Hi Onn, Our documentation at http://dev.twitter.com/doc/post/favorites/create/:idmay have been unclear in the past (it may even still be unclear).
You don't need to pass the id element directly as a parameter -- it's a "globbed" parameter from the resource URL itself -- can you try your request after removing the id= 19408545095 element? Thanks, Taylor On Tue, Jul 27, 2010 at 3:24 AM, Onn E <onn.elbo...@gmail.com> wrote: > Hi, > > We are integrating into OAuth. So far we managed to sign and work with > as many as 30 API functions with OAuth. We succeed on all but 2 > functions: /favorites/create and /favorites/destroy. > We get response code 401 with message: Could not authenticate you. > Detailed below is the information regarding our signature base string > and the OAuth header with the signature calculated, as well as the > request we send to twitter and the response we get from twitter > (sniffed with wireshark). > What are we doing wrong here? > > > > Our signature base string is as follows: > > POST&http%3A%2F%2Fapi.twitter.com%2F1%2Ffavorites%2Fcreate > %2F19408545095.xml&id%3D19408545095%26oauth_consumer_key%3DXXXXXXXXXXXX > %26oauth_nonce%3D1296103309843726254%26oauth_signature_method%3DHMAC- > SHA1%26oauth_timestamp%3D1280221546%26oauth_token%3DXXXXXX- > XXXXXXXXXXXXXXXX%26oauth_version%3D1.0 > > > > Our Header is as follows: > > OAuth oauth_signature="6IEyw61Vi1INPo3e%2FRaeu7GfP38%3D", > oauth_version="1.0", oauth_nonce="1296103309843726254", > oauth_signature_method="HMAC-SHA1", > oauth_consumer_key="XXXXXXXXXXXXXX", oauth_token="XXXXXX- > XXXXXXXXXXXXXXXX", oauth_timestamp="1280221546" > > > > Our request looks like this (sniffed with wireshark): > > POST /1/favorites/create/19408545095.xml HTTP/1.1 > Host: api.twitter.com > User-Agent: AsyncHttpClient 1.0 > Content-Length: 302 > > Authorization= OAuth oauth_signature="6IEyw61Vi1INPo3e > %2FRaeu7GfP38%3D", oauth_version="1.0", > oauth_nonce="1296103309843726254", oauth_signature_method="HMAC-SHA1", > oauth_consumer_key="XXXXXXXXX", oauth_token="XXXXXX- > XXXXXXXXXXXXXXXXX", oauth_timestamp="1280221546" > > > > The response we get looks like this: > > HTTP/1.1 401 Unauthorized > Date: Tue, 27 Jul 2010 09:04:17 GMT > Server: hi > Status: 401 Unauthorized > WWW-Authenticate: Basic realm="Twitter API" > X-Runtime: 0.00346 > Content-Type: application/xml; charset=utf-8 > Content-Length: 156 > Cache-Control: no-cache, max-age=1800 > Set-Cookie: k=62.219.129.78.1280221457069202; path=/; expires=Tue, 03- > Aug-10 09:04:17 GMT; domain=.twitter.com > Set-Cookie: guest_id=128022145709437051; path=/; expires=Thu, 26 Aug > 2010 09:04:17 GMT > Set-Cookie: > > _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCMgqJRMqAToHaWQiJWYwOTYxZjdmYTMxY2Y5%250AODhlNzI5YzRiNmIyOGJhNDI2IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy > > %250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--2aa62d945615ad137a5fe099065e64a4bb5120b1; > domain=.twitter.com; path=/ > Expires: Tue, 27 Jul 2010 09:34:17 GMT > Vary: Accept-Encoding > Connection: close > > <?xml version="1.0" encoding="UTF-8"?> > <hash> > <request>/1/favorites/create/19408545095.xml</request> > <error>Could not authenticate you.</error> > </hash> > > > > > > Thanks, > Onn >