Tom,
Thanks for the reply. That is what I tried to do here. I used the
exact same values presented on the XAuth page
http://dev.twitter.com/pages/xauth.
Everything was exactly the same upto the point where I ran the HMAC-
SHA1 encoding....
String signature = hmacsha1(signingSecret, baseString);
The signature was not the same as the signature the showed in the
example. My first question is should it be if I run SHA1 encoding
will with the same input should it always return the exact same string
(I just do not know much about the encoding)? If it should be the
exact same this means that my problem is definitively in the encoding
step. If so can anyone see what I might be doing wrong in the signing
step...
HMACKey k = new HMACKey(key.getBytes());
HMAC hmac = new HMAC(k, new SHA1Digest());
hmac.update(message.getBytes());
byte[] mac = hmac.getMAC();
return Base64OutputStream.encodeAsString(mac, 0, mac.length,
false, false);
Thanks,
Kevin
On Aug 6, 10:31 am, Tom <allerleiga...@gmail.com> wrote:
> Hi,
>
> I don't have a java compiler ready so I can't test your code.
>
> The page about xAuth shows all steps between the start and the actual
> signature. Try reproducing every single one of these values. (Usually
> you can simply log all steps and then compare the results with the
> xauth page.)
>
> Tom
>
> On Aug 6, 2:56 am, BBTweet Media Player <bbtweetme...@gmail.com>
> wrote:
>
> > I am having a really tough time trying to figure out how to sign my
> > OAuth request. I am trying to follow the example
> > athttp://dev.twitter.com/pages/xauth
> > and my signature does not come out the same as it does in the
> > example...
>
> > I am doing....
>
> > public static void xauth(){
> > try {
> > String twitter_url="https://api.twitter.com/oauth/
> > access_token";
> > String oauth_consumer_key = "sGNxxnqgZRHUt6NunK3uw";
> > String oauth_consumer_secret =
> > "5kEQypKe7lFHnufLtsocB1vAzO07xLFgp2Pc4sp2vk";
> > String oauth_nonce =
> > "WLxsobj4rhS2xmCbaAeT4aAkRfx4vSHX4OnYpTE77hA";
> > String oauth_signature_method = "HMAC-SHA1";
> > String oauth_timestamp = "1276101652";
> > String oauth_version = "1.0";
> > String x_auth_mode = "client_auth";
> > String x_auth_password = "%&123!aZ+()456242134";
> > String x_auth_username = "tpFriendlyGiant";
>
> > String postBody = "x_auth_mode="+x_auth_mode
> > +"&x_auth_password="+encodeUTF8(x_auth_password)+
> > "&x_auth_username="+encodeUTF8(x_auth_username);
>
> > String baseString = "POST&"+encodeUTF8(twitter_url)+
> > "&oauth_consumer_key%3D"+oauth_consumer_key +
> > "%26oauth_nonce%3D"+oauth_nonce+
> > "%26oauth_signature_method%3D"+oauth_signature_method+
> > "%26oauth_timestamp%3D"+oauth_timestamp+
> > "%26oauth_version%3D"+oauth_version+
> > "%26"+encodeUTF8(postBody);
>
> > String signingSecret = encodeUTF8(oauth_consumer_secret)
> > +"&";
>
> > String signature = hmacsha1(signingSecret, baseString);
>
> > String header = new StringBuffer("OAuth oauth_nonce=
> > \"").append(oauth_nonce).append("\", oauth_signature_method=\"")
> > .append(oauth_signature_method).append("\",
> > oauth_timestamp=\"").append(oauth_timestamp).append("\",
> > oauth_consumer_key=\"")
> > .append(oauth_consumer_key).append("\",
> > oauth_signature=\"").append(signature).append("\", oauth_version=\"")
> > .append(oauth_version).append("\"").toString();
>
> > System.out.println("Header = " + header);
> > } catch (CryptoTokenException e) {
> > // TODO Auto-generated catch block
> > e.printStackTrace();
> > } catch (CryptoUnsupportedOperationException e) {
> > // TODO Auto-generated catch block
> > e.printStackTrace();
> > } catch (IOException e) {
> > // TODO Auto-generated catch block
> > e.printStackTrace();
> > }
> > }
>
> > private static String hmacsha1(String key, String message) throws
> > CryptoTokenException,
> > CryptoUnsupportedOperationException, IOException {
> > HMACKey k = new HMACKey(key.getBytes());
> > HMAC hmac = new HMAC(k, new SHA1Digest());
> > hmac.update(message.getBytes());
> > byte[] mac = hmac.getMAC();
> > return Base64OutputStream.encodeAsString(mac, 0, mac.length,
> > false, false);
> > }
>
> > Everything matches the example, but when they sign they get...
>
> > oauth_signature="yUDBrcMMm6ghqBEKCFKVoJPIacU%3D"
>
> > and I get...
>
> > MUYmiobRdoK6s0ZVqo4xQNNO17w=
>
> > Can anyone see anything I am doing wrong?
>
> > Thanks,
> > Kevin
