I am writing my own c++ based OAuth library. I know there is liboauth but I like to do things myself to learn.
Anyhow I am trying to access http://stream.twitter.com/1/statuses/sample.xml and I keep getting 401. I have verified pretty much every parameter, and used the tool on http://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iv-signing-requests/ to verify my signature is correct. I used twurl to obtain the user access tokens to my account. After doing some reading I'm no longer convinced that the streaming server even supports oauth. can you fill me in on the current status of stream.twitter.com and oauth? thanks! Lucas On Apr 20, 11:02 pm, Jonathon Hill <jhill9...@gmail.com> wrote: > Thanks Taylor for the very detailed and helpful response! > > Jonathon > > On Apr 20, 1:17 pm, Taylor Singletary <taylorsinglet...@twitter.com> > wrote: > > > Hi Jonathon, > > > ForStreamingAPI access that isn't from the perspective of a user's > > account, you would use two-leggedOAuthto establish authentication instead > > of basic auth. > > > A two-leggedOAuthrequest is very similar to otherOAuthrequests: you have > > a specific resource you are trying to access, you have some parameters you > > want to pass to that resource, and you have anOAuthconsumer key andOAuth > > consumer secret. Which is unlike three-leggedOAuthwhere you also have > > oauth_tokens representing either a user/access_token or a request token in > > addition to the rest. > > > But the rules remain the same. You take all theOAuthparameters and the > > parameters you are sending to the resource, organize them, build a signature > > base string, then sign that with your consumer secret and send the request > > on to Twitter properly signed. The only difference is that there is no > > oauth_token and oauth_token_secret getting involved in the mix. > > > This is essentially what a two-legged request to thestreamingAPI would > > look like: > > > Signature Base String > > GET&http%3A%2F%2Fstream.twitter.com > > %2F1%2Fstatuses%2Fsample.json&oauth_consumer_key%3Dri8JxYK2zzwSV5xIUfNNvQ%26oauth_nonce%3DSJJqJPdaZrYuIogToapS6ueJRyWB4Rs2ox4HEbu4nW8%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1271783743%26oauth_version%3D1.0 > > > Signature > > Xi5jfuw2XqtU5KpNX9ZCtTptJS0= > > > Authorization Header > >OAuthoauth_nonce="SJJqJPdaZrYuIogToapS6ueJRyWB4Rs2ox4HEbu4nW8", > > oauth_signature_method="HMAC-SHA1", oauth_timestamp="1271783743", > > oauth_consumer_key="ri8JxYK2zzwSV5xIUfNNvQ", > > oauth_signature="Xi5jfuw2XqtU5KpNX9ZCtTptJS0%3D", oauth_version="1.0" > > > Taylor Singletary > > Developer Advocate, Twitterhttp://twitter.com/episod > > > On Tue, Apr 20, 2010 at 10:05 AM, Jonathon Hill <jhill9...@gmail.com> wrote: > > > One thing I meant to find out @chirp last week--what willoauthlook > > > like for theStreamingAPI? I'm having a hard time visualizing how > > > that will work. > > > > Thanks, > > > > Jonathon Hill > > > @compwright > > > Company52 > > >http://company52.com > > > > -- > > > Subscription settings: > > >http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
