If you are using a client library, please specify the library and version. There is a chance that you are all running into the same library-based incompatibility and could work together (or with the maintainer) to determine the fix. Thanks, Doug
On Mon, Jul 27, 2009 at 9:40 PM, Doug Williams <d...@twitter.com> wrote: > Please use the OAuth playground [1] to test your signatures against the > expected result. I am working to gather specifics to help your debug process > (i.e. what changed?) in the mean time. > 1. http://googlecodesamples.com/oauth_playground/ > > Thanks, > Doug > > > On Mon, Jul 27, 2009 at 9:29 PM, winrich <winric...@gmail.com> wrote: > >> >> ok guys. >> >> so my calls were failing on the verify_credentials call and not on the >> update or timeline calls. the only difference i saw was the the >> verify_credential call wasn't secured. i changed it to https and it >> worked. ??? lol >> >> >> >> >> On Jul 27, 9:19 pm, Chad Etzel <jazzyc...@gmail.com> wrote: >> > On Mon, Jul 27, 2009 at 11:55 PM, Duane >> > >> > Roelands<duane.roela...@gmail.com> wrote: >> > > RTFM is not a helpful answer, especially when many developers are >> > > relying on libraries that they did not write. >> > >> > That's a risk you run when using code you didn't write. >> > >> > I'm not saying that this situation doesn't suck for those affected. >> > I'm sure that it does. But, for a technology so new as OAuth, the >> > libraries may not be mature yet. >> > >> > Officially, Twitter OAuth is still in Public Beta and has never been >> > officially recommended to integrate into production code. That being >> > said, there could still be a problem on Twitter's end with their >> > signature verification mechanism and the libraries could all be valid. >> > I don't have a way of knowing. >> > >> > I do agree that at least a note that "a security change was pushed >> > today" would be nice, though. >> > >> > -Chad >> > >
