Thanks Joshua, That got me down the right path and now I'm getting an authorized connection.
Randy On Mar 19, 3:12 pm, Joshua Perry <[email protected]> wrote: > Just an FYI, there should be nothing sensitive in an OAuth URI... Which > is a good thing because even under SSL nothing in a querystring is > encrypted. > > Thank you for bringing this up... because there is something sensitive > in your URI which is also sent by my own implementation, the > oauth_token_secret should be included in the signature but not in the > request... > > I did a quick edit on my code to elide the secret but when I do that I > get the same error that you are getting, I am going to have to do a more > in-depth review of my code to figure out what is going wrong. > > See the OAuth spec section 6 [1] it shows the pieces of data that should > flow between the consumer and provider at each step in the > authentication flow. > > 1.http://oauth.net/core/1.0/#anchor9 > > > > rlamfink wrote: > > Oauth noob. I've got all the token exchange parts working and can get > > an access_token& secret. But when I make an http POST, the captured > > url string looks right, but I get Invalid Oauth Request with a status > > code of 401. > > > Here's the string with the security sensitive parts changed. > > Is there something obvious that I'm missing? > > >http://twitter.com/statuses/update.xml?oauth_consumer_key=XXXXXXXXXXX...- > >Hide quoted text - > > - Show quoted text -
