_token=52243094-
N6lnC60D5ZY4rl1OVaemffKaqGas5aVJqAj220ykt&oauth_version=1.0&oauth_token=52243094-
N6lnC60D5ZY4rl1OVaemffKaqGas5aVJqAj220ykt&oauth_signature=i9NB
+T6OQRzeQkikXMYmhwONRTM=
encoded form:
http%3A%2F%2Ftwitter.com%2Fstatuses%2Fupdate.json%3Fstatus%3Done%20two
%20three
oauth_consumer_key%3DXz2BKOKObTzpLrMXxJo2ww%26oauth_nonce%3DJKBGe9GKQCM
%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp
%3D1246644748%26oauth_token%3D52243094-
N6lnC60D5ZY4rl1OVaemffKaqGas5aVJqAj220ykt%26oauth_version
%3D1.0%26oauth_token%3D52243094-
N6lnC60D5ZY4rl1OVaemffKaqGas5aVJqAj220ykt%26oauth_signature
%3D7RyC21EJdprquTFdbQV2lq0IIqY%3D
In the response.. it says:
"text":"one"
{"text":"one","favorited":false,"user":
{"profile_link_color":"088253","description":null,"profile_background_tile"
:false,"utc_offset":-28800,"verified":false,"profile_background_color":"EDECE9","followers_count":
10
,"profile_image_url":"http:\/\/static.twitter.com\/images\/
default_profile_normal.png","friends_count"
:
15,"profile_sidebar_fill_color":"E3E2DE","url":null,"screen_name":"rajaraodv","name":"rajaraodv","created_at"
:"Sun Jun 22 16:10:53 +
2008","protected":false,"profile_sidebar_border_color":"D3D2CF","time_zone"
:"Pacific Time (US & Canada)","following":null,"statuses_count":
23,"profile_text_color":"634047","location"
:null,"id":
15198474,"notifications":null,"profile_background_image_url":"http:\/\/
static.twitter.com
\/images\/themes\/theme3\/bg.gif","favourites_count":
0},"in_reply_to_screen_name":null,"created_at":"Fri
Jul 03 18:05:43 +
2009","truncated":false,"in_reply_to_status_id":null,"id":
2457422831,"in_reply_to_user_id"
:null,"source":"API<\/a>"}
please help, what am i missing?
[twitter-dev] Re: update/status api is recognizing only the first word of the tweet :( please help
thanks for the quick reply. I tried not encoding the url part of it,
but still twitter only recognizes the first word :(
http://twitter.com/statuses/update.json?oauth_consumer_key%3DXz2BKOKObTzpLrMXxJo2ww%26oauth_nonce%3Di3TKQ5uESfn%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1246650817%26oauth_token%3D52243094-N6lnC60D5ZY4rl1OVaemffKaqGas5aVJqAj220ykt%26oauth_version%3D1.0%26oauth_token%3D52243094-N6lnC60D5ZY4rl1OVaemffKaqGas5aVJqAj220ykt%26oauth_signature%3D2DNoZ4XmCaSDFKEZwOW%2FtLRCuC8%3D%26status%3Done%20two%20three
response:
{"in_reply_to_status_id":null,"text":"one","user":
{"notifications":false,"description":null,"verified"
:false,"utc_offset":null,"friends_count":
20,"profile_text_color":"00","profile_background_image_url"
:"http:\/\/static.twitter.com\/images\/themes\/theme1\/
bg.gif","profile_image_url":"http:\/\/static.twitter
.com\/images\/default_profile_normal.png","statuses_count":
18,"favourites_count":0,"profile_link_color"
:"ff","profile_background_tile":false,"url":null,"screen_name":"tweetzi1","name":"tweetzi1","created_at"
:"Tue Jun 30 00:25:14 +
2009","profile_background_color":"9ae4e8","protected":false,"profile_sidebar_fill_color"
:"e0ff92","following":false,"profile_sidebar_border_color":"87bc44","location":null,"id":
52243094,"time_zone"
:null,"followers_count":
5},"in_reply_to_user_id":null,"favorited":false,"created_at":"Fri Jul
03 19:53
:38 + 2009","in_reply_to_screen_name":null,"truncated":false,"id":
2458885220,"source":"Zimbra Collaboration Suite<\/a>"}
On Jul 3, 12:07 pm, Stuart wrote:
> 2009/7/3 goodtest :
>
>
>
>
>
> > I thought everything was working until i just sent a tweet with 4
> > words, but only the first word is being posted for some reason. Please
> > help .
> > I think i have done all the url encoding stuffs, but somehow twitter
> > is only recognizing first word. What am i missing?
>
> > Url:
> >http://twitter.com/statuses/update.json?status=onetwo three
> > Post headers:
> > oauth_consumer_key=Xz2BKOKObTzpLrMXxJo2ww&oauth_nonce=Pz9MVSTc2EX&oauth_signature_method=HMAC-
> > SHA1&oauth_timestamp=1246644337&oauth_token=52243094-
> > N6lnC60D5ZY4rl1OVaemffKaqGas5aVJqAj220ykt&oauth_version=1.0&oauth_token=52243094-
> > N6lnC60D5ZY4rl1OVaemffKaqGas5aVJqAj220ykt&oauth_signature=i9NB
> > +T6OQRzeQkikXMYmhwONRTM=
>
> > encoded form:
>
> > http%3A%2F%2Ftwitter.com%2Fstatuses%2Fupdate.json%3Fstatus%3Done%20two
> > %20three
>
> > oauth_consumer_key%3DXz2BKOKObTzpLrMXxJo2ww%26oauth_nonce%3DJKBGe9GKQCM
> > %26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp
> > %3D1246644748%26oauth_token%3D52243094-
> > N6lnC60D5ZY4rl1OVaemffKaqGas5aVJqAj220ykt%26oauth_version
> > %3D1.0%26oauth_token%3D52243094-
> > N6lnC60D5ZY4rl1OVaemffKaqGas5aVJqAj220ykt%26oauth_signature
> > %3D7RyC21EJdprquTFdbQV2lq0IIqY%3D
>
> > In the response.. it says:
> > "text":"one"
>
> > {"text":"one","favorited":false,"user":
> > {"profile_link_color":"088253","description":null,"profile_background_tile"
> > :false,"utc_offset":-28800,"verified":false,"profile_background_color":"EDECE9","followers_count":
> > 10
> > ,"profile_image_url":"http:\/\/static.twitter.com\/images\/
> > default_profile_normal.png","friends_count"
> > :
> > 15,"profile_sidebar_fill_color":"E3E2DE","url":null,"screen_name":"rajaraodv","name":"rajaraodv","created_at"
> > :"Sun Jun 22 16:10:53 +
> > 2008","protected":false,"profile_sidebar_border_color":"D3D2CF","time_zone"
> > :"Pacific Time (US & Canada)","following":null,"statuses_count":
> > 23,"profile_text_color":"634047","location"
> > :null,"id":
> > 15198474,"notifications":null,"profile_background_image_url":"http:\/\/
> > static.twitter.com
> > \/images\/themes\/theme3\/bg.gif","favourites_count":
> > 0},"in_reply_to_screen_name":null,"created_at":"Fri
> > Jul 03 18:05:43 +
> > 2009","truncated":false,"in_reply_to_status_id":null,"id":
> > 2457422831,"in_reply_to_user_id"
> > :null,"source":"API<\/a>"}
>
> > please help, what am i missing?
>
> First of all, "one two three" is 3 words so you'll never get Twitter
> to recognise it as 4.
>
> Secondly you need to url encode the text you're passing in the status
> parameter, i.e.
>
> http://twitter.com/statuses/update.json?status=one%20two%20three
>
> -Stuart
>
> --http://stut.net/projects/twitter
[twitter-dev] Re: update/status api is recognizing only the first word of the tweet :( please help
ah I cant believe I was missing such basic point. Thanks again
(especially for responding on a long weekend), it works now!
On Jul 3, 1:06 pm, Stuart wrote:
> 2009/7/3 goodtest :
>
>
>
>
>
>
>
> > thanks for the quick reply. I tried not encoding the url part of it,
> > but still twitter only recognizes the first word :(
>
> >http://twitter.com/statuses/update.json?oauth_consumer_key%3DXz2BKOKO...
>
> > response:
>
> > {"in_reply_to_status_id":null,"text":"one","user":
> > {"notifications":false,"description":null,"verified"
> > :false,"utc_offset":null,"friends_count":
> > 20,"profile_text_color":"00","profile_background_image_url"
> > :"http:\/\/static.twitter.com\/images\/themes\/theme1\/
> > bg.gif","profile_image_url":"http:\/\/static.twitter
> > .com\/images\/default_profile_normal.png","statuses_count":
> > 18,"favourites_count":0,"profile_link_color"
> > :"ff","profile_background_tile":false,"url":null,"screen_name":"tweetzi1","name":"tweetzi1","created_at"
> > :"Tue Jun 30 00:25:14 +
> > 2009","profile_background_color":"9ae4e8","protected":false,"profile_sidebar_fill_color"
> > :"e0ff92","following":false,"profile_sidebar_border_color":"87bc44","location":null,"id":
> > 52243094,"time_zone"
> > :null,"followers_count":
> > 5},"in_reply_to_user_id":null,"favorited":false,"created_at":"Fri Jul
> > 03 19:53
> > :38 + 2009","in_reply_to_screen_name":null,"truncated":false,"id":
> > 2458885220,"source":" > :\/\/gallery.zimbra.com\">Zimbra Collaboration Suite<\/a>"}
>
> Encode just the values in the query string, not the entire thing. This
> is pretty basic URL stuff, I suggest do some research into URL basics
> before continuing since you clearly don't understand what you're
> doing. Google can help you here.
>
> -Stuart
>
> --http://stut.net/projects/twitter
>
>
>
> > On Jul 3, 12:07 pm, Stuart wrote:
> >> 2009/7/3 goodtest :
>
> >> > I thought everything was working until i just sent a tweet with 4
> >> > words, but only the first word is being posted for some reason. Please
> >> > help .
> >> > I think i have done all the url encoding stuffs, but somehow twitter
> >> > is only recognizing first word. What am i missing?
>
> >> > Url:
> >> >http://twitter.com/statuses/update.json?status=onetwothree
> >> > Post headers:
> >> > oauth_consumer_key=Xz2BKOKObTzpLrMXxJo2ww&oauth_nonce=Pz9MVSTc2EX&oauth_signature_method=HMAC-
> >> > SHA1&oauth_timestamp=1246644337&oauth_token=52243094-
> >> > N6lnC60D5ZY4rl1OVaemffKaqGas5aVJqAj220ykt&oauth_version=1.0&oauth_token=52243094-
> >> > N6lnC60D5ZY4rl1OVaemffKaqGas5aVJqAj220ykt&oauth_signature=i9NB
> >> > +T6OQRzeQkikXMYmhwONRTM=
>
> >> > encoded form:
>
> >> > http%3A%2F%2Ftwitter.com%2Fstatuses%2Fupdate.json%3Fstatus%3Done%20two
> >> > %20three
>
> >> > oauth_consumer_key%3DXz2BKOKObTzpLrMXxJo2ww%26oauth_nonce%3DJKBGe9GKQCM
> >> > %26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp
> >> > %3D1246644748%26oauth_token%3D52243094-
> >> > N6lnC60D5ZY4rl1OVaemffKaqGas5aVJqAj220ykt%26oauth_version
> >> > %3D1.0%26oauth_token%3D52243094-
> >> > N6lnC60D5ZY4rl1OVaemffKaqGas5aVJqAj220ykt%26oauth_signature
> >> > %3D7RyC21EJdprquTFdbQV2lq0IIqY%3D
>
> >> > In the response.. it says:
> >> > "text":"one"
>
> >> > {"text":"one","favorited":false,"user":
> >> > {"profile_link_color":"088253","description":null,"profile_background_tile"
> >> > :false,"utc_offset":-28800,"verified":false,"profile_background_color":"EDECE9","followers_count":
> >> > 10
> >> > ,"profile_image_url":"http:\/\/static.twitter.com\/images\/
> >> > default_profile_normal.png","friends_count"
> >> > :
> >> > 15,"profile_sidebar_fill_color":"E3E2DE","url":null,"screen_name":"rajaraodv","name":"rajaraodv","created_at"
> >> > :"Sun Jun 22 16:10:53 +
> >> > 2008","protected":false,"profile_sidebar_border_color":"D3D2CF","time_zone"
> >> > :"Pacific Time (US & Canada)","following":null,"statuses_count":
> >> > 23,"profile_text_color":"634047","location"
> >> > :null,"id":
> >> > 15198474,"notifications":null,"profile_background_image_url":"http:\/\/
> >> > static.twitter.com
> >> > \/images\/themes\/theme3\/bg.gif","favourites_count":
> >> > 0},"in_reply_to_screen_name":null,"created_at":"Fri
> >> > Jul 03 18:05:43 +
> >> > 2009","truncated":false,"in_reply_to_status_id":null,"id":
> >> > 2457422831,"in_reply_to_user_id"
> >> > :null,"source":"API<\/a>"}
>
> >> > please help, what am i missing?
>
> >> First of all, "one two three" is 3 words so you'll never get Twitter
> >> to recognise it as 4.
>
> >> Secondly you need to url encode the text you're passing in the status
> >> parameter, i.e.
>
> >> http://twitter.com/statuses/update.json?status=one%20two%20three
>
> >> -Stuart
>
> >> --http://stut.net/projects/twitter- Hide quoted text -
>
> - Show quoted text -- Hide quoted text -
>
> - Show quoted text -
[twitter-dev] oauth seems to be broken (or down) since 4PM PST
all of a sudden I am getting "cannot authenticate"
[twitter-dev] twitter api server seems to be down (getting invalid signature) since 5.15 pm pst
twitter api server seems to be down (getting invalid signature) since 5.15 pm pst
[twitter-dev] Re: Whoa There! - Users don't really know whats going on.
I totally agree. They should simplify it and say something like: "You are not passing all required parameters or not encoding them properly" or anything that makes more sense. On Jul 27, 4:25 pm, Peter Denton wrote: > Hey, > I did some usability testing and 10 out of 10 people did not understand the > "Whoa There" statement. > > - First, probably only engineers/devs are going to understand what a > "token" is. > - Second, stating that "it was probably an honest mistake" is a > completely misleading, irrelevant statement. 'Honest mistake' infers some > type of a human choice, but its a system/technical conflict, without > intent. > > I know this has been brought up before, but I have been trying to > legitimately test these things on users, and it failed. Is there any chance > for customization of error reporting at this level? Will you accept text > considerations? > Another part of my testing was to simply describe the errors and let people > describe to me what that means in there head. In that sense, no one presumed > guilt on the apps behalf. > > Thanks > Peter
[twitter-dev] Re: Whoa There! - Users don't really know whats going on.
sounds good, its way better than "Whoa There" :) On Jul 27, 5:51 pm, Andrew Badera wrote: > On Mon, Jul 27, 2009 at 8:38 PM, goodtest wrote: > > > I totally agree. They should simplify it and say something like: "You > > are not passing all required parameters or not encoding them properly" > > or anything that makes more sense. > > That's not going to make any more sense to users. > > It needs to be simple and imperative. > > "We've experienced an OAuth [authorization [optional]] problem, sorry for > the difficulty! Please let the administrators of [requesting app] know that > they provided duplicate or incorrect OAuth request information." > > --ab
[twitter-dev] Re: twitter api server seems to be down (getting invalid signature) since 5.15 pm pst
Are we sure there is no further regression bug in this new fix? On Jul 27, 7:14 pm, Doug Williams wrote: > If you are still seeing errors you should check your code to ensure that you > are sending the correct signature. > Thanks, > Doug > > On Mon, Jul 27, 2009 at 7:10 PM, winrich wrote: > > > mine broke too. i wonder though, i'm using the oauth python libraries > > > On Jul 27, 6:35 pm, chinaski007 wrote: > > > Doug: > > > > Does this mean that Marcel made a fix for this? Or rather that we > > > should examine our code to find the culprit? > > > > Thanks, > > > Peter Bray > > > > On Jul 27, 6:24 pm, Doug Williams wrote: > > > > > Updating you guys on this problem. A bug was reported off list that > > informed > > > > us we were not always verifying signatures. Today we shipped a fix for > > this > > > > problem which ensures that we are correctly verifying signatures. > > > > If you are still seeing invalid signature errors you should examine > > > > your code and ensure you are correctly signing requests > > > > as per the spec. > > > > Thanks, > > > > Doug > > > > > On Mon, Jul 27, 2009 at 6:05 PM, Doug Williams > > wrote: > > > > > Marcel is shipping a fix for this as I type. > > > > > > Thanks, > > > > > Doug > > > > > > 2009/7/27 João Pereira > > > > > > Same here. > > > > > >> On Tue, Jul 28, 2009 at 1:26 AM, goodtest > > wrote: > > > > > >>> twitter api server seems to be down (getting invalid signature) > > since > > > > >>> 5.15 pm pst
[twitter-dev] Re: twitter api server seems to be down (getting invalid signature) since 5.15 pm pst
Yeah, I agree, can you please point out what (in general) we might be doing wrong? I still think you probably have a further-regression bug. On Jul 27, 8:19 pm, kosso wrote: > agreed. > > please Twitter, tell us WHAT the fix required was. > what should we look for. > > have you tested your 'fix' against all the code examples you link from > the API pages? > > that would be nice. thx. > > I'm getting some posts through. some not. so something's still up/down > > On Jul 27, 8:04 pm, Duane Roelands wrote: > > > You introduced a breaking change into the API with no warning and no > > help for developers as to the specifics of what we need to fix? > > Developers need better support than that. > > > Is there some reason why posting updates to some accounts would work > > and posting to others would not? Using the same code, I'm able to > > post to my development test account but not to my personal account. > > > On Jul 27, 10:59 pm, Doug Williams wrote: > > > > As stated above, some applications were sending invalid signatures which > > > we > > > were accepting as valid. This vulnerability was pointed out by a > > > developer. > > > > Some libraries and code which may have previously worked may be broken by > > > this security fix. > > > > Thanks, > > > Doug > > > > On Mon, Jul 27, 2009 at 7:44 PM, Duane Roelands > > > wrote: > > > > > I am receiving 401 (Unauthorized) when calling > > > >http://twitter.com/statuses/update.xml > > > > and passing the following querystring: > > > > > oauth_consumer_key=[removed] > > > > &oauth_nonce=912352&oauth_signature_method=HMAC- > > > > SHA1&oauth_timestamp=1248748647&oauth_token=19068738- > > > > hKO8qRlHPfJWqRHRkd62dGb4IiyXaXUy35Cqz58&oauth_version=1.0&status=This > > > > +is+a+test&oauth_signature=Fl0kqJdHY5MkvxjUZQ%2bFn%2fxGORo%3d > > > > > This code was working this afternoon and has not been changed. > > > > > On Jul 27, 10:38 pm, goodtest wrote: > > > > > Are we sure there is no further regression bug in this new fix? > > > > > > On Jul 27, 7:14 pm, Doug Williams wrote: > > > > > > > If you are still seeing errors you should check your code to ensure > > > > that you > > > > > > are sending the correct signature. > > > > > > Thanks, > > > > > > Doug > > > > > > > On Mon, Jul 27, 2009 at 7:10 PM, winrich > > > > > > wrote: > > > > > > > > mine broke too. i wonder though, i'm using the oauth python > > > > > > > libraries > > > > > > > > On Jul 27, 6:35 pm, chinaski007 wrote: > > > > > > > > Doug: > > > > > > > > > Does this mean that Marcel made a fix for this? Or rather that > > > > > > > > we > > > > > > > > should examine our code to find the culprit? > > > > > > > > > Thanks, > > > > > > > > Peter Bray > > > > > > > > > On Jul 27, 6:24 pm, Doug Williams wrote: > > > > > > > > > > Updating you guys on this problem. A bug was reported off list > > > > that > > > > > > > informed > > > > > > > > > us we were not always verifying signatures. Today we shipped a > > > > fix for > > > > > > > this > > > > > > > > > problem which ensures that we are correctly verifying > > > > > > > > > signatures. > > > > > > > > > If you are still seeing invalid signature errors you should > > > > examine > > > > > > > > > your code and ensure you are correctly signing requests > > > > > > > > > as per the spec. > > > > > > > > > Thanks, > > > > > > > > > Doug > > > > > > > > > > On Mon, Jul 27, 2009 at 6:05 PM, Doug Williams > > > > > > > > > > > > > > > > wrote: > > > > > > > > > > Marcel is shipping a fix for this as I type. > > > > > > > > > > > Thanks, > > > > > > > > > > Doug > > > > > > > > > > > 2009/7/27 João Pereira > > > > > > > > > > > Same here. > > > > > > > > > > >> On Tue, Jul 28, 2009 at 1:26 AM, goodtest < > > > > goodtest...@gmail.com> > > > > > > > wrote: > > > > > > > > > > >>> twitter api server seems to be down (getting invalid > > > > signature) > > > > > > > since > > > > > > > > > >>> 5.15 pm pst
[twitter-dev] Re: twitter api server seems to be down (getting invalid signature) since 5.15 pm pst
btw, oauth_playground seems to be down as well. Also, I don't understand why create account which uses the same core method to create signature works but none of the other methods (friends_timeline, update statuses) dont work :( waiting for some hints On Jul 27, 9:40 pm, Doug Williams wrote: > Please use the OAuth playground [1] to test your signatures against the > expected result. I am working to gather specifics to help your debug process > (i.e. what changed?) in the mean time. > 1.http://googlecodesamples.com/oauth_playground/ > > Thanks, > Doug > > On Mon, Jul 27, 2009 at 9:29 PM, winrich wrote: > > > ok guys. > > > so my calls were failing on the verify_credentials call and not on the > > update or timeline calls. the only difference i saw was the the > > verify_credential call wasn't secured. i changed it to https and it > > worked. ??? lol > > > On Jul 27, 9:19 pm, Chad Etzel wrote: > > > On Mon, Jul 27, 2009 at 11:55 PM, Duane > > > > Roelands wrote: > > > > RTFM is not a helpful answer, especially when many developers are > > > > relying on libraries that they did not write. > > > > That's a risk you run when using code you didn't write. > > > > I'm not saying that this situation doesn't suck for those affected. > > > I'm sure that it does. But, for a technology so new as OAuth, the > > > libraries may not be mature yet. > > > > Officially, Twitter OAuth is still in Public Beta and has never been > > > officially recommended to integrate into production code. That being > > > said, there could still be a problem on Twitter's end with their > > > signature verification mechanism and the libraries could all be valid. > > > I don't have a way of knowing. > > > > I do agree that at least a note that "a security change was pushed > > > today" would be nice, though. > > > > -Chad
[twitter-dev] Re: twitter api server seems to be down (getting invalid signature) since 5.15 pm pst
BTW, I am using oauth Javascript client library( http://oauth.googlecode.com/svn/code/javascript/ ) to create signature. Wondering if it has a bug? On Jul 27, 10:53 pm, goodtest wrote: > btw, oauth_playground seems to be down as well. > > Also, I don't understand why create account which uses the same core > method to create signature works but none of the other methods > (friends_timeline, update statuses) dont work :( waiting for some > hints > > On Jul 27, 9:40 pm, Doug Williams wrote: > > > Please use the OAuth playground [1] to test your signatures against the > > expected result. I am working to gather specifics to help your debug process > > (i.e. what changed?) in the mean time. > > 1.http://googlecodesamples.com/oauth_playground/ > > > Thanks, > > Doug > > > On Mon, Jul 27, 2009 at 9:29 PM, winrich wrote: > > > > ok guys. > > > > so my calls were failing on the verify_credentials call and not on the > > > update or timeline calls. the only difference i saw was the the > > > verify_credential call wasn't secured. i changed it to https and it > > > worked. ??? lol > > > > On Jul 27, 9:19 pm, Chad Etzel wrote: > > > > On Mon, Jul 27, 2009 at 11:55 PM, Duane > > > > > Roelands wrote: > > > > > RTFM is not a helpful answer, especially when many developers are > > > > > relying on libraries that they did not write. > > > > > That's a risk you run when using code you didn't write. > > > > > I'm not saying that this situation doesn't suck for those affected. > > > > I'm sure that it does. But, for a technology so new as OAuth, the > > > > libraries may not be mature yet. > > > > > Officially, Twitter OAuth is still in Public Beta and has never been > > > > officially recommended to integrate into production code. That being > > > > said, there could still be a problem on Twitter's end with their > > > > signature verification mechanism and the libraries could all be valid. > > > > I don't have a way of knowing. > > > > > I do agree that at least a note that "a security change was pushed > > > > today" would be nice, though. > > > > > -Chad
[twitter-dev] Re: twitter api server seems to be down (getting invalid signature) since 5.15 pm pst
>Need to verify that the parameters are signed by both consumer secret and
access secret.
I am doing that already. For example, when I call
http://twitter.com/statuses/friends_timeline.json, I pass
consumerSecret, tokenSecret...
Using the JS library, it looks like this to get the signature:
var accessor = { consumerSecret: this.consumerSecret
, tokenSecret : };
var message = { method: "GET"
, action: "http://twitter.com/statuses/friends_timeline.json";
, parameters: new Array()
};
message.parameters.push(["oauth_consumer_key",this.consumerKey]);
message.parameters.push(["oauth_version","1.0"]);
message.parameters.push(["oauth_timestamp", OAuth.timestamp()]);
message.parameters.push(["oauth_nonce", OAuth.nonce(11)]);
message.parameters.push(["oauth_signature_method", "HMAC-SHA1"]);
message.parameters.push(["oauth_token", ]);
OAuth.SignatureMethod.sign(message, accessor);
var signature = OAuth.getParameter(message.parameters,
"oauth_signature");
[twitter-dev] Possible tips and solutions if you are getting invalid signature since the latest security patch
I finally found out whats causing problems for me.
1. Make sure you are using token secret(oauth_token_secret) to create
signature. I think earlier, twitter was accepting even without token-
secret (a security hole) and hence the fix (I think).
In javascript api to update a status...
var accessor = { consumerSecret: this.consumerSecret
, tokenSecret : };
var message = { method: "POST"
, action: "http://twitter.com/statuses/update.json";
, parameters: new Array()
};
message.parameters.push(["oauth_consumer_key",this.consumerKey]);
message.parameters.push(["oauth_version","1.0"]);
message.parameters.push(["oauth_timestamp", OAuth.timestamp()]);
message.parameters.push(["oauth_nonce", OAuth.nonce(11)]);
message.parameters.push(["oauth_signature_method", "HMAC-SHA1"]);
message.parameters.push(["oauth_token", ot]);
message.parameters.push(["status",<"Encode(HI FROM TWITTER)">]);
2. If the request uses additional parameters, like to send a tweet we
need to add "status" = parameter, make sure to also pass
the additional parameters to *create* signature. In the above example,
i am passing "status" = ,<"Encode(HI FROM TWITTER)"> to create
signature.
3. Be careful of "double-encoding".
for example: "hi there" after encoding becomes.. "hi%20there" and if
your code is mistakenly encoding it a second time.. it would become "hi
%2520there". And since it(HTTP post/get parameter) doesn't match what
was used to create signature, you will again get infamous 'invalid
signature'
[twitter-dev] Re: twitter api server seems to be down (getting invalid signature) since 5.15 pm pst
I think the big problem is that twitter's implementation is buggy and given that its relatively convoluted to implement oauth, even our implementation is buggy. Adding to that if we only get 'invalid signature' irrespective of which side the bug resides, frustrating both sides. I think it would be better they give 'clear' and concrete oauth examples for various twitter api calls(few POSTs and few GETs). And more importantly, also list out all the 'gotcha' or common-mistakes would be better for all of us. On Jul 28, 8:40 am, Zaudio wrote: > I don't myself think that twitter are doing anything more than > enforcing the standard. I spent 3 hours 'fixing' my code for our > application (uses Shannon Whitley's c# library as a base); I only > found two bugs in thelibrary that caused any problem... the use of > httputility.urlencode in place of the modified urlencode already > implemented for use with Oauth, as required by the spec... the library > just wasn't using it in two places. > Following that, I found I was passing some bad strings to the > library... so the methods in it were not urldecoding and re- > urlencoding the postdata as required to get it to meet the spec. Once > I fixed that also, all seems good. > > So if our app now posts all data fine over Oauth, it suggests that > twitter's interface is OK? > > Simon > > On Jul 28, 8:16 am, BlueSkies wrote: > > > I'm the developer who reported this problem to Twitter offline. I had > > been preparing a test case for them when I noticed this > > post:http://groups.google.com/group/twitter-development-talk/browse_thread... > > > I then skipped the preparation of the test case and sent e-mail > > directly to Twitter since this was what I considered to be a high risk > > issue. > > > Since the fix from Twitter went in for this last night, I have also > > seen some strange behaviour with OAuth. I'm getting a lot of 401 > > responses for users who were already logged in. I'm also getting > > sporadic bad responses for accesses that ask for a request token (BTW > > - I'm using https if that makes any difference). > > > I think that there is still a problem. I've switched my application > > back to using Basic Auth for now. > > > - Scott > > @scott_carterhttp://bigtweet.com
[twitter-dev] Re: Twitter: What did you change in OAuth?
Also check out things that broke for me(and their solutions) http://groups.google.com/group/twitter-development-talk/browse_thread/thread/59ed5372f7c1b623 On Jul 28, 6:42 am, Duane Roelands wrote: > Glad things are working for you. ;) > > Still no luck here. I'm signing the requests with both keys and I'm > URLEncoding all "%"-values to upper case. > > On Jul 28, 9:18 am, "thetago...@googlemail.com" > > wrote: > > Apparently two things were changed: > > > 1. Setting the Consumer Secret is now a mandatory part of the signing > > process, empty consumer secrets don't work anymore. > > 2. Parameter encoding didn't previously enforce the part of section > > 5.1 that says that "Hexadecimal characters in encodings MUST be upper > > case." > > > Maybe more was changed, but these two did it for me. > > > best regards, > > Toni
[twitter-dev] Re: OAUTH: Basic Auth is simpler/more reliable/more secure/better received than OAuth!?
Although oauth is convoluted and twitter's implementation is buggy, no clear examples and takes time to get it right, I still vote for OAuth. You see people simply don't trust 3rd party apps with their login info as much as they trust the main-application(twitter.com). So at the end of the day, its better for us :)
[twitter-dev] Re: twitter api server seems to be down (getting invalid signature) since 5.15 pm pst
@Marcel, Thanks for the post. Here are my suggestions: - Please make 'concrete' API examples(few POSTs and few GETs) with actual requests. - Make a list common-mistakes that a developer might make while he develops twitter appln(you know.. encoding, not-double-encoding, use additional-params-for-signature-generation-if-any etc) - A oauth sandbox where it throws "precise errors/feedbacks" for developers to debug and test their apps would be very helpful as well. On Jul 28, 10:57 am, Marcel Molina wrote: > As many of you have since learned, we deployed an unannounced security fix > that has resulted in unexpected failures for quite a few developers using > OAuth. A developer reported to us that OAuth signatures were not being > verified on our side. The fix was implemented and pushed on Sunday then > deployed yesterday. Once the fix was in the wild many applications started > returning Invalid Signature errors. Our various successful tests seem to > indicate that the signature verification is implemented correctly and yet > many people are experiencing errors. So what's going on? > > One of the main problems seems to be that many OAuth libraries appear to not > be generating correctly signed requests. It's likely that Twitter's > implementation was used to test out many of these libraries when they were > being implemented. Without the correct signature check, it appeared to these > developers that their libraries were implementing the spec correctly. For > this confusion we must take at least partial blame. > > The following email from Simon in the UK seems to indicate absent url > encoding and decoding is a likely culprit in many of these libraries: > > "I don't myself think that twitter are doing anything more than > enforcing the standard. I spent 3 hours 'fixing' my code for our > application (uses Shannon Whitley's c# library as a base); I only > found two bugs in thelibrary that caused any problem... the use of > httputility.urlencode in place of the modified urlencode already > implemented for use with Oauth, as required by the spec... the library > just wasn't using it in two places. > Following that, I found I was passing some bad strings to the > library... so the methods in it were not urldecoding and re- > urlencoding the postdata as required to get it to meet the spec. Once > I fixed that also, all seems good. > > So if our app now posts all data fine over Oauth, it suggests that > twitter's interface is OK?" > > There are at least several things we could have done better in dealing with > this: > > * We should have, it goes without saying, had more extensive test coverage > of our implementation ensuring that we were fully implementing the spec so > that the whole situation would have been avoided in the first place. > > * We should have had an email prepared to send out immediately following the > deploy explaining the vulnerability and the change that was deployed, > encouraging developers to double check that their signatures were in fact > being generated correctly. > > We left a lot of people guessing for half a day, in many cases probably > frantically trying to fix mysterious failures in their apps. For that we > must admit guilt. We hadn't anticipated that so many libraries might have > not been generating signatures correctly. As a result it didn't occur to us > to urgently send out details, assuming fully implemented libraries would > continue to work transparently and malicious requests would start to fail. > We had been focusing our efforts first and foremost on getting the fix > implemented and deployed to protect everyone. Lesson learned. We'll take > this experience with us and bring it to bear next time such a situation > arises. > > We're going to do a post-mortem on our side to identify all the things we > should have done better. We've read all of your feedback about how this > could have been done better. To everyone who has chimed into this thread > offering details and help, we extend our thanks. > > On Tue, Jul 28, 2009 at 10:28 AM, Abraham Williams <4bra...@gmail.com>wrote: > > > > > If you are encoding properly according to: > >http://oauth.net/core/1.0a#encoding_parametersand it still fails to > > update post and update to > >http://code.google.com/p/twitter-api/issues/entryand make Twitter fix it. > > > I've not double checked to verify but "!" should encode to "%21" and then > > it should work. > > > Abraham > > > On Tue, Jul 28, 2009 at 10:06, Duane Roelands > > wrote: > > >> Yeah, that's what I'm doing as well. > > >> I wish Twitter would give us some answers. > > >> I can post a tweet is the text is "test" > >> If I try to post "test!", it fails. Something about the encoding of > >> non-alphanumeric characters is part of the problem. But, because > >> Twitter isn't talking, all we can do is guess. > > >> On Jul 28, 12:52 pm, Cristovão Morgado > >> wrote: > >> > I use this implementation: > >>http://www.codingthewheel.com/archives/codingthetweet > > >> >
[twitter-dev] Re: twitter api server seems to be down (getting invalid signature) since 5.15 pm pst
If it works 99.9% of the times and breaks intermittently, its 1000% encoding issue and nothing else - your signature or some-data is having few characters that's not encoded in that particular instance. On Jul 28, 12:36 pm, chinaski007 wrote: > Ugh, terrible situation here. Things working 99.9% of the time now > with Perl. But we continue to get bizarre intermittent errors that > span the range of API calls. We are thinking that internal hash re- > ordering may invalidate signatures, but that is just speculation.
[twitter-dev] Getting 404 for twitter search since yesterday(everything else works), anything changed?
example search http://search.twitter.com/search.json??rpp=50&q=test
[twitter-dev] Re: DDoS Status Update
I am getting 404 just for search api, it was working just fine all along. I get 404 on production server but works fine on dev and qa boxes - not sure why. My assumption is our production server was active during DDos attack and has been blacklisted. Am I right? how can I whitelist/fix it? On Aug 7, 12:22 pm, Simon Tiplady wrote: > Chris, > > A 302 header means you need to request the location that twitter has > sent back to you with that header. > It is part of their attempts at spotting the real requests from the > fake ones. > How you handle it all depends on what language you are programming in! > > Simon > > On Aug 7, 8:10 pm, Chris wrote: > > > Thank you for updating us! > > > I have still a problem with getting search results via curl like > > described > > here:http://apiwiki.twitter.com/Twitter-Search-API-Method%3A-search > > This was working pretty good before the DDoS attack, but now I don't > > get any results just http_code of 302. > > > An example url, I'm trying to get > > is:http://search.twitter.com/search.atom?q=twitter〈=de&rpp=15&since_... > > > Can you give me a hint what I'm doing wrong or is this part of the API > > still not working correct? > > > Thanks and best regards, > > Chris
[twitter-dev] Re: Getting 404 for twitter search since yesterday(everything else works), anything changed?
It works on dev and qa boxes but not from production servers. Not sure why I get 404, I expect somethin like 302 or something, but I only get 404 and only on production machines. PS: Production machines were running and being used during DDOS attack, was it anything to do with blacklisting? On Aug 7, 10:06 am, goodtest wrote: > example searchhttp://search.twitter.com/search.json??rpp=50&q=test
[twitter-dev] Re: Platform downtime is expected
Same here. New users can't authorize. After pressing 'Approve', it takes for ever and ends up in a blank-page with http://twitter.com/oauth/authorize url. On Aug 15, 6:51 pm, Ritvvij wrote: > Hi could this be the reason why? > > On clicking authenticate user, my application moves to twitter. When > the user presses APPROVE, it waits like forever and then goes to a > blank page with url as "http://twitter.com/oauth/authorize"; instead > of my call back URL. ?? > > Please advise. > Till last night my app was working, and since today morning, even > right now, its down. :-( > > On Aug 15, 8:21 pm, Sean Callahan wrote: > > > Thanks for the reply Doug. Any new news? Still not able to login > > using basic auth on TweetPhoto. Do you have any ETA as to when we'll > > be restored? > > > On Aug 15, 1:29 pm, Doug Williams wrote: > > > > Sean,At this time we are monitoring the situation and containing issues as > > > we see them. Let's hold off on restoration requests until things > > > stabilize. > > > > Thanks, > > > Doug > > > > On Sat, Aug 15, 2009 at 1:17 PM, Sean Callahan > > > wrote: > > > > > Thanks for the update Doug. Users on TweetPhoto are not able to login. > > > > I've added an alert notification on our homepage,http://TweetPhoto.com, > > > > to make them aware of the issues linking to the Twitter status blog. > > > > Will you need our IPs again to whitelist them or are you good to go. > > > > Please let me know how I can be of service. > > > > > -Sean > > > > > On Aug 15, 12:37 pm, Sam Street wrote: > > > > > I haven't experienced any downtime or lack of connectivity so far. > > > > > > On Aug 15, 7:16 pm, dougw wrote: > > > > > > > Looks like I forgot the link to the status blog. > > > > > > > [1] > > > >http://status.twitter.com/post/163603406/working-on-unexpected-downtime > > > > > > > Thanks, > > > > > > Doug > > > > > > > On Aug 15, 11:08 am, Doug Williams wrote: > > > > > > > > Hi all --If you have been monitoring our status blog [1] or been > > > > > > > to > > > > > > > Twitter.com today you have noticed that we are once again > > > > experiencing > > > > > > > problems due to external causes. The issues causing the downtime > > > > require > > > > > > > that we once again take measures to bring the site back online. > > > > > > > > The first step our operations team must take will likely cause API > > > > downtime, > > > > > > > especially affecting OAuth. We apologize for the inconvenience > > > > > > > and we > > > > will > > > > > > > work quickly to reduce the impact to the API. We appreciate your > > > > patience > > > > > > > and I will update you as soon as we know more. > > > > > > > > Thanks, > > > > > > > Doug
[twitter-dev] Re: Platform downtime is expected
I agree. Its hard to convince people to use twitter API if it goes down for days and that too this frequently :( On Aug 16, 4:35 pm, Dewald Pretorius wrote: > From my side, it looks as if Operations are once again not allowing > volume white-listed API traffic through the defenses. > > It's almost as if last weekend did not happen, and no lessons were > learned from it. > > I am not once again going to throw my toys out of the cot. It was only > on Friday that I found my favorite rubber duck underneath my mom's > bed. > > Dewald > > PS. Please ask them to fix it ASAP. The way things are going now, it > is neither easy, nor attractive to provide services that use the > Twitter API.
[twitter-dev] Re: If my site was being rate limited, would I get this error? "Error #110: Connection timed out"
Even i think its something to do with twitter's side, may be they are
blocking your IP. Wait for several hours or a day and then try again.
When you are rate-limited, you get a message like:
"You have been rate limited. Enhance your calm."
On Aug 16, 10:53 pm, Josh Roesslein wrote:
> Most likely its probably just a temporary issue going on with twitter's
> servers.
> It will probably clear up on its own once twitter becomes stable again.
>
>
>
> On Sun, Aug 16, 2009 at 9:35 PM, mapes911 wrote:
>
> > Hi all,
>
> > We are developing a social network and part of the functionality is to
> > allow the user to enter their twitter user name and display their
> > public twitter feed on their profile.
>
> > I am using Zend Framework and until recently, our testing was working
> > just fine. A user could simply enter their user name and we would
> > retrieve and display their timeline.
>
> > Now, we are getting a connection timeout Error #110: Connection timed
> > out
> > Is this possibly because we are being rate limited? I doubt it because
> > we have no users yet.. just our own internal testing.. but I can't see
> > why this would just stop working.
>
> > This is the line of code we are using
>
> > $client = new Zend_Http_Client('http://twitter.com/statuses/
> > user_timeline.json?screen_name='
> > . $user-
> > >twitter_id .'&count=50&page=1');
> > $response = $client->request();
>
> > So we're basically just retrieving a json feed.
>
> > Any ideas?
> > Thanks in advance
>
> --
> Josh
[twitter-dev] Twitter seems to be ignoring since_id parameter for friends timeline (max_id is fine; just the since_id is the problem)
The below call tries to get twitter post since: 2176149991981057 but I get the tweets for the first page. max_id is fine but just the since_id is the problem. Am I missing something? https://twitter.com/statuses/friends_timeline.json?count=100&oauth_consumer_key=[removed]&oauth_nonce=[removed]&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1289425367&oauth_token=[removed]&oauth_version=1.0&since_id=2176149991981057&oauth_signature=[removed] [First page] Top Twitter post ID: 2474929752645632 BottomTwitter post ID: 2376727787470848 Going to older 2nd page: max_id 2376727787470848 [2nd page] 2375603508477952 2176623264665600 Going to older 3rd page: max_id 2176623264665600 [3rd page] 2176149991981056 2056617872859136 Going back to 3rd page: NEWER since_id 2176149991981056 BELOW list of msgs is same as first-page's list--- 2474929752645632 2376727787470848 -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
[twitter-dev] Re: Twitter seems to be ignoring since_id parameter for friends timeline (max_id is fine; just the since_id is the problem)
anyone? I have even updated my app to use headers. Now, I only send since_id=Id_of_last_tweet_of_previous_page but still it gets ignored. https://twitter.com/statuses/friends_timeline.json?count=100&since_id= On Nov 10, 1:55 pm, goodtest wrote: > The below call tries to get twitter post since: 2176149991981057 but I > get the tweets for the first page. max_id is fine but just the > since_id is the problem. Am I missing something? > > https://twitter.com/statuses/friends_timeline.json?count=100&oauth_co...[removed]&oauth_nonce=[removed]&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1289425367&oauth_token=[removed]&oauth_version=1.0&since_id=2176149991981057&oauth_signature=[removed] > > [First page] > Top Twitter post ID: 2474929752645632 > BottomTwitter post ID: 2376727787470848 > > Going to older 2nd page: max_id 2376727787470848 > > [2nd page] > 2375603508477952 > 2176623264665600 > > Going to older 3rd page: max_id 2176623264665600 > > [3rd page] > 2176149991981056 > 2056617872859136 > > Going back to 3rd page: NEWER since_id 2176149991981056 > BELOW list of > msgs is same as first-page's list--- > > 2474929752645632 > 2376727787470848 -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
[twitter-dev] Rate limit exceeded. Clients may not make more than 75 requests per hour.
We make only about 20-25 requests per hour. We didnt have any problems until today morning. And all of a sudden I am seeing "Rate limit exceeded. Clients may not make more than 75 requests per hour." This is Zimbra Collaboration Suite's Social Zimlet.
[twitter-dev] Re: Seeing weird, malformed HTTP responses? We're on it.
+1 On Jul 19, 9:25 pm, Cameron Kaiser wrote: > > Any update on these messed up responses? I'm currently seeing users/ > > lookup.json responses get truncated if I request more than a small > > number of users. > > Ditto for direct_messages.json, although the main timeline is a bit better. > > -- > personal:http://www.cameronkaiser.com/-- > Cameron Kaiser * Floodgap Systems *www.floodgap.com* ckai...@floodgap.com > -- When you don't know what you're doing, do it neatly. > ---
