[twitter-dev] Re: Failed to validate oauth signature and token using python/django libs

2009-07-13 Thread Blaine Garrett 

Update: It works now. Thanks to everyone who tried to help me diagnose
the issue.

Today, Hedley posted about the system being off can cause the request
token to fail. This was my exact problem it turns out.
http://groups.google.com/group/twitter-development-talk/browse_thread/thread/aadee92bc5c34f29?pli=1

Thanks again!
~Blaine


On Jul 9, 10:57 pm, JDG ghil...@gmail.com wrote:
 No. According to the oauth spec, your signature key is always
 consumer_secrettoken_secret, even if token_secret is empty, so when you
 first call request_token, your key will be consumer_secret

 On Thu, Jul 9, 2009 at 21:24, Blaine Garrett bla...@blainegarrett.comwrote:





  Hi,

  Thanks for the  quick reply Matt. Below is a recap of the setup with a
  bit more clarity as well as the keys, url, and pre-encoded data.
  Hopefully this sheds some light on the issue. I also tried the PHP lib
  someone recommended with the same results - i.e 401 error. So again, I
  am thinking it is something external to the Django setup - be it on
  either end of the requests.

  Thanks again!
  Blaine

  

  1. Url I am trying to call the twitter API:
 http://articulture.blainegarrett.com/signin/

  2. View Code being called:
  [python_code]
  def signin(request):
     from acsite.people import oauthtwitter
     import acsite.settings as settings

     # Step 1: Create an anonymous twitter oauth consumer
     oauth_consumer = oauthtwitter.OAuthApi('Vx43QEmSCP1whLq1OSPg',
  'MY_SECRET_KEY') # Blaine's Personal Dev Site keys

     # Step 2: Fetch Request Token From Twitter
     request_token = oauth_consumer.getRequestToken() # In here I get
  the 401 error
     raise Exception(request_token) # Never gets here
  [/python_code]

  3: I installed fresh copies:
  python-twitter :http://code.google.com/p/python-twitter/
  oauth-python-twitterhttp://code.google.com/p/python-twitter/%0Aoauth-python-twitter:
 http://code.google.com/p/oauth-python-twitter/
  oauth :http://oauth.googlecode.com/svn/code/python/oauth/oauth.py

  In the oauth.py, I changed the line 36:
  SIGNATURE_METHOD = 'HMAC-SHA1'

  4. With no other changes, I get: the urllib2 exception: HTTPError at /
  signin/ HTTP Error 401: Unauthorized
  5. When I wrap the url opener code in oauthtwitter.py on approx line
  102 in:
  try:
     url_data = opener.open(url).read()
  except urllib2.HTTPError, e:
     raise Exception('GET REQUEST VERSION : Unable to connect to the
  oAuth Service. Code: %s  - Url: %s : Content - %s' % (e.code, e.url,
  e.msg))

  I get the exception:
  GET REQUEST VERSION: Unable to connect to the oAuth Service. Code:
  401  - Url:

 https://twitter.com/oauth/request_token?oauth_nonce=51064775oauth_ti...
  : Content - Unauthorized

  6. Trying again with a new request, adding an exception of the key,raw
  returned from build_signature_base_string in build_signature in
  oauth.py line 563, I get:
  key=MY_SECRET_KEY, raw: GEThttps%3A%2F%2Ftwitter.com%2Foauth
  %2Frequest_tokenoauth_consumer_key%3DVx43QEmSCP1whLq1OSPg
  %26oauth_nonce%3D59181510%26oauth_signature_method%3DHMAC-
  SHA1%26oauth_timestamp%3D1247173659%26oauth_version%3D1.0

  Note trailing ampersand on the key returned. Could this be a query
  string artifact?

  On Jul 6, 10:59 am, Matt Sanford m...@twitter.com wrote:
   Hi Blaine,

        Failing the validate the signature when getting a request token
   is pretty rare. As you said the fact this all works from other
   libraries seems to point to a library issue. The most helpful things
   to see in these cases are:

     • The actual HTTP request and response that fails. By seeing the URL
   requested I can try and recreate the signature and find the mismatch.
     • The signature base string used to create the oauth_signature
   parameter. This usually requires adding some print statements to the
   oauth library you're using but can be really helpful.

        If you can send the HTTP request and response (headers and
   bodies) that will be a good start. If you're not sure how to get them
   from your library I recommend using a debugging proxy like Charles [1].

   Thanks;
     – Matt Sanford / @mzsanford
         Twitter Dev

   [1] -http://www.charlesproxy.com/

   On Jul 3, 2009, at 2:10 PM, Blaine Garrett wrote:

Hi,

I get the 401:Unauthorized Error every time I attempt to get a request
token. When I attempt to go to the URL directly in the browser (not
yet accessed to preserve nonce) I get a body of Failed to validate
oauth signature and token.

I am using the Leah's oauth client listed athttp://oauth.net/code
as well as the python-twitter (0.7-devel) and oauth-python-twitter
(v0.1)

I was able to get these same libraries to work on a different project
but not on the current one I am working on.
I have refreshed my tokens numerous times and also tried the working
ones from the other project. I also tried the tokens from this project
on the other project that was working and that WORKED.

[twitter-dev] Re: Failed to validate oauth signature and token using python/django libs

2009-07-09 Thread Blaine Garrett 

Hi,

Thanks for the  quick reply Matt. Below is a recap of the setup with a
bit more clarity as well as the keys, url, and pre-encoded data.
Hopefully this sheds some light on the issue. I also tried the PHP lib
someone recommended with the same results - i.e 401 error. So again, I
am thinking it is something external to the Django setup - be it on
either end of the requests.

Thanks again!
Blaine




1. Url I am trying to call the twitter API:
http://articulture.blainegarrett.com/signin/

2. View Code being called:
[python_code]
def signin(request):
from acsite.people import oauthtwitter
import acsite.settings as settings

# Step 1: Create an anonymous twitter oauth consumer
oauth_consumer = oauthtwitter.OAuthApi('Vx43QEmSCP1whLq1OSPg',
'MY_SECRET_KEY') # Blaine's Personal Dev Site keys

# Step 2: Fetch Request Token From Twitter
request_token = oauth_consumer.getRequestToken() # In here I get
the 401 error
raise Exception(request_token) # Never gets here
[/python_code]

3: I installed fresh copies:
python-twitter : http://code.google.com/p/python-twitter/
oauth-python-twitter : http://code.google.com/p/oauth-python-twitter/
oauth : http://oauth.googlecode.com/svn/code/python/oauth/oauth.py

In the oauth.py, I changed the line 36:
SIGNATURE_METHOD = 'HMAC-SHA1'

4. With no other changes, I get: the urllib2 exception: HTTPError at /
signin/ HTTP Error 401: Unauthorized
5. When I wrap the url opener code in oauthtwitter.py on approx line
102 in:
try:
url_data = opener.open(url).read()
except urllib2.HTTPError, e:
raise Exception('GET REQUEST VERSION : Unable to connect to the
oAuth Service. Code: %s  - Url: %s : Content - %s' % (e.code, e.url,
e.msg))

I get the exception:
GET REQUEST VERSION: Unable to connect to the oAuth Service. Code:
401  - Url:
https://twitter.com/oauth/request_token?oauth_nonce=51064775oauth_timestamp=1247173406oauth_consumer_key=Vx43QEmSCP1whLq1OSPgoauth_signature_method=HMAC-SHA1oauth_version=1.0oauth_signature=4RiqJL0ZpHux77GKZku9FVeyhA8%3D
: Content - Unauthorized

6. Trying again with a new request, adding an exception of the key,raw
returned from build_signature_base_string in build_signature in
oauth.py line 563, I get:
key=MY_SECRET_KEY, raw: GEThttps%3A%2F%2Ftwitter.com%2Foauth
%2Frequest_tokenoauth_consumer_key%3DVx43QEmSCP1whLq1OSPg
%26oauth_nonce%3D59181510%26oauth_signature_method%3DHMAC-
SHA1%26oauth_timestamp%3D1247173659%26oauth_version%3D1.0

Note trailing ampersand on the key returned. Could this be a query
string artifact?



On Jul 6, 10:59 am, Matt Sanford m...@twitter.com wrote:
 Hi Blaine,

      Failing the validate the signature when getting a request token  
 is pretty rare. As you said the fact this all works from other  
 libraries seems to point to a library issue. The most helpful things  
 to see in these cases are:

   • The actual HTTP request and response that fails. By seeing the URL  
 requested I can try and recreate the signature and find the mismatch.
   • The signature base string used to create the oauth_signature  
 parameter. This usually requires adding some print statements to the  
 oauth library you're using but can be really helpful.

      If you can send the HTTP request and response (headers and  
 bodies) that will be a good start. If you're not sure how to get them  
 from your library I recommend using a debugging proxy like Charles [1].

 Thanks;
   – Matt Sanford / @mzsanford
       Twitter Dev

 [1] -http://www.charlesproxy.com/

 On Jul 3, 2009, at 2:10 PM, Blaine Garrett wrote:



  Hi,

  I get the 401:Unauthorized Error every time I attempt to get a request
  token. When I attempt to go to the URL directly in the browser (not
  yet accessed to preserve nonce) I get a body of Failed to validate
  oauth signature and token.

  I am using the Leah's oauth client listed athttp://oauth.net/code
  as well as the python-twitter (0.7-devel) and oauth-python-twitter
  (v0.1)

  I was able to get these same libraries to work on a different project
  but not on the current one I am working on.
  I have refreshed my tokens numerous times and also tried the working
  ones from the other project. I also tried the tokens from this project
  on the other project that was working and that WORKED.

  As such, I am guessing it is an issue with my setup or some other lib
  I am working with.
  Both projects however have Python Versions  2.5.2 and should otherwise
  be the same setups.

  Domain the project is on ishttp://articulture.blainegarrett.comif
  the matters for some odd reason.

  Any thoughts?

  Here is the code I am using to call the libs if it helps:
  oauth_consumer = oauthtwitter.OAuthApi(consumer_token,
  consumer_secret)
  request_token = oauth_consumer.getRequestToken() # httplib exception
  bubbles from within here
  authorization_url = oauth_consumer.getAuthorizationURL(request_token)

  Thank you!
  ~Blaine

  --
  Blaine Garrett
  gchat :  bla...@jrcorps.com
  aim: zombiediv
  y!:

[twitter-dev] Re: Failed to validate oauth signature and token using python/django libs

2009-07-09 Thread JDG 
No. According to the oauth spec, your signature key is always
consumer_secrettoken_secret, even if token_secret is empty, so when you
first call request_token, your key will be consumer_secret

On Thu, Jul 9, 2009 at 21:24, Blaine Garrett bla...@blainegarrett.comwrote:


 Hi,

 Thanks for the  quick reply Matt. Below is a recap of the setup with a
 bit more clarity as well as the keys, url, and pre-encoded data.
 Hopefully this sheds some light on the issue. I also tried the PHP lib
 someone recommended with the same results - i.e 401 error. So again, I
 am thinking it is something external to the Django setup - be it on
 either end of the requests.

 Thanks again!
 Blaine


 

 1. Url I am trying to call the twitter API:
 http://articulture.blainegarrett.com/signin/

 2. View Code being called:
 [python_code]
 def signin(request):
from acsite.people import oauthtwitter
import acsite.settings as settings

# Step 1: Create an anonymous twitter oauth consumer
oauth_consumer = oauthtwitter.OAuthApi('Vx43QEmSCP1whLq1OSPg',
 'MY_SECRET_KEY') # Blaine's Personal Dev Site keys

# Step 2: Fetch Request Token From Twitter
request_token = oauth_consumer.getRequestToken() # In here I get
 the 401 error
raise Exception(request_token) # Never gets here
 [/python_code]

 3: I installed fresh copies:
 python-twitter : http://code.google.com/p/python-twitter/
 oauth-python-twitterhttp://code.google.com/p/python-twitter/%0Aoauth-python-twitter:
 http://code.google.com/p/oauth-python-twitter/
 oauth : http://oauth.googlecode.com/svn/code/python/oauth/oauth.py

 In the oauth.py, I changed the line 36:
 SIGNATURE_METHOD = 'HMAC-SHA1'

 4. With no other changes, I get: the urllib2 exception: HTTPError at /
 signin/ HTTP Error 401: Unauthorized
 5. When I wrap the url opener code in oauthtwitter.py on approx line
 102 in:
 try:
url_data = opener.open(url).read()
 except urllib2.HTTPError, e:
raise Exception('GET REQUEST VERSION : Unable to connect to the
 oAuth Service. Code: %s  - Url: %s : Content - %s' % (e.code, e.url,
 e.msg))

 I get the exception:
 GET REQUEST VERSION: Unable to connect to the oAuth Service. Code:
 401  - Url:

 https://twitter.com/oauth/request_token?oauth_nonce=51064775oauth_timestamp=1247173406oauth_consumer_key=Vx43QEmSCP1whLq1OSPgoauth_signature_method=HMAC-SHA1oauth_version=1.0oauth_signature=4RiqJL0ZpHux77GKZku9FVeyhA8%3D
 : Content - Unauthorized

 6. Trying again with a new request, adding an exception of the key,raw
 returned from build_signature_base_string in build_signature in
 oauth.py line 563, I get:
 key=MY_SECRET_KEY, raw: GEThttps%3A%2F%2Ftwitter.com%2Foauth
 %2Frequest_tokenoauth_consumer_key%3DVx43QEmSCP1whLq1OSPg
 %26oauth_nonce%3D59181510%26oauth_signature_method%3DHMAC-
 SHA1%26oauth_timestamp%3D1247173659%26oauth_version%3D1.0

 Note trailing ampersand on the key returned. Could this be a query
 string artifact?



 On Jul 6, 10:59 am, Matt Sanford m...@twitter.com wrote:
  Hi Blaine,
 
   Failing the validate the signature when getting a request token
  is pretty rare. As you said the fact this all works from other
  libraries seems to point to a library issue. The most helpful things
  to see in these cases are:
 
• The actual HTTP request and response that fails. By seeing the URL
  requested I can try and recreate the signature and find the mismatch.
• The signature base string used to create the oauth_signature
  parameter. This usually requires adding some print statements to the
  oauth library you're using but can be really helpful.
 
   If you can send the HTTP request and response (headers and
  bodies) that will be a good start. If you're not sure how to get them
  from your library I recommend using a debugging proxy like Charles [1].
 
  Thanks;
– Matt Sanford / @mzsanford
Twitter Dev
 
  [1] -http://www.charlesproxy.com/
 
  On Jul 3, 2009, at 2:10 PM, Blaine Garrett wrote:
 
 
 
   Hi,
 
   I get the 401:Unauthorized Error every time I attempt to get a request
   token. When I attempt to go to the URL directly in the browser (not
   yet accessed to preserve nonce) I get a body of Failed to validate
   oauth signature and token.
 
   I am using the Leah's oauth client listed athttp://oauth.net/code
   as well as the python-twitter (0.7-devel) and oauth-python-twitter
   (v0.1)
 
   I was able to get these same libraries to work on a different project
   but not on the current one I am working on.
   I have refreshed my tokens numerous times and also tried the working
   ones from the other project. I also tried the tokens from this project
   on the other project that was working and that WORKED.
 
   As such, I am guessing it is an issue with my setup or some other lib
   I am working with.
   Both projects however have Python Versions  2.5.2 and should otherwise
   be the same setups.
 
   Domain the project is on ishttp://articulture.blainegarrett.comif
   the matters for some odd reason.

[twitter-dev] Re: Failed to validate oauth signature and token using python/django libs

2009-07-06 Thread Matt Sanford 


Hi Blaine,

Failing the validate the signature when getting a request token  
is pretty rare. As you said the fact this all works from other  
libraries seems to point to a library issue. The most helpful things  
to see in these cases are:


 • The actual HTTP request and response that fails. By seeing the URL  
requested I can try and recreate the signature and find the mismatch.
 • The signature base string used to create the oauth_signature  
parameter. This usually requires adding some print statements to the  
oauth library you're using but can be really helpful.


If you can send the HTTP request and response (headers and  
bodies) that will be a good start. If you're not sure how to get them  
from your library I recommend using a debugging proxy like Charles [1].


Thanks;
 – Matt Sanford / @mzsanford
 Twitter Dev

[1] - http://www.charlesproxy.com/

On Jul 3, 2009, at 2:10 PM, Blaine Garrett wrote:



Hi,

I get the 401:Unauthorized Error every time I attempt to get a request
token. When I attempt to go to the URL directly in the browser (not
yet accessed to preserve nonce) I get a body of Failed to validate
oauth signature and token.

I am using the Leah's oauth client listed at http://oauth.net/code
as well as the python-twitter (0.7-devel) and oauth-python-twitter
(v0.1)

I was able to get these same libraries to work on a different project
but not on the current one I am working on.
I have refreshed my tokens numerous times and also tried the working
ones from the other project. I also tried the tokens from this project
on the other project that was working and that WORKED.

As such, I am guessing it is an issue with my setup or some other lib
I am working with.
Both projects however have Python Versions  2.5.2 and should otherwise
be the same setups.

Domain the project is on is http://articulture.blainegarrett.com if
the matters for some odd reason.

Any thoughts?

Here is the code I am using to call the libs if it helps:
oauth_consumer = oauthtwitter.OAuthApi(consumer_token,
consumer_secret)
request_token = oauth_consumer.getRequestToken() # httplib exception
bubbles from within here
authorization_url = oauth_consumer.getAuthorizationURL(request_token)

Thank you!
~Blaine

--
Blaine Garrett
gchat :  bla...@jrcorps.com
aim: zombiediv
y!: zombiediv