I'm developing a library that can be used with either web or desktop. Since I had code already going in a web application, I use it to do my initial development.
Ricky On Mar 7, 5:03 pm, Ryan Alford <ryanalford...@gmail.com> wrote: > Why are you using PIN based authorization for web applications? Web > applications don't use PINs. > > Ryan > > Sent from my DROID > > On Mar 7, 2010 4:59 PM, "Ricky" <ri...@digitally-born.com> wrote: > > I'm working on version 2 of Twitterizer, a .NET library for using the > Twitter API, but I've run into a weird issue with pin-based OAuth. I > have a sample web application and a sample desktop application. From > the web application I am able to perform pin-based authentication > without any issues, but through the desktop application every call for > access tokens are refused with "Invalid oauth_verifier parameter." > I've stepped through the code (non-stop for an hour) and I'm sure that > the exact code is executing for each call. I've tried changing the > calls to GET, instead of POST, and the results are the same. From the > web app it works great, from the desktop app, not so much. > > Using fiddler, I've captured the HTTP request/response from each, and > they look exactly the same (to me). > > Here is the call from the web application (works): > POSThttp://twitter.com/oauth/access_token?oauth_verifier=2068385HTTP/ > 1.1 > Content-Type: application/x-www-form-urlencoded > Authorization: OAuth realm="Twitter > API",oauth_consumer_key="Ds8w95QVNTITV16pqMwtHA",oauth_nonce="6E723378",oau > th_signature_method="HMAC- > SHA1",oauth_timestamp="1267995036",oauth_token="Vy5cCHkomrAKocY9c8J18hAEf1P > J2ONwBtQxmdGGaI",oauth_version="1.0",oauth_signature="OU3Qfi2tq > %2Fwyaij0NezCARqLVCA%3D" > User-Agent: Twitterizer/2.0.0.0 > Host: twitter.com > > And here is the call from the desktop application (does not work): > POSThttp://twitter.com/oauth/access_token?oauth_verifier=541907HTTP/ > 1.1 > Content-Type: application/x-www-form-urlencoded > Authorization: OAuth realm="Twitter > API",oauth_consumer_key="Ds8w95QVNTITV16pqMwtHA",oauth_nonce="7F8D82E3",oau > th_signature_method="HMAC- > SHA1",oauth_timestamp="1267995086",oauth_token="uTcERUybyJF0WKi77w5dPCTZbwO > 7DZJX1hQuJK0fg",oauth_version="1.0",oauth_signature="iUUcdVtM > %2B4nxfDKrqPqElE9IPgY%3D" > User-Agent: Twitterizer/2.0.0.0 > Host: twitter.com > > The response body is: > <?xml version="1.0" encoding="UTF-8"?> > <hash> > <request>/oauth/access_token?oauth_verifier=541907</request> > <error>Invalid oauth_verifier parameter</error> > </hash> > > This may be more of a .NET question, as there may be some kind of > nuance when making requests through a windows application, but I > thought it might be worth my time to ask everyone, in case I'm doing > something dumb (it happens). > > Thanks for your time, > Rickywww.twitterizer.net