Thank you for the help. I'm still trying to get the first part to work... > 1. The first step in the process, you will make a GET request to > "http://twitter.com/oauth/request_token";. In this request, you will need > the following parameters in this specific order: > oauth_consumer_key > oauth_nonce > oauth_signature_method > oauth_timestamp > oauth_version > oauth_signature
What string do I sign? The whole URL? Eg: oauth_consumer_key=2FuDFffo1MnWkw9g2JK7621HA&oauth_nonce=1112009260947V57BUQK06I7H1BL88VBR65VT2&oauth_signature_method=HMAC- SHA1&oauth_timestamp=1259226047&oauth_version=1.0 or http://twitter.com/oauth/request_token?oauth_consumer_key=2FuDFffo1MnWkw9g2JK7621HA&oauth_nonce=1112009260947V57BUQK06I7H1BL88VBR65VT2&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1259226047&oauth_version=1.0 When do I UTF-8 encode? Before signing or after signing? Same with the posting? What do i post and when do I UTF-8 encode? Best regards Andre On Nov 24, 10:17 pm, ryan alford <ryanalford...@gmail.com> wrote: > The signature has to go last. That's one mistake that most people make. > You are suppose to put the parameters in order EXCEPT the signature > parameter. The signature parameter is created by using the other > parameters, then it's appended to the end of the query string. > > The OAuth signature is generated. > > I made a blog post where I tried to explain it a little better than the > documentation does. It's for .Net for the desktop, but the process is the > same for any language, and only slightly different for web applications. > > http://eclipsed4utoo.com/blog/net-twitter-desktop-oauth-authentication/ > > > > On Tue, Nov 24, 2009 at 3:12 PM, abruton <andrebru...@gmail.com> wrote: > > Hi All > > > I am trying to get my head around the Twitter oauth flow. > > > The twitter documentation links to oauth.net for parameters, but these > > are general and not well documented. > > > Is the first step to usehttp://twitter.com/oauth/request_token? > > > 1. I created the following URL: > > >http://twitter.com/oauth/request_token?oauth_consumer_key=3Uu...1HA&o... > > > When I put this in a browser to test it, I get the following error: > > > Failed to validate oauth signature and token > > > 1. What is wrong with the string? > > - Is the oauth_signature just your Consumer secret string? > > - Do I have to use oauth_signature_method and what method do I use. > > If it is sha1, what string do I hash? The whole URL? > > > Do I POST the data tohttp://twitter.com/oauth/request_tokenor GET or > > what? > > > Best regards > > > Andre F Bruton
