I would just greatly appreciate if anyone could post here complete request which authenticates on Twitter. BTW, some sites (e.g., habrahabr.ru or hyves.nl mentioned above) print some useful debug info in their response if authentication fails. E.g., they first dump unescaped parameters they receive in Authorization header, and then print "expected digest value=%@". This greatly helps debugging new applications. Would be great if Twitter will do the same. Thanks!
On Jul 27, 8:23 pm, ivan_m5 <i.mis...@gmail.com> wrote: > Hi everybody, > > I have my own Objective-C OAuth library. It's working pretty well for > habrahabr.ru and hyves.nl currently. > But I'm unable to get it work with Twitter. > I've come across a lot of postings around here regarding users unable > to obtain temporary request token. > > I've validated my request > athttp://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iv-signin... > and signature is calculated OK. > > Here's my POST data (adapted so that I can validate request at the > page above): > > POSThttps://api.twitter.com/oauth/request_token?force_login=true&oauth_ca... > consumer_secret="T5GW1wAGewlFY9CIyYXmYvGApQQHM3cez20Risxc" > base_string=POST&https%3A%2F%2Fapi.twitter.com%2Foauth > %2Frequest_token&force_login%3Dtrue%26oauth_callback%3Dhttp%253A%252F > %252Flocalhost%252Fx-oauth-mobile-success%252F%26oauth_consumer_key > %3Dg4kGtt9OflmGNGfEPQAaw%26oauth_nonce > %3D37071428662683%26oauth_signature_method%3DHMAC- > SHA1%26oauth_timestamp%3D1280250833%26oauth_token%3D%26oauth_version > %3D1.0 > DIGEST=eZg+qEBXeFDSfFq6Chxyt9/3pvU= > > And the header: > Authorization: OAuth realm="https://api.twitter.com/oauth/ > request_token", oauth_consumer_key="g4kGtt9OflmGNGfEPQAaw", > oauth_token="", oauth_signature_method="HMAC-SHA1", > oauth_timestamp="1280250833", oauth_nonce="37071428662683", > oauth_version="1.0", oauth_signature="eZg%2BqEBXeFDSfFq6Chxyt9%2F3pvU > %3D" > > And the response is: > ========================================= > 401 unauthorized > Server=hi > Vary=Accept-Encoding > Last-Modified=Tue, 27 Jul 2010 17:15:31 GMT > Cache-Control=no-cache, no-store, must-revalidate, pre-check=0, post- > check=0 > X-Revision=DEV > Status=401 Unauthorized > Date=Tue, 27 Jul 2010 17:15:31 GMT > Expires=Tue, 31 Mar 1981 05:00:00 GMT > Pragma=no-cache > X-Runtime=0.00686 > X-Transaction=1280250931-50619-29066 > Set- > Cookie=_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCNrj5hQqASIKZmxhc2hJQzonQWN0aW9uQ29u > %250AdHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7ADoHaWQiJWUx > %250ANTY3YmQ0MTdmOGY3ZDQxMWY1NDNjNDIzOThmNDRl-- > eeba367f81559ae97d63fddfa8df09251ceab44f; domain=.twitter.com; path=/ > Content-Encoding=gzip > Content-Length=62 > Content-Type=text/html; charset=utf-8 > Connection=close > > Failed to validate oauth signature and token > ========================================= > > Are there issues on server-side? Thanks in advance.
