Hello Tom, unfortunately, it still doesn´t work. When my basestring does not include x_auth_password and x_auth_username I don´t get an successfull response?
Now I am doing it as it is described in the documentation on http://dev.twitter.com/pages/xauth. I get an successfull Response with following parameter: oauth_token=1177....&oauth_token_secret=WfLZlea.......&user_id=myID6&screen_name=myName&x_auth_expires=0 Now, I will get the Friends Timeline with the URL http://api.twitter.com/1/statuses/friends_timeline.xml and the following GET-Parameter: oauth_consumer_key, oauth_signature, oauth_token, oauth_consumer_key and oauth_token_secret When I send the request with this parameters, it will open a new window, where should I enter my user data. After this, I get an error response with following message: <?xml version="1.0" encoding="UTF-8"?> <hash> <request>/1/statuses/friends_timeline.xml? oauth_consumer_key=iTAqwZGGBLrC95j9N7VJA&oauth_nonce=41A58B82-45EA- D3DC- B770-3336247590DF&oauth_signature=Qze584pBZdLVX2OiPAdk7rLwOjE=&oauth_signature_method=HMAC- SHA1&oauth_timestamp=1285054407&oauth_token=17312344- qoIC5BRaaMw63fnP5fCZf8rfTJ73uqIPjjXLtvlJY&oauth_version=1.0&x_auth_mode=client_auth&x_auth_password=infoMantis&x_auth_username=Matapolo</ request> <error>Incorrect signature</error> </hash> Can you tell me, what is wrong on my request? On 20 Sep., 20:43, andy <andreas-wilkeme...@andreazw.de> wrote: > OK, tomorrow I will try it again. > > Thaks > Andreas > > On 20 Sep., 20:37, Tom van der Woerdt <i...@tvdw.eu> wrote: > > > Thanks, I know how xAuth works. ;-) This isn't xAuth though. > > > The Base String consists of all parameters you send to Twitter. You > > aren't sending x_auth_username/x_auth_password (nor should you) so it > > shouldn't be in the Base String. > > > You may be confused between xAuth and OAuth here: xAuth is simply an > > extension to OAuth, so that Desktop applications can easily exchange > > usernames/passwords for credentials. However, a call to any other > > endpoint than access_token is not at all related to xAuth, so you should > > not be sending the username and/or password. That's what credentials are > > for :-) > > > Tom > > > On 9/20/10 8:35 PM, andy wrote: > > > > I use xauth, so I can log in directly from my application for Twitter. > > > For pure OAuth it l ft an extra URL on Twitter and you get a pin code > > > with which I return to my application needs. > > > > The xauth-i parameter to give, as it is described in the Twitter > > > documentation. > > > > Would in my GET request, the parameters are passed with xauth? > > > > On 20 Sep., 20:23, Tom van der Woerdt <i...@tvdw.eu> wrote: > > >> No, that's no problem. > > > >> What I *did* just notice is that the parameters in your Base String > > >> don't match the parameters in your GET. Why are you sending x_auth_*? > > > >> Tom > > > >> On 9/20/10 8:21 PM, andy wrote: > > > >>> Thank you for the quick help, I've just seen that the parameters > > >>> since_id, since_date, max_id, count, page I have not supplied. > > >>> Can there be a problem because in the absence of these? > > > >>> On 20 Sep., 20:10, Tom van der Woerdt <i...@tvdw.eu> wrote: > > >>>> Yes, OAuth is the authentication layer. If you are asked for a > > >>>> password, > > >>>> just click cancel (but really, it shouldn't ask you for one). > > > >>>> Tom > > > >>>> On 9/20/10 8:07 PM, andy wrote: > > > >>>>> Hello Tom, > > > >>>>> I get an successfull response with the oauthToken, oauthSecret, > > >>>>> userId, Screenname. > > > >>>>> My basestring to generate my signature ist this: > > >>>>> POST&https%3A%2F%2Fapi.twitter.com%2Foauth > > >>>>> %2Faccess_token&oauth_consumer_key%3D...myKey...%26oauth_nonce > > >>>>> %3D4093828128%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp > > >>>>> %3D1284991785%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth > > >>>>> %26x_auth_password%3D...myTwitterPassword....%26x_auth_username > > >>>>> %3D...myTwitterUserName... > > > >>>>> When I send a request with GET-Parameter it will open a Window, where > > >>>>> should I enter my user data. After this I will get following XML-Code: > > > >>>>> <hash> > > >>>>> - > > >>>>> <request> > > >>>>> /1/statuses/home_timeline.xml? > > >>>>> oauth_timestamp=1284991785&oauth_token=..myOauthToken..&oauth_consumer_key=...myConsumer_Key...&oauth_signature_method=HMAC- > > >>>>> SHA1&oauth_version=1.0& > > >>>>> oauth_nonce=0EEC37AC-3B39-9DC5-4316-2F7A999B057B&oauth_signature=..myGeneratedSignanture > > >>>>> </request> > > >>>>> <error>Could not authenticate you.</error> > > >>>>> </hash> > > > >>>>> The Signantur is indeed meant to be autentifizieren the user, or not? -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en