[twitter-dev] Re: OAuth singing on BlackBerry
Is twitterapime the only OAuth lib for BB? Anyone is able to use Twitter4J / SignOAuth in BB J2ME? On Aug 7, 5:13 am, David Francisco Tavárez davidftava...@gmail.com wrote: Why don't you use twitterapime? 2010/8/7, BBTweet Media Player bbtweetme...@gmail.com: BB is J2ME but has some quirks that did not allow me to use the library I tired. I am just handling the twitter communication on my own. On Aug 7, 1:01 am, Bess bess...@gmail.com wrote: You need Twitter to approve before you can use xAuth. xAuth is different than OAuth. Can I ask which xAuth library did you use on BB? Is that Java? not J2ME On Aug 6, 1:03 pm, BBTweet Media Player bbtweetme...@gmail.com wrote: WHOOO! I got my first 200 getting an XAuth request token. I think the answer to my question is no, I am not expected to get the same signature the have in the XAuth example but it always the same on my device. My final problem was I was not URL encoding the signature before placing it into the Authorization header. Thanks for all the help here hoping to things moving forward quicker. I spent way to long trying to figure that out. On Aug 6, 2:34 pm, BBTweet Media Player bbtweetme...@gmail.com wrote: Tom, Thanks for the reply. That is what I tried to do here. I used the exact same values presented on the XAuth pagehttp://dev.twitter.com/pages/xauth. Everything was exactly the same upto the point where I ran the HMAC- SHA1 encoding String signature = hmacsha1(signingSecret, baseString); The signature was not the same as the signature the showed in the example. My first question is should it be if I run SHA1 encoding will with the same input should it always return the exact same string (I just do not know much about the encoding)? If it should be the exact same this means that my problem is definitively in the encoding step. If so can anyone see what I might be doing wrong in the signing step... HMACKey k = new HMACKey(key.getBytes()); HMAC hmac = new HMAC(k, new SHA1Digest()); hmac.update(message.getBytes()); byte[] mac = hmac.getMAC(); return Base64OutputStream.encodeAsString(mac, 0, mac.length, false, false); Thanks, Kevin On Aug 6, 10:31 am, Tom allerleiga...@gmail.com wrote: Hi, I don't have a java compiler ready so I can't test your code. The page about xAuth shows all steps between the start and the actual signature. Try reproducing every single one of these values. (Usually you can simply log all steps and then compare the results with the xauth page.) Tom On Aug 6, 2:56 am, BBTweet Media Player bbtweetme...@gmail.com wrote: I am having a really tough time trying to figure out how to sign my OAuth request. I am trying to follow the example athttp://dev.twitter.com/pages/xauth and my signature does not come out the same as it does in the example... I am doing public static void xauth(){ try { String twitter_url=https://api.twitter.com/oauth/ access_token; String oauth_consumer_key = sGNxxnqgZRHUt6NunK3uw; String oauth_consumer_secret = 5kEQypKe7lFHnufLtsocB1vAzO07xLFgp2Pc4sp2vk; String oauth_nonce = WLxsobj4rhS2xmCbaAeT4aAkRfx4vSHX4OnYpTE77hA; String oauth_signature_method = HMAC-SHA1; String oauth_timestamp = 1276101652; String oauth_version = 1.0; String x_auth_mode = client_auth; String x_auth_password = %123!aZ+()456242134; String x_auth_username = tpFriendlyGiant; String postBody = x_auth_mode=+x_auth_mode +x_auth_password=+encodeUTF8(x_auth_password)+ x_auth_username=+encodeUTF8(x_auth_username); String baseString = POST+encodeUTF8(twitter_url)+ oauth_consumer_key%3D+oauth_consumer_key + %26oauth_nonce%3D+oauth_nonce+ %26oauth_signature_method%3D+oauth_signature_method+ %26oauth_timestamp%3D+oauth_timestamp+ %26oauth_version%3D+oauth_version+ %26+encodeUTF8(postBody); String signingSecret = encodeUTF8(oauth_consumer_secret) +; String signature = hmacsha1(signingSecret, baseString); String header = new StringBuffer(OAuth oauth_nonce= \).append(oauth_nonce).append(\, oauth_signature_method=\) .append(oauth_signature_method).append(\, oauth_timestamp=\).append(oauth_timestamp).append(\, oauth_consumer_key=\) .append(oauth_consumer_key).append(\,
[twitter-dev] Re: OAuth singing on BlackBerry
BB is J2ME but has some quirks that did not allow me to use the library I tired. I am just handling the twitter communication on my own. On Aug 7, 1:01 am, Bess bess...@gmail.com wrote: You need Twitter to approve before you can use xAuth. xAuth is different than OAuth. Can I ask which xAuth library did you use on BB? Is that Java? not J2ME On Aug 6, 1:03 pm, BBTweet Media Player bbtweetme...@gmail.com wrote: WHOOO! I got my first 200 getting an XAuth request token. I think the answer to my question is no, I am not expected to get the same signature the have in the XAuth example but it always the same on my device. My final problem was I was not URL encoding the signature before placing it into the Authorization header. Thanks for all the help here hoping to things moving forward quicker. I spent way to long trying to figure that out. On Aug 6, 2:34 pm, BBTweet Media Player bbtweetme...@gmail.com wrote: Tom, Thanks for the reply. That is what I tried to do here. I used the exact same values presented on the XAuth pagehttp://dev.twitter.com/pages/xauth. Everything was exactly the same upto the point where I ran the HMAC- SHA1 encoding String signature = hmacsha1(signingSecret, baseString); The signature was not the same as the signature the showed in the example. My first question is should it be if I run SHA1 encoding will with the same input should it always return the exact same string (I just do not know much about the encoding)? If it should be the exact same this means that my problem is definitively in the encoding step. If so can anyone see what I might be doing wrong in the signing step... HMACKey k = new HMACKey(key.getBytes()); HMAC hmac = new HMAC(k, new SHA1Digest()); hmac.update(message.getBytes()); byte[] mac = hmac.getMAC(); return Base64OutputStream.encodeAsString(mac, 0, mac.length, false, false); Thanks, Kevin On Aug 6, 10:31 am, Tom allerleiga...@gmail.com wrote: Hi, I don't have a java compiler ready so I can't test your code. The page about xAuth shows all steps between the start and the actual signature. Try reproducing every single one of these values. (Usually you can simply log all steps and then compare the results with the xauth page.) Tom On Aug 6, 2:56 am, BBTweet Media Player bbtweetme...@gmail.com wrote: I am having a really tough time trying to figure out how to sign my OAuth request. I am trying to follow the example athttp://dev.twitter.com/pages/xauth and my signature does not come out the same as it does in the example... I am doing public static void xauth(){ try { String twitter_url=https://api.twitter.com/oauth/ access_token; String oauth_consumer_key = sGNxxnqgZRHUt6NunK3uw; String oauth_consumer_secret = 5kEQypKe7lFHnufLtsocB1vAzO07xLFgp2Pc4sp2vk; String oauth_nonce = WLxsobj4rhS2xmCbaAeT4aAkRfx4vSHX4OnYpTE77hA; String oauth_signature_method = HMAC-SHA1; String oauth_timestamp = 1276101652; String oauth_version = 1.0; String x_auth_mode = client_auth; String x_auth_password = %123!aZ+()456242134; String x_auth_username = tpFriendlyGiant; String postBody = x_auth_mode=+x_auth_mode +x_auth_password=+encodeUTF8(x_auth_password)+ x_auth_username=+encodeUTF8(x_auth_username); String baseString = POST+encodeUTF8(twitter_url)+ oauth_consumer_key%3D+oauth_consumer_key + %26oauth_nonce%3D+oauth_nonce+ %26oauth_signature_method%3D+oauth_signature_method+ %26oauth_timestamp%3D+oauth_timestamp+ %26oauth_version%3D+oauth_version+ %26+encodeUTF8(postBody); String signingSecret = encodeUTF8(oauth_consumer_secret) +; String signature = hmacsha1(signingSecret, baseString); String header = new StringBuffer(OAuth oauth_nonce= \).append(oauth_nonce).append(\, oauth_signature_method=\) .append(oauth_signature_method).append(\, oauth_timestamp=\).append(oauth_timestamp).append(\, oauth_consumer_key=\) .append(oauth_consumer_key).append(\, oauth_signature=\).append(signature).append(\, oauth_version=\) .append(oauth_version).append(\).toString(); System.out.println(Header = + header); } catch (CryptoTokenException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (CryptoUnsupportedOperationException e) { // TODO
[twitter-dev] Re: OAuth singing on BlackBerry
Hi, I don't have a java compiler ready so I can't test your code. The page about xAuth shows all steps between the start and the actual signature. Try reproducing every single one of these values. (Usually you can simply log all steps and then compare the results with the xauth page.) Tom On Aug 6, 2:56 am, BBTweet Media Player bbtweetme...@gmail.com wrote: I am having a really tough time trying to figure out how to sign my OAuth request. I am trying to follow the example athttp://dev.twitter.com/pages/xauth and my signature does not come out the same as it does in the example... I am doing public static void xauth(){ try { String twitter_url=https://api.twitter.com/oauth/ access_token; String oauth_consumer_key = sGNxxnqgZRHUt6NunK3uw; String oauth_consumer_secret = 5kEQypKe7lFHnufLtsocB1vAzO07xLFgp2Pc4sp2vk; String oauth_nonce = WLxsobj4rhS2xmCbaAeT4aAkRfx4vSHX4OnYpTE77hA; String oauth_signature_method = HMAC-SHA1; String oauth_timestamp = 1276101652; String oauth_version = 1.0; String x_auth_mode = client_auth; String x_auth_password = %123!aZ+()456242134; String x_auth_username = tpFriendlyGiant; String postBody = x_auth_mode=+x_auth_mode +x_auth_password=+encodeUTF8(x_auth_password)+ x_auth_username=+encodeUTF8(x_auth_username); String baseString = POST+encodeUTF8(twitter_url)+ oauth_consumer_key%3D+oauth_consumer_key + %26oauth_nonce%3D+oauth_nonce+ %26oauth_signature_method%3D+oauth_signature_method+ %26oauth_timestamp%3D+oauth_timestamp+ %26oauth_version%3D+oauth_version+ %26+encodeUTF8(postBody); String signingSecret = encodeUTF8(oauth_consumer_secret) +; String signature = hmacsha1(signingSecret, baseString); String header = new StringBuffer(OAuth oauth_nonce= \).append(oauth_nonce).append(\, oauth_signature_method=\) .append(oauth_signature_method).append(\, oauth_timestamp=\).append(oauth_timestamp).append(\, oauth_consumer_key=\) .append(oauth_consumer_key).append(\, oauth_signature=\).append(signature).append(\, oauth_version=\) .append(oauth_version).append(\).toString(); System.out.println(Header = + header); } catch (CryptoTokenException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (CryptoUnsupportedOperationException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } } private static String hmacsha1(String key, String message) throws CryptoTokenException, CryptoUnsupportedOperationException, IOException { HMACKey k = new HMACKey(key.getBytes()); HMAC hmac = new HMAC(k, new SHA1Digest()); hmac.update(message.getBytes()); byte[] mac = hmac.getMAC(); return Base64OutputStream.encodeAsString(mac, 0, mac.length, false, false); } Everything matches the example, but when they sign they get... oauth_signature=yUDBrcMMm6ghqBEKCFKVoJPIacU%3D and I get... MUYmiobRdoK6s0ZVqo4xQNNO17w= Can anyone see anything I am doing wrong? Thanks, Kevin
[twitter-dev] Re: OAuth singing on BlackBerry
Tom, Thanks for the reply. That is what I tried to do here. I used the exact same values presented on the XAuth page http://dev.twitter.com/pages/xauth. Everything was exactly the same upto the point where I ran the HMAC- SHA1 encoding String signature = hmacsha1(signingSecret, baseString); The signature was not the same as the signature the showed in the example. My first question is should it be if I run SHA1 encoding will with the same input should it always return the exact same string (I just do not know much about the encoding)? If it should be the exact same this means that my problem is definitively in the encoding step. If so can anyone see what I might be doing wrong in the signing step... HMACKey k = new HMACKey(key.getBytes()); HMAC hmac = new HMAC(k, new SHA1Digest()); hmac.update(message.getBytes()); byte[] mac = hmac.getMAC(); return Base64OutputStream.encodeAsString(mac, 0, mac.length, false, false); Thanks, Kevin On Aug 6, 10:31 am, Tom allerleiga...@gmail.com wrote: Hi, I don't have a java compiler ready so I can't test your code. The page about xAuth shows all steps between the start and the actual signature. Try reproducing every single one of these values. (Usually you can simply log all steps and then compare the results with the xauth page.) Tom On Aug 6, 2:56 am, BBTweet Media Player bbtweetme...@gmail.com wrote: I am having a really tough time trying to figure out how to sign my OAuth request. I am trying to follow the example athttp://dev.twitter.com/pages/xauth and my signature does not come out the same as it does in the example... I am doing public static void xauth(){ try { String twitter_url=https://api.twitter.com/oauth/ access_token; String oauth_consumer_key = sGNxxnqgZRHUt6NunK3uw; String oauth_consumer_secret = 5kEQypKe7lFHnufLtsocB1vAzO07xLFgp2Pc4sp2vk; String oauth_nonce = WLxsobj4rhS2xmCbaAeT4aAkRfx4vSHX4OnYpTE77hA; String oauth_signature_method = HMAC-SHA1; String oauth_timestamp = 1276101652; String oauth_version = 1.0; String x_auth_mode = client_auth; String x_auth_password = %123!aZ+()456242134; String x_auth_username = tpFriendlyGiant; String postBody = x_auth_mode=+x_auth_mode +x_auth_password=+encodeUTF8(x_auth_password)+ x_auth_username=+encodeUTF8(x_auth_username); String baseString = POST+encodeUTF8(twitter_url)+ oauth_consumer_key%3D+oauth_consumer_key + %26oauth_nonce%3D+oauth_nonce+ %26oauth_signature_method%3D+oauth_signature_method+ %26oauth_timestamp%3D+oauth_timestamp+ %26oauth_version%3D+oauth_version+ %26+encodeUTF8(postBody); String signingSecret = encodeUTF8(oauth_consumer_secret) +; String signature = hmacsha1(signingSecret, baseString); String header = new StringBuffer(OAuth oauth_nonce= \).append(oauth_nonce).append(\, oauth_signature_method=\) .append(oauth_signature_method).append(\, oauth_timestamp=\).append(oauth_timestamp).append(\, oauth_consumer_key=\) .append(oauth_consumer_key).append(\, oauth_signature=\).append(signature).append(\, oauth_version=\) .append(oauth_version).append(\).toString(); System.out.println(Header = + header); } catch (CryptoTokenException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (CryptoUnsupportedOperationException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } } private static String hmacsha1(String key, String message) throws CryptoTokenException, CryptoUnsupportedOperationException, IOException { HMACKey k = new HMACKey(key.getBytes()); HMAC hmac = new HMAC(k, new SHA1Digest()); hmac.update(message.getBytes()); byte[] mac = hmac.getMAC(); return Base64OutputStream.encodeAsString(mac, 0, mac.length, false, false); } Everything matches the example, but when they sign they get... oauth_signature=yUDBrcMMm6ghqBEKCFKVoJPIacU%3D and I get... MUYmiobRdoK6s0ZVqo4xQNNO17w= Can anyone see anything I am doing wrong? Thanks, Kevin
[twitter-dev] Re: OAuth singing on BlackBerry
WHOOO! I got my first 200 getting an XAuth request token. I think the answer to my question is no, I am not expected to get the same signature the have in the XAuth example but it always the same on my device. My final problem was I was not URL encoding the signature before placing it into the Authorization header. Thanks for all the help here hoping to things moving forward quicker. I spent way to long trying to figure that out. On Aug 6, 2:34 pm, BBTweet Media Player bbtweetme...@gmail.com wrote: Tom, Thanks for the reply. That is what I tried to do here. I used the exact same values presented on the XAuth pagehttp://dev.twitter.com/pages/xauth. Everything was exactly the same upto the point where I ran the HMAC- SHA1 encoding String signature = hmacsha1(signingSecret, baseString); The signature was not the same as the signature the showed in the example. My first question is should it be if I run SHA1 encoding will with the same input should it always return the exact same string (I just do not know much about the encoding)? If it should be the exact same this means that my problem is definitively in the encoding step. If so can anyone see what I might be doing wrong in the signing step... HMACKey k = new HMACKey(key.getBytes()); HMAC hmac = new HMAC(k, new SHA1Digest()); hmac.update(message.getBytes()); byte[] mac = hmac.getMAC(); return Base64OutputStream.encodeAsString(mac, 0, mac.length, false, false); Thanks, Kevin On Aug 6, 10:31 am, Tom allerleiga...@gmail.com wrote: Hi, I don't have a java compiler ready so I can't test your code. The page about xAuth shows all steps between the start and the actual signature. Try reproducing every single one of these values. (Usually you can simply log all steps and then compare the results with the xauth page.) Tom On Aug 6, 2:56 am, BBTweet Media Player bbtweetme...@gmail.com wrote: I am having a really tough time trying to figure out how to sign my OAuth request. I am trying to follow the example athttp://dev.twitter.com/pages/xauth and my signature does not come out the same as it does in the example... I am doing public static void xauth(){ try { String twitter_url=https://api.twitter.com/oauth/ access_token; String oauth_consumer_key = sGNxxnqgZRHUt6NunK3uw; String oauth_consumer_secret = 5kEQypKe7lFHnufLtsocB1vAzO07xLFgp2Pc4sp2vk; String oauth_nonce = WLxsobj4rhS2xmCbaAeT4aAkRfx4vSHX4OnYpTE77hA; String oauth_signature_method = HMAC-SHA1; String oauth_timestamp = 1276101652; String oauth_version = 1.0; String x_auth_mode = client_auth; String x_auth_password = %123!aZ+()456242134; String x_auth_username = tpFriendlyGiant; String postBody = x_auth_mode=+x_auth_mode +x_auth_password=+encodeUTF8(x_auth_password)+ x_auth_username=+encodeUTF8(x_auth_username); String baseString = POST+encodeUTF8(twitter_url)+ oauth_consumer_key%3D+oauth_consumer_key + %26oauth_nonce%3D+oauth_nonce+ %26oauth_signature_method%3D+oauth_signature_method+ %26oauth_timestamp%3D+oauth_timestamp+ %26oauth_version%3D+oauth_version+ %26+encodeUTF8(postBody); String signingSecret = encodeUTF8(oauth_consumer_secret) +; String signature = hmacsha1(signingSecret, baseString); String header = new StringBuffer(OAuth oauth_nonce= \).append(oauth_nonce).append(\, oauth_signature_method=\) .append(oauth_signature_method).append(\, oauth_timestamp=\).append(oauth_timestamp).append(\, oauth_consumer_key=\) .append(oauth_consumer_key).append(\, oauth_signature=\).append(signature).append(\, oauth_version=\) .append(oauth_version).append(\).toString(); System.out.println(Header = + header); } catch (CryptoTokenException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (CryptoUnsupportedOperationException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } } private static String hmacsha1(String key, String message) throws CryptoTokenException, CryptoUnsupportedOperationException, IOException { HMACKey k = new HMACKey(key.getBytes()); HMAC hmac = new HMAC(k, new SHA1Digest()); hmac.update(message.getBytes()); byte[] mac = hmac.getMAC(); return
[twitter-dev] Re: OAuth singing on BlackBerry
You need Twitter to approve before you can use xAuth. xAuth is different than OAuth. Can I ask which xAuth library did you use on BB? Is that Java? not J2ME On Aug 6, 1:03 pm, BBTweet Media Player bbtweetme...@gmail.com wrote: WHOOO! I got my first 200 getting an XAuth request token. I think the answer to my question is no, I am not expected to get the same signature the have in the XAuth example but it always the same on my device. My final problem was I was not URL encoding the signature before placing it into the Authorization header. Thanks for all the help here hoping to things moving forward quicker. I spent way to long trying to figure that out. On Aug 6, 2:34 pm, BBTweet Media Player bbtweetme...@gmail.com wrote: Tom, Thanks for the reply. That is what I tried to do here. I used the exact same values presented on the XAuth pagehttp://dev.twitter.com/pages/xauth. Everything was exactly the same upto the point where I ran the HMAC- SHA1 encoding String signature = hmacsha1(signingSecret, baseString); The signature was not the same as the signature the showed in the example. My first question is should it be if I run SHA1 encoding will with the same input should it always return the exact same string (I just do not know much about the encoding)? If it should be the exact same this means that my problem is definitively in the encoding step. If so can anyone see what I might be doing wrong in the signing step... HMACKey k = new HMACKey(key.getBytes()); HMAC hmac = new HMAC(k, new SHA1Digest()); hmac.update(message.getBytes()); byte[] mac = hmac.getMAC(); return Base64OutputStream.encodeAsString(mac, 0, mac.length, false, false); Thanks, Kevin On Aug 6, 10:31 am, Tom allerleiga...@gmail.com wrote: Hi, I don't have a java compiler ready so I can't test your code. The page about xAuth shows all steps between the start and the actual signature. Try reproducing every single one of these values. (Usually you can simply log all steps and then compare the results with the xauth page.) Tom On Aug 6, 2:56 am, BBTweet Media Player bbtweetme...@gmail.com wrote: I am having a really tough time trying to figure out how to sign my OAuth request. I am trying to follow the example athttp://dev.twitter.com/pages/xauth and my signature does not come out the same as it does in the example... I am doing public static void xauth(){ try { String twitter_url=https://api.twitter.com/oauth/ access_token; String oauth_consumer_key = sGNxxnqgZRHUt6NunK3uw; String oauth_consumer_secret = 5kEQypKe7lFHnufLtsocB1vAzO07xLFgp2Pc4sp2vk; String oauth_nonce = WLxsobj4rhS2xmCbaAeT4aAkRfx4vSHX4OnYpTE77hA; String oauth_signature_method = HMAC-SHA1; String oauth_timestamp = 1276101652; String oauth_version = 1.0; String x_auth_mode = client_auth; String x_auth_password = %123!aZ+()456242134; String x_auth_username = tpFriendlyGiant; String postBody = x_auth_mode=+x_auth_mode +x_auth_password=+encodeUTF8(x_auth_password)+ x_auth_username=+encodeUTF8(x_auth_username); String baseString = POST+encodeUTF8(twitter_url)+ oauth_consumer_key%3D+oauth_consumer_key + %26oauth_nonce%3D+oauth_nonce+ %26oauth_signature_method%3D+oauth_signature_method+ %26oauth_timestamp%3D+oauth_timestamp+ %26oauth_version%3D+oauth_version+ %26+encodeUTF8(postBody); String signingSecret = encodeUTF8(oauth_consumer_secret) +; String signature = hmacsha1(signingSecret, baseString); String header = new StringBuffer(OAuth oauth_nonce= \).append(oauth_nonce).append(\, oauth_signature_method=\) .append(oauth_signature_method).append(\, oauth_timestamp=\).append(oauth_timestamp).append(\, oauth_consumer_key=\) .append(oauth_consumer_key).append(\, oauth_signature=\).append(signature).append(\, oauth_version=\) .append(oauth_version).append(\).toString(); System.out.println(Header = + header); } catch (CryptoTokenException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (CryptoUnsupportedOperationException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } } private static String hmacsha1(String key, String message)