[twitter-dev] Re: oauth/request_token issue - 401 unauthorized
OK, finally I got my code to work. The problem was in how I registered application on Twitter, and not in my code. 1) Register application as a "Browser", not as a "Client" one; 2) Register callback URL used in application. Can't think of any reason first setting differs in meaning from other OAuth-authenticated resources, and wish second issue was described somewhere in documentation, or at least some descriptive debug information was returned in HTTP response instead of plain "Failed to validate oauth signature and token", which is not a case. Best regards, Ivan On Jul 27, 8:23 pm, ivan_m5 wrote: > Hi everybody, > > I have my own Objective-C OAuth library. It's working pretty well for > habrahabr.ru and hyves.nl currently. > But I'm unable to get it work with Twitter. > I've come across a lot of postings around here regarding users unable > to obtain temporary request token. > > I've validated my request > athttp://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iv-signin... > and signature is calculated OK. > > Here's my POST data (adapted so that I can validate request at the > page above): > > POSThttps://api.twitter.com/oauth/request_token?force_login=true&oauth_ca... > consumer_secret="T5GW1wAGewlFY9CIyYXmYvGApQQHM3cez20Risxc" > base_string=POST&https%3A%2F%2Fapi.twitter.com%2Foauth > %2Frequest_token&force_login%3Dtrue%26oauth_callback%3Dhttp%253A%252F > %252Flocalhost%252Fx-oauth-mobile-success%252F%26oauth_consumer_key > %3Dg4kGtt9OflmGNGfEPQAaw%26oauth_nonce > %3D37071428662683%26oauth_signature_method%3DHMAC- > SHA1%26oauth_timestamp%3D1280250833%26oauth_token%3D%26oauth_version > %3D1.0 > DIGEST=eZg+qEBXeFDSfFq6Chxyt9/3pvU= > > And the header: > Authorization: OAuth realm="https://api.twitter.com/oauth/ > request_token", oauth_consumer_key="g4kGtt9OflmGNGfEPQAaw", > oauth_token="", oauth_signature_method="HMAC-SHA1", > oauth_timestamp="1280250833", oauth_nonce="37071428662683", > oauth_version="1.0", oauth_signature="eZg%2BqEBXeFDSfFq6Chxyt9%2F3pvU > %3D" > > And the response is: > = > 401 unauthorized > Server=hi > Vary=Accept-Encoding > Last-Modified=Tue, 27 Jul 2010 17:15:31 GMT > Cache-Control=no-cache, no-store, must-revalidate, pre-check=0, post- > check=0 > X-Revision=DEV > Status=401 Unauthorized > Date=Tue, 27 Jul 2010 17:15:31 GMT > Expires=Tue, 31 Mar 1981 05:00:00 GMT > Pragma=no-cache > X-Runtime=0.00686 > X-Transaction=1280250931-50619-29066 > Set- > Cookie=_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCNrj5hQqASIKZmxhc2hJQzonQWN0aW9uQ29u > %250AdHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7ADoHaWQiJWUx > %250ANTY3YmQ0MTdmOGY3ZDQxMWY1NDNjNDIzOThmNDRl-- > eeba367f81559ae97d63fddfa8df09251ceab44f; domain=.twitter.com; path=/ > Content-Encoding=gzip > Content-Length=62 > Content-Type=text/html; charset=utf-8 > Connection=close > > Failed to validate oauth signature and token > = > > Are there issues on server-side? Thanks in advance.
[twitter-dev] Re: oauth/request_token issue - 401 unauthorized
Hi Taylor, thanks for your reply. 1) No, clock is pretty much synced. I've come across this advice already and checked it in first place: my oauth_timestamp is "1280250833" and the server responds with header X- Transaction=1280250931-50619-29066 which I suppose includes server-side clock. The difference is 100 ms. 2) Twitter documentation states that either GET or POST is supported, HTTPS or HTTP. I tried every combination (always matching with OAuth base string generation). Tried to set Content-Type header to "application/x-www-form- urlencoded" or "text/plain" or leave it empty. POST body is empty all the times, Content-Length is 0. 3) This same code works fine for two other OAuth-authenticated resources. 4) I received an email response to this posting that other people started to receive this error in their existing applications a day or two ago. Best regards, Ivan. On Jul 28, 5:35 pm, Taylor Singletary wrote: > Hi Ivan, > > Everything is working server side, but OAuth is a picky beast sometimes. > > That your signature generation is repeatedly valid is great. You can dismiss > that from the list of things that can go wrong. > > What else could go wrong? > * Your system clock could be considerably behind or ahead of our servers. > We return the current time in a response header to every request. Take that > time, compare it to the clock on your computer and adjust as needed. > * Some other problem with how your request is being issued and sent. Are > you setting a Content-Type header of application/x-www-form-urlencoded? Do > you have any linebreaks in your HTTP header? Are you really sending a POST? > Are you sending any kind of a POST body with the request? > > Taylor > > On Tue, Jul 27, 2010 at 2:28 PM, ivan_m5 wrote: > > OK, I just substituted sample OAuth parameters found here > >http://dev.twitter.com/pages/auth > > to my application, and I get exactly the same oauth_signature string: > > > key=MCD8BKwGdgPHvAuvgvz4EQpqDAtx89grbuNMRd7Eh98& > > text=POST&https%3A%2F%2Fapi.twitter.com%2Foauth > > %2Frequest_token&oauth_callback%3Dhttp%253A%252F%252Flocalhost > > %253A3005%252Fthe_dance%252Fprocess_callback%253Fservice_provider_id > > %253D11%26oauth_consumer_key%3DGDdmIQH6jhtmLUypg82g%26oauth_nonce > > %3DQP70eNmVz8jvdPevU3oJD2AfF7R7odC2XJcn4XlZJqk%26oauth_signature_method > > %3DHMAC-SHA1%26oauth_timestamp%3D1272323042%26oauth_version%3D1.0 > > DIGEST=8wUi7m5HFQy76nowoCThusfgB+Q= > > > POSThttps://api.twitter.com/oauth/request_token > > Authorization: OAuth realm="https://api.twitter.com/oauth/ > > request_token", > > oauth_consumer_key="GDdmIQH6jhtmLUypg82g", > > oauth_signature_method="HMAC-SHA1", > > oauth_timestamp="1272323042", > > oauth_nonce="QP70eNmVz8jvdPevU3oJD2AfF7R7odC2XJcn4XlZJqk", > > oauth_version="1.0", > > oauth_callback="http%3A%2F%2Flocalhost%3A3005%2Fthe_dance > > %2Fprocess_callback%3Fservice_provider_id%3D11", > > oauth_signature="8wUi7m5HFQy76nowoCThusfgB%2BQ%3D" > > > And the response: > > 401 unauthorized > > X-Transaction=1280265543-37398-24961 > > Failed to validate oauth signature and token > > > So I calculate oauth_signature correctly. > > > Could anyone please confirm everything is fine on server side? > > > Thank you very much. > > > On Jul 27, 9:14 pm, ivan_m5 wrote: > > > Hi Taylor, > > > Thank you for your prompt reply. > > > Yes, I'm typically not sending oauth_callback in query string. I > > > adapted my example so that it produces exactly the same digest string > > > as tool on hueniverse.com site does. > > > If I remove these parameters from query string and add oauth_callback > > > to Authorization header, > > > then the request looks like: > > > > key=T5GW1w.ez20Risxc& > > > text=POST&https%3A%2F%2Fapi.twitter.com%2Foauth > > > %2Frequest_token&oauth_callback%3Dhttp%253A%252F%252Flocalhost%252Fx- > > > oauth-mobile-success%252F%26oauth_consumer_key%3Dg4kGtt9OflmGNGfEPQAaw > > > %26oauth_nonce%3D9373543318877%26oauth_signature_method%3DHMAC- > > > SHA1%26oauth_timestamp%3D1280253286%26oauth_version%3D1.0 > > > DIGEST=LXjNC7POr5UvNJkGY1n0kT0eoxI= > > > > POSThttps://api.twitter.com/oauth/request_token > > > Authorization: OAuth realm="https://api.twitter.com/oauth/ > > > request_token", oauth_consumer_key="g4kGtt9OflmGNGfEPQAaw", > > > oauth_signature_method=&
[twitter-dev] Re: oauth/request_token issue - 401 unauthorized
OK, I just substituted sample OAuth parameters found here http://dev.twitter.com/pages/auth to my application, and I get exactly the same oauth_signature string: key=MCD8BKwGdgPHvAuvgvz4EQpqDAtx89grbuNMRd7Eh98& text=POST&https%3A%2F%2Fapi.twitter.com%2Foauth %2Frequest_token&oauth_callback%3Dhttp%253A%252F%252Flocalhost %253A3005%252Fthe_dance%252Fprocess_callback%253Fservice_provider_id %253D11%26oauth_consumer_key%3DGDdmIQH6jhtmLUypg82g%26oauth_nonce %3DQP70eNmVz8jvdPevU3oJD2AfF7R7odC2XJcn4XlZJqk%26oauth_signature_method %3DHMAC-SHA1%26oauth_timestamp%3D1272323042%26oauth_version%3D1.0 DIGEST=8wUi7m5HFQy76nowoCThusfgB+Q= POST https://api.twitter.com/oauth/request_token Authorization: OAuth realm="https://api.twitter.com/oauth/ request_token", oauth_consumer_key="GDdmIQH6jhtmLUypg82g", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1272323042", oauth_nonce="QP70eNmVz8jvdPevU3oJD2AfF7R7odC2XJcn4XlZJqk", oauth_version="1.0", oauth_callback="http%3A%2F%2Flocalhost%3A3005%2Fthe_dance %2Fprocess_callback%3Fservice_provider_id%3D11", oauth_signature="8wUi7m5HFQy76nowoCThusfgB%2BQ%3D" And the response: 401 unauthorized X-Transaction=1280265543-37398-24961 Failed to validate oauth signature and token So I calculate oauth_signature correctly. Could anyone please confirm everything is fine on server side? Thank you very much. On Jul 27, 9:14 pm, ivan_m5 wrote: > Hi Taylor, > Thank you for your prompt reply. > Yes, I'm typically not sending oauth_callback in query string. I > adapted my example so that it produces exactly the same digest string > as tool on hueniverse.com site does. > If I remove these parameters from query string and add oauth_callback > to Authorization header, > then the request looks like: > > key=T5GW1w.ez20Risxc& > text=POST&https%3A%2F%2Fapi.twitter.com%2Foauth > %2Frequest_token&oauth_callback%3Dhttp%253A%252F%252Flocalhost%252Fx- > oauth-mobile-success%252F%26oauth_consumer_key%3Dg4kGtt9OflmGNGfEPQAaw > %26oauth_nonce%3D9373543318877%26oauth_signature_method%3DHMAC- > SHA1%26oauth_timestamp%3D1280253286%26oauth_version%3D1.0 > DIGEST=LXjNC7POr5UvNJkGY1n0kT0eoxI= > > POSThttps://api.twitter.com/oauth/request_token > Authorization: OAuth realm="https://api.twitter.com/oauth/ > request_token", oauth_consumer_key="g4kGtt9OflmGNGfEPQAaw", > oauth_signature_method="HMAC-SHA1", oauth_timestamp="1280253286", > oauth_nonce="9373543318877", oauth_version="1.0", oauth_callback="http > %3A%2F%2Flocalhost%2Fx-oauth-mobile-success%2F", > oauth_signature="LXjNC7POr5UvNJkGY1n0kT0eoxI%3D" > > but the the response is still > 401 unauthorized > X-Transaction=1280253382-1460-49113 > Failed to validate oauth signature and token > > (I'm using temporary application and will reset its consumer secret > key shortly, so no need to worry. I'm just trying to provide as much > data as possible so that request could be validated if this could help > solving issue) > > Any ideas? > Are there working Twitter apps currently which use OAuth? > > Thanks a lot! > > On Jul 27, 8:30 pm, Taylor Singletary > wrote: > > > Hi Ivan, > > > With OAuth you have to choose either to use header-based auth or > > query-string auth. Here you're doing both simultaneously. Your POST to > > api.twitter.com/oauth/request_token shouldn't include any of the oauth_* > > parameters. Also worth noting that the force_login=true parameter does not > > apply to the request token step and should be omitted. > > > Hope this helps, > > Taylor > > > On Tue, Jul 27, 2010 at 10:23 AM, ivan_m5 wrote: > > > Hi everybody, > > > > I have my own Objective-C OAuth library. It's working pretty well for > > > habrahabr.ru and hyves.nl currently. > > > But I'm unable to get it work with Twitter. > > > I've come across a lot of postings around here regarding users unable > > > to obtain temporary request token. > > > > I've validated my request at > > >http://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iv-signin... > > > and signature is calculated OK. > > > > Here's my POST data (adapted so that I can validate request at the > > > page above): > > > > POST > > >https://api.twitter.com/oauth/request_token?force_login=true&oauth_ca... > > > consumer_secret="T5GW1wAGewlFY9CIyYXmYvGApQQHM3cez20Risxc" > > > base_string=POST&https%3A%2F%2Fapi.twitter.com%2Foa
[twitter-dev] Re: oauth/request_token issue - 401 unauthorized
I would just greatly appreciate if anyone could post here complete request which authenticates on Twitter. BTW, some sites (e.g., habrahabr.ru or hyves.nl mentioned above) print some useful debug info in their response if authentication fails. E.g., they first dump unescaped parameters they receive in Authorization header, and then print "expected digest value=%@". This greatly helps debugging new applications. Would be great if Twitter will do the same. Thanks! On Jul 27, 8:23 pm, ivan_m5 wrote: > Hi everybody, > > I have my own Objective-C OAuth library. It's working pretty well for > habrahabr.ru and hyves.nl currently. > But I'm unable to get it work with Twitter. > I've come across a lot of postings around here regarding users unable > to obtain temporary request token. > > I've validated my request > athttp://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iv-signin... > and signature is calculated OK. > > Here's my POST data (adapted so that I can validate request at the > page above): > > POSThttps://api.twitter.com/oauth/request_token?force_login=true&oauth_ca... > consumer_secret="T5GW1wAGewlFY9CIyYXmYvGApQQHM3cez20Risxc" > base_string=POST&https%3A%2F%2Fapi.twitter.com%2Foauth > %2Frequest_token&force_login%3Dtrue%26oauth_callback%3Dhttp%253A%252F > %252Flocalhost%252Fx-oauth-mobile-success%252F%26oauth_consumer_key > %3Dg4kGtt9OflmGNGfEPQAaw%26oauth_nonce > %3D37071428662683%26oauth_signature_method%3DHMAC- > SHA1%26oauth_timestamp%3D1280250833%26oauth_token%3D%26oauth_version > %3D1.0 > DIGEST=eZg+qEBXeFDSfFq6Chxyt9/3pvU= > > And the header: > Authorization: OAuth realm="https://api.twitter.com/oauth/ > request_token", oauth_consumer_key="g4kGtt9OflmGNGfEPQAaw", > oauth_token="", oauth_signature_method="HMAC-SHA1", > oauth_timestamp="1280250833", oauth_nonce="37071428662683", > oauth_version="1.0", oauth_signature="eZg%2BqEBXeFDSfFq6Chxyt9%2F3pvU > %3D" > > And the response is: > = > 401 unauthorized > Server=hi > Vary=Accept-Encoding > Last-Modified=Tue, 27 Jul 2010 17:15:31 GMT > Cache-Control=no-cache, no-store, must-revalidate, pre-check=0, post- > check=0 > X-Revision=DEV > Status=401 Unauthorized > Date=Tue, 27 Jul 2010 17:15:31 GMT > Expires=Tue, 31 Mar 1981 05:00:00 GMT > Pragma=no-cache > X-Runtime=0.00686 > X-Transaction=1280250931-50619-29066 > Set- > Cookie=_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCNrj5hQqASIKZmxhc2hJQzonQWN0aW9uQ29u > %250AdHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7ADoHaWQiJWUx > %250ANTY3YmQ0MTdmOGY3ZDQxMWY1NDNjNDIzOThmNDRl-- > eeba367f81559ae97d63fddfa8df09251ceab44f; domain=.twitter.com; path=/ > Content-Encoding=gzip > Content-Length=62 > Content-Type=text/html; charset=utf-8 > Connection=close > > Failed to validate oauth signature and token > = > > Are there issues on server-side? Thanks in advance.
[twitter-dev] Re: oauth/request_token issue - 401 unauthorized
Hi Taylor, Thank you for your prompt reply. Yes, I'm typically not sending oauth_callback in query string. I adapted my example so that it produces exactly the same digest string as tool on hueniverse.com site does. If I remove these parameters from query string and add oauth_callback to Authorization header, then the request looks like: key=T5GW1w.ez20Risxc& text=POST&https%3A%2F%2Fapi.twitter.com%2Foauth %2Frequest_token&oauth_callback%3Dhttp%253A%252F%252Flocalhost%252Fx- oauth-mobile-success%252F%26oauth_consumer_key%3Dg4kGtt9OflmGNGfEPQAaw %26oauth_nonce%3D9373543318877%26oauth_signature_method%3DHMAC- SHA1%26oauth_timestamp%3D1280253286%26oauth_version%3D1.0 DIGEST=LXjNC7POr5UvNJkGY1n0kT0eoxI= POST https://api.twitter.com/oauth/request_token Authorization: OAuth realm="https://api.twitter.com/oauth/ request_token", oauth_consumer_key="g4kGtt9OflmGNGfEPQAaw", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1280253286", oauth_nonce="9373543318877", oauth_version="1.0", oauth_callback="http %3A%2F%2Flocalhost%2Fx-oauth-mobile-success%2F", oauth_signature="LXjNC7POr5UvNJkGY1n0kT0eoxI%3D" but the the response is still 401 unauthorized X-Transaction=1280253382-1460-49113 Failed to validate oauth signature and token (I'm using temporary application and will reset its consumer secret key shortly, so no need to worry. I'm just trying to provide as much data as possible so that request could be validated if this could help solving issue) Any ideas? Are there working Twitter apps currently which use OAuth? Thanks a lot! On Jul 27, 8:30 pm, Taylor Singletary wrote: > Hi Ivan, > > With OAuth you have to choose either to use header-based auth or > query-string auth. Here you're doing both simultaneously. Your POST to > api.twitter.com/oauth/request_token shouldn't include any of the oauth_* > parameters. Also worth noting that the force_login=true parameter does not > apply to the request token step and should be omitted. > > Hope this helps, > Taylor > > On Tue, Jul 27, 2010 at 10:23 AM, ivan_m5 wrote: > > Hi everybody, > > > I have my own Objective-C OAuth library. It's working pretty well for > > habrahabr.ru and hyves.nl currently. > > But I'm unable to get it work with Twitter. > > I've come across a lot of postings around here regarding users unable > > to obtain temporary request token. > > > I've validated my request at > >http://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iv-signin... > > and signature is calculated OK. > > > Here's my POST data (adapted so that I can validate request at the > > page above): > > > POST > >https://api.twitter.com/oauth/request_token?force_login=true&oauth_ca... > > consumer_secret="T5GW1wAGewlFY9CIyYXmYvGApQQHM3cez20Risxc" > > base_string=POST&https%3A%2F%2Fapi.twitter.com%2Foauth > > %2Frequest_token&force_login%3Dtrue%26oauth_callback%3Dhttp%253A%252F > > %252Flocalhost%252Fx-oauth-mobile-success%252F%26oauth_consumer_key > > %3Dg4kGtt9OflmGNGfEPQAaw%26oauth_nonce > > %3D37071428662683%26oauth_signature_method%3DHMAC- > > SHA1%26oauth_timestamp%3D1280250833%26oauth_token%3D%26oauth_version > > %3D1.0 > > DIGEST=eZg+qEBXeFDSfFq6Chxyt9/3pvU= > > > And the header: > > Authorization: OAuth realm="https://api.twitter.com/oauth/ > > request_token", oauth_consumer_key="g4kGtt9OflmGNGfEPQAaw", > > oauth_token="", oauth_signature_method="HMAC-SHA1", > > oauth_timestamp="1280250833", oauth_nonce="37071428662683", > > oauth_version="1.0", oauth_signature="eZg%2BqEBXeFDSfFq6Chxyt9%2F3pvU > > %3D" > > > And the response is: > > = > > 401 unauthorized > > Server=hi > > Vary=Accept-Encoding > > Last-Modified=Tue, 27 Jul 2010 17:15:31 GMT > > Cache-Control=no-cache, no-store, must-revalidate, pre-check=0, post- > > check=0 > > X-Revision=DEV > > Status=401 Unauthorized > > Date=Tue, 27 Jul 2010 17:15:31 GMT > > Expires=Tue, 31 Mar 1981 05:00:00 GMT > > Pragma=no-cache > > X-Runtime=0.00686 > > X-Transaction=1280250931-50619-29066 > > Set- > > > Cookie=_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCNrj5hQqASIKZmxhc2hJQzonQWN0aW9uQ29u > > %250AdHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7ADoHaWQiJWUx > > %250ANTY3YmQ0MTdmOGY3ZDQxMWY1NDNjNDIzOThmNDRl-- > > eeba367f81559ae97d63fddfa8df09251ceab44f; domain=.twitter.com; path=/ > > Content-Encoding=gzip > > Content-Length=62 > > Content-Type=text/html; charset=utf-8 > > Connection=close > > > Failed to validate oauth signature and token > > = > > > Are there issues on server-side? Thanks in advance. > >
[twitter-dev] oauth/request_token issue - 401 unauthorized
Hi everybody, I have my own Objective-C OAuth library. It's working pretty well for habrahabr.ru and hyves.nl currently. But I'm unable to get it work with Twitter. I've come across a lot of postings around here regarding users unable to obtain temporary request token. I've validated my request at http://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iv-signing-requests/ and signature is calculated OK. Here's my POST data (adapted so that I can validate request at the page above): POST https://api.twitter.com/oauth/request_token?force_login=true&oauth_callback=http%3A//localhost/x-oauth-mobile-success/ consumer_secret="T5GW1wAGewlFY9CIyYXmYvGApQQHM3cez20Risxc" base_string=POST&https%3A%2F%2Fapi.twitter.com%2Foauth %2Frequest_token&force_login%3Dtrue%26oauth_callback%3Dhttp%253A%252F %252Flocalhost%252Fx-oauth-mobile-success%252F%26oauth_consumer_key %3Dg4kGtt9OflmGNGfEPQAaw%26oauth_nonce %3D37071428662683%26oauth_signature_method%3DHMAC- SHA1%26oauth_timestamp%3D1280250833%26oauth_token%3D%26oauth_version %3D1.0 DIGEST=eZg+qEBXeFDSfFq6Chxyt9/3pvU= And the header: Authorization: OAuth realm="https://api.twitter.com/oauth/ request_token", oauth_consumer_key="g4kGtt9OflmGNGfEPQAaw", oauth_token="", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1280250833", oauth_nonce="37071428662683", oauth_version="1.0", oauth_signature="eZg%2BqEBXeFDSfFq6Chxyt9%2F3pvU %3D" And the response is: = 401 unauthorized Server=hi Vary=Accept-Encoding Last-Modified=Tue, 27 Jul 2010 17:15:31 GMT Cache-Control=no-cache, no-store, must-revalidate, pre-check=0, post- check=0 X-Revision=DEV Status=401 Unauthorized Date=Tue, 27 Jul 2010 17:15:31 GMT Expires=Tue, 31 Mar 1981 05:00:00 GMT Pragma=no-cache X-Runtime=0.00686 X-Transaction=1280250931-50619-29066 Set- Cookie=_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCNrj5hQqASIKZmxhc2hJQzonQWN0aW9uQ29u %250AdHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7ADoHaWQiJWUx %250ANTY3YmQ0MTdmOGY3ZDQxMWY1NDNjNDIzOThmNDRl-- eeba367f81559ae97d63fddfa8df09251ceab44f; domain=.twitter.com; path=/ Content-Encoding=gzip Content-Length=62 Content-Type=text/html; charset=utf-8 Connection=close Failed to validate oauth signature and token = Are there issues on server-side? Thanks in advance.