Hi Everyone, I've revised the xAuth examples at http://dev.twitter.com/pages/xauth -- you'll find they should have signatures that are easier to reproduce and was confirmed functional at the time of execution.
Thanks for the nudge, Tom. Thanks, Taylor On Mon, Sep 13, 2010 at 11:41 AM, Tom van der Woerdt <i...@tvdw.eu> wrote: > 2010-09-13 20:39:11.190 Test[56513:207] NSData *HMAC: <3146268a 86d17682 > bab34655 aa8e3140 d34ed7bc> > 2010-09-13 20:39:11.191 Test[56513:207] NSString *HMAC64: > MUYmiobRdoK6s0ZVqo4xQNNO17w= > > Looks like you're right :-) > > @episod: You should fix that! :-) > > Tom > > > On 9/13/10 8:23 PM, Nikolay Klimchuk wrote: > > Still no luck > > > > With your code I'm gettings exactly the same result > > MUYmiobRdoK6s0ZVqo4xQNNO17w= > > > > Something really strange in example here > http://dev.twitter.com/pages/xauth > > > > Nikolay Klimchuk > > > > On Sep 13, 7:19 am, Tom van der Woerdt <i...@tvdw.eu> wrote: > >> Oh, hehe, good point. That's because my Base String has one extra > >> urlencoded '&' on the end, and that shouldn't be there. > >> > >> Tom > >> > >> On Mon, 13 Sep 2010 04:18:06 -0700 (PDT), Nikolay Klimchuk > >> > >> > >> > >> <klimc...@gmail.com> wrote: > >>> Thank you Tom > >> > >>> I will try your algorithm and compare results. > >>> Quick question: why you do this [str substringToIndex:[str > >>> length]-3] ? > >> > >>> Nikolay Klimchuk > >> > >>> On Sep 13, 2:46 am, Tom van der Woerdt <i...@tvdw.eu> wrote: > >>>> Hi Nikolay, > >> > >>>> The first part of your code looks fine. You may, however, like to do > >>>> some debugging on the HMAC part - it looks a bit too simple to me. > >> > >>>> This works : > >>>> NSString *compKey = [NSString stringWithFormat:@ > "%@&%@",secret,userSecret]; > >>>> const char *cKey = [compKey > cStringUsingEncoding:NSUTF8StringEncoding]; > >>>> const char *cData = [[str substringToIndex:[str length]-3] > >>>> cStringUsingEncoding:NSUTF8StringEncoding]; > >>>> unsigned char cHMAC[CC_SHA1_DIGEST_LENGTH]; > >>>> CCHmac(kCCHmacAlgSHA1, cKey, strlen(cKey), cData, > strlen(cData), cHMAC); > >>>> NSData *HMAC = [[NSData alloc] initWithBytes:cHMAC > length:sizeof(cHMAC)]; > >>>> (str being the Base String) > >> > >>>> Hope it helps :-) > >> > >>>> Tom > >> > >>>> On 9/13/10 3:02 AM, Nikolay Klimchuk wrote: > >> > >>>>> I'm trying to understand why algorithm for calculation of > >>>>> oauth_signature does not give me the same result as shown here: > >>>>> http://dev.twitter.com/pages/xauth > >> > >>>>> In my case I'm getting signedSK = 'MUYmiobRdoK6s0ZVqo4xQNNO17w=' > >> > >>>>> If I URL encode such result it's still very different from > >>>>> yUDBrcMMm6ghqBEKCFKVoJPIacU%3D > >> > >>>>> I've tried different implementations, all of them give the same > >>>>> result. After few hours of exercises with all this stuff I completely > >>>>> run out of ideas, please help > >> > >>>>> // Test with input data taken from Twitter page > >> > >>>>> NSString *s= @"POST&https%3A%2F%2Fapi.twitter.com%2Foauth > >>>>> %2Faccess_token&oauth_consumer_key%3DsGNxxnqgZRHUt6NunK3uw > >>>>> %26oauth_nonce%3DWLxsobj4rhS2xmCbaAeT4aAkRfx4vSHX4OnYpTE77hA > >>>>> %26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp > >>>>> %3D1276101652%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth > >>>>> %26x_auth_password%3D%2525%2526123%2521aZ%252B > >>>>> %2528%2529456242134%26x_auth_username%3DtpFriendlyGiant"; > >> > >>>>> NSString *k = @"5kEQypKe7lFHnufLtsocB1vAzO07xLFgp2Pc4sp2vk&"; > >> > >>>>> NSString *signedSK = [NetworkManager base64forData:[NetworkManager > >>>>> HMACSHA1withKey:k forString:s]]; > >> > >>>>> // Source code > >> > >>>>> + (NSData *)HMACSHA1withKey:(NSString *)key forString:(NSString > >>>>> *)string > >>>>> { > >>>>> NSData *clearTextData = [string > >>>>> dataUsingEncoding:NSUTF8StringEncoding]; > >>>>> NSData *keyData = [key dataUsingEncoding:NSUTF8StringEncoding]; > >> > >>>>> uint8_t digest[CC_SHA1_DIGEST_LENGTH] = {0}; > >> > >>>>> CCHmacContext hmacContext; > >>>>> CCHmacInit(&hmacContext, kCCHmacAlgSHA1, keyData.bytes, > >>>>> keyData.length); > >>>>> CCHmacUpdate(&hmacContext, clearTextData.bytes, > >>>>> clearTextData.length); > >>>>> CCHmacFinal(&hmacContext, digest); > >> > >>>>> return [NSData dataWithBytes:digest length:CC_SHA1_DIGEST_LENGTH]; > >>>>> } > >> > >>>>> //Sourcehttp://www.cocoadev.com/index.pl?BaseSixtyFour > >> > >>>>> + (NSString *)base64forData:(NSData *)data > >>>>> { > >>>>> static const char encodingTable[] = > >>>>> "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; > >> > >>>>> if ([data length] == 0) > >>>>> return @""; > >> > >>>>> char *characters = malloc((([data length] + 2) / 3) * 4); > >>>>> if (characters == NULL) > >>>>> return nil; > >>>>> NSUInteger length = 0; > >> > >>>>> NSUInteger i = 0; > >>>>> while (i < [data length]) > >>>>> { > >>>>> char buffer[3] = {0,0,0}; > >>>>> short bufferLength = 0; > >>>>> while (bufferLength < 3 && i < [data length]) > >>>>> buffer[bufferLength++] = ((char *)[data > bytes])[i++]; > >> > >>>>> // Encode the bytes in the buffer to four characters, > >>>>> including padding "=" characters if necessary. > >>>>> characters[length++] = encodingTable[(buffer[0] & 0xFC) >> > 2]; > >>>>> characters[length++] = encodingTable[((buffer[0] & 0x03) << > 4) > >>>>> | ((buffer[1] & 0xF0) >> 4)]; > >>>>> if (bufferLength > 1) > >>>>> characters[length++] = encodingTable[((buffer[1] & > 0x0F) << 2) | > >>>>> ((buffer[2] & 0xC0) >> 6)]; > >>>>> else characters[length++] = '='; > >>>>> if (bufferLength > 2) > >>>>> characters[length++] = encodingTable[buffer[2] & > 0x3F]; > >>>>> else characters[length++] = '='; > >>>>> } > >> > >>>>> return [[[NSString alloc] initWithBytesNoCopy:characters > >>>>> length:length encoding:NSASCIIStringEncoding freeWhenDone:YES] > >>>>> autorelease]; > >>>>> } > > > > -- > Twitter developer documentation and resources: http://dev.twitter.com/doc > API updates via Twitter: http://twitter.com/twitterapi > Issues/Enhancements Tracker: > http://code.google.com/p/twitter-api/issues/list > Change your membership to this group: > http://groups.google.com/group/twitter-development-talk?hl=en > -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
