OAuth is not enabled on stream.twitter.com. You can try on
chirpstream.twitter.com.


On Thu, May 13, 2010 at 10:53 AM, Lucas Vickers <lucasvick...@gmail.com> wrote:
> I am writing my own c++ based OAuth library.  I know there is liboauth
> but I like to do things myself to learn.
>
> Anyhow I am trying to access http://stream.twitter.com/1/statuses/sample.xml
> and I keep getting 401.
>
> I have verified pretty much every parameter, and used the tool on
> http://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iv-signing-requests/
> to verify my signature is correct. I used twurl to obtain the user
> access tokens to my account.
>
> After doing some reading I'm no longer convinced that the streaming
> server even supports oauth.
>
> can you fill me in on the current status of stream.twitter.com and
> oauth?
>
> thanks!
> Lucas
>
>
>
> On Apr 20, 11:02 pm, Jonathon Hill <jhill9...@gmail.com> wrote:
>> Thanks Taylor for the very detailed and helpful response!
>>
>> Jonathon
>>
>> On Apr 20, 1:17 pm, Taylor Singletary <taylorsinglet...@twitter.com>
>> wrote:
>>
>> > Hi Jonathon,
>>
>> > ForStreamingAPI access that isn't from the perspective of a user's
>> > account, you would use two-leggedOAuthto establish authentication instead
>> > of basic auth.
>>
>> > A two-leggedOAuthrequest is very similar to otherOAuthrequests: you have
>> > a specific resource you are trying to access, you have some parameters you
>> > want to pass to that resource, and you have anOAuthconsumer key andOAuth
>> > consumer secret. Which is unlike three-leggedOAuthwhere you also have
>> > oauth_tokens representing either a user/access_token or a request token in
>> > addition to the rest.
>>
>> > But the rules remain the same. You take all theOAuthparameters and the
>> > parameters you are sending to the resource, organize them, build a 
>> > signature
>> > base string, then sign that with your consumer secret and send the request
>> > on to Twitter properly signed. The only difference is that there is no
>> > oauth_token and oauth_token_secret getting involved in the mix.
>>
>> > This is essentially what a two-legged request to thestreamingAPI would
>> > look like:
>>
>> > Signature Base String
>> > GET&http%3A%2F%2Fstream.twitter.com
>> > %2F1%2Fstatuses%2Fsample.json&oauth_consumer_key%3Dri8JxYK2zzwSV5xIUfNNvQ%2­6oauth_nonce%3DSJJqJPdaZrYuIogToapS6ueJRyWB4Rs2ox4HEbu4nW8%26oauth_signatur­e_method%3DHMAC-SHA1%26oauth_timestamp%3D1271783743%26oauth_version%3D1.0
>>
>> > Signature
>> > Xi5jfuw2XqtU5KpNX9ZCtTptJS0=
>>
>> > Authorization Header
>> >OAuthoauth_nonce="SJJqJPdaZrYuIogToapS6ueJRyWB4Rs2ox4HEbu4nW8",
>> > oauth_signature_method="HMAC-SHA1", oauth_timestamp="1271783743",
>> > oauth_consumer_key="ri8JxYK2zzwSV5xIUfNNvQ",
>> > oauth_signature="Xi5jfuw2XqtU5KpNX9ZCtTptJS0%3D", oauth_version="1.0"
>>
>> > Taylor Singletary
>> > Developer Advocate, Twitterhttp://twitter.com/episod
>>
>> > On Tue, Apr 20, 2010 at 10:05 AM, Jonathon Hill <jhill9...@gmail.com> 
>> > wrote:
>> > > One thing I meant to find out @chirp last week--what willoauthlook
>> > > like for theStreamingAPI? I'm having a hard time visualizing how
>> > > that will work.
>>
>> > > Thanks,
>>
>> > > Jonathon Hill
>> > > @compwright
>> > > Company52
>> > >http://company52.com
>>
>> > > --
>> > > Subscription settings:
>> > >http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
>

Reply via email to