How looks the final code?
On Jul 6, 1:19 pm, ntortarolo <ntortar...@gmail.com> wrote: > Hi Taylor, i have fixed this, the problem wasnt on hmac-sha1 and > base64 encoding, on my ajax call with jquery something wrong happened, > i have changed it to HttpRequest of firefox component and it works. My > app is an addon for firefox and its client side (javascript and xul). > I know its not secure having there the consumer secret but i dont have > another way to do it. > I get access token right, but now i have another problem, i dont know > exactly what parameters i must add for a call, for example calling > friends timeline, i have seen tutorials aboutxauthbut i get this > response "could not authenticate with oauth". > Sorry of my english. > > Thanks, Nadia > > On Jun 24, 5:58 pm, Taylor Singletary <taylorsinglet...@twitter.com> > wrote: > > > Hi there, > > > Are you still having this issue? > > > In the past when I've seen other developers having issues accomplishing this > > in Javascript, it's come down to an issue in the library used for HMAC-SHA1 > > and Base64 encoding. While it works in most conditions, there are apparently > > some edge cases where it does the wrong thing. I generally don't advocate > > using Javascript and OAuth together for a variety of reasons. Have you tried > > tracing the request to see exactly the HTTP request being sent to the > > server? > > > Are you writing a browser extension or WebOS app? If the former, how are you > > keeping your consumer secret at least somewhat secured? > > > Have you tried other requests using an access token obtained through other > > means? > > > Taylor > > > On Thu, Jun 17, 2010 at 11:25 AM, ntortarolo <ntortar...@gmail.com> wrote: > > > Hi, i have problem requesting an access_token, i think my source is > > > right, i dont know where is the problem, i have maken some test with > > > base_string, oauth_consumer_key and oauth_consumer_secret shown on > > >http://dev.twitter.com/pages/xauthandi get the same oauth_signature > > > shown there so i think problem is not there when i use the real > > > base_string, my oauth_consumer_key and oauth_consumer_secret. > > > My source is this, i hope someone can help me (to preserve my > > > secret > > > and key i will put the same as the ones used on > > >http://dev.twitter.com/pages/xauth) > > > > xauth: functionxauth() > > > { > > > > var username = encodeURIComponent("aaaa"), > > > password = encodeURIComponent("bbbb"), > > > url= "https://api.twitter.com/oauth/access_token", > > > key = "sGNxxnqgZRHUt6NunK3uw", > > > timestamp = (new Date()).getTime(), > > > nonce = Math.random(); > > > > var access_token = "oauth_consumer_key=" + key + > > > "&oauth_nonce=" + nonce + > > > "&oauth_signature_method=HMAC-SHA1" + > > > "&oauth_timestamp=" + timestamp + > > > "&oauth_version=1.0" + > > > "&x_auth_mode=client_auth" + > > > "&x_auth_password=" + password + > > > "&x_auth_username=" + username; > > > > var base_string = "POST&" + encodeURIComponent(url) + "&" + > > > encodeURIComponent(access_token); > > > > var oauth_signature = > > > b64_hmac_sha1("5kEQypKe7lFHnufLtsocB1vAzO07xLFgp2Pc4sp2vk&", > > > base_string); > > > > oauth_signature = encodeURIComponent(oauth_signature+"="); > > > > var auth_header = 'OAuth oauth_nonce="' + nonce + '"' + > > > ', oauth_signature_method="HMAC-SHA1"' + > > > ', oauth_timestamp="' + timestamp + '"' + > > > ', oauth_consumer_key="' + key + '"' + > > > ', oauth_signature="' + oauth_signature + '"' + > > > ', oauth_version="1.0"'; > > > > $.ajax({ > > > url:url, > > > method: "POST", > > > data: { > > > x_auth_username: username, > > > x_auth_password: password, > > > x_auth_mode: "client_auth" > > > }, > > > beforeSend: function(xhr){ > > > xhr.setRequestHeader("Authorization", auth_header); > > > }, > > > success: function(data){ > > > alert(data); > > > }, > > > error: function(xhr){ > > > alert(xhr.responseText); > > > } > > > }) ; > > > > * What language or library are you using? What versions? > > > i'm using it on javascript > > > > * What oauth application is this for? > > > http://twitter.com/apps/edit/181924