If I do encode the variables, what else can give the same error?
On Mar 20, 4:06 pm, Joshua Perry wrote:
> Are you including your url-encoded form variables in your signature
> calculation?
>
>
>
> Celso Pinto wrote:
> > Hi all,
>
> > I'm trying to set up a client and I want to use OAuth. The oa
Chris,
If you include more detail about your application and your request then we
can provide more specific help. That method should work with as a GET
request.
A lot of other developers have seen the HTTP 401 error you described. Try
searching for "invalid oauth request" [1] to see if anything fr
Hi there,
Is your application registered as read-only by chance? If it is
POSTs will fail but the message should be a little more descriptive.
Thanks;
— Matt
On Mar 26, 2009, at 11:34 AM, Baishampayan Ghose wrote:
I'm having a little trouble with oAuth - I'm getting an Invalid OAu
> I'm having a little trouble with oAuth - I'm getting an Invalid OAuth
> Request with a HTTP 401. I'm sure the signature is correct, and all
> I'm trying to do is get a request token. Has anyone had this problem
> before and if so how did you fix it?
Now I am facing the same problem. For me GET
ot) net
>
> > -Original Message-
> > From: twitter-development-talk@googlegroups.com
> > [mailto:twitter-development-t...@googlegroups.com] On Behalf Of Cameron
> > Kaiser
> > Sent: 21 March 2009 20:27
> > To: twitter-development-talk@googlegroups.com
mbelow
> (dot) net
>
> -Original Message-
> From: twitter-development-talk@googlegroups.com
> [mailto:twitter-development-t...@googlegroups.com] On Behalf Of Cameron
> Kaiser
> Sent: 21 March 2009 20:27
> To: twitter-development-talk@googlegroups.com
> Subject: [twitter-dev] R
] On Behalf Of Cameron
Kaiser
Sent: 21 March 2009 20:27
To: twitter-development-talk@googlegroups.com
Subject: [twitter-dev] Re: Invalid oAuth Request
> I'm having a little trouble with oAuth - I'm getting an Invalid OAuth
> Request with a HTTP 401. I'm sure the signature is c
code($this->shared_secret . "&" .
$this->token_secret);
break;
}
}
The method being used is HMAC-SHA1.
Thanks!
Jamie
Jamie Rumbelow Designer / Developer / Writer / Speaker
http://www.jamierumbelow.net | +44 (0)7956 363875 | jamie (at) jamierumbelow
(dot) n
> I'm having a little trouble with oAuth - I'm getting an Invalid OAuth
> Request with a HTTP 401. I'm sure the signature is correct, and all
> I'm trying to do is get a request token. Has anyone had this problem
> before and if so how did you fix it?
Code and/or output is always helpful.
--
--
That was it, thanks a lot!
On Mar 20, 2:06 pm, Joshua Perry wrote:
> Are you including your url-encoded form variables in your signature
> calculation?
>
> Celso Pinto wrote:
> > Hi all,
>
> > I'm trying to set up a client and I want to use OAuth. The oauth
> > authorization went ok, my app show
Thanks Joshua,
That got me down the right path and now I'm getting an authorized
connection.
Randy
On Mar 19, 3:12 pm, Joshua Perry wrote:
> Just an FYI, there should be nothing sensitive in an OAuth URI... Which
> is a good thing because even under SSL nothing in a querystring is
> encrypt
Are you including your url-encoded form variables in your signature
calculation?
Celso Pinto wrote:
Hi all,
I'm trying to set up a client and I want to use OAuth. The oauth
authorization went ok, my app shows on my settings page but when I try
to make an OAuth post to /statuses/update.json I
Yes you are right, my mistake, though querystrings are often written in
plaintext to server logs. Also, OAuth should be able to work securely
in a non-SSL secured context, so having sensitive oauth data anywhere in
the request is a bad idea ( and against the specification ).
Cameron Kaiser wr
> Just an FYI, there should be nothing sensitive in an OAuth URI... Which
> is a good thing because even under SSL nothing in a querystring is
> encrypted.
No. SSL is below the HTTP layer, meaning that the connection has to be set
up before the HTTP GET is even sent.
Of course, there are othe
Alright, I got it working, I was removing it from the actual request but
wasn't removing it from the request normalization routine... So my
requests now work properly without the oauth_token_secret parameter in
the request. I'm not sure why the implementation I am using was
including that p
Just an FYI, there should be nothing sensitive in an OAuth URI... Which
is a good thing because even under SSL nothing in a querystring is
encrypted.
Thank you for bringing this up... because there is something sensitive
in your URI which is also sent by my own implementation, the
oauth_to
Here's the string. The forum turned it into a link.
oauth_consumer_key=XX&oauth_nonce=72BF80D5959F5A35DA5F8748AE8DBA151015DC4C&oauth_signature=Hje29X769TqIF
%2B1CaJkr1i5BIVo%3D&oauth_signature_method=HMAC-
SHA1&oauth_timestamp=1237485161&oauth_version=1.0&oauth_token=14846470-
17 matches
Mail list logo
