Hey Chrys, The order of the parameters in the base string matter and they should be in lexicollexicographical order. For ease of debugging and to remove any ambiguity it would be better to have the authorization header use the same order too.
Can you tell me what the body content of the 401 error is? Best, @themattharris Developer Advocate, Twitter http://twitter.com/themattharris On Thu, Nov 18, 2010 at 6:55 PM, Chrys Bader <chr...@gmail.com> wrote: > Does the order of the params in either the Authorization or Base > string matter? > > Here are my Request Headers: > > Authorization = "OAuth oauth_timestamp=\"1290134876\", oauth_nonce= > \"D3EC42D2-A37F-4298-987D-0F9603B0C9C7\", oauth_version=\"1.0\", > oauth_consumer_key=\"xxx\", oauth_signature_method=\"HMAC-SHA1\", > oauth_signature=\"MOWT%2BaSs35RhzvRRMVxRG0Y5p0E%3D\""; > "Content-Length" = 71; > "Content-Type" = "application/x-www-form-urlencoded; > charset=utf-8"; > > Here is my actual base string: > > POST&https%3A%2F%2Fapi.twitter.com%2Foauth > %2Faccess_token&oauth_consumer_key%3Dxxx%26oauth_nonce%3DD3EC42D2- > A37F-4298-987D-0F9603B0C9C7%26oauth_signature_method%3DHMAC- > SHA1%26oauth_timestamp%3D1290134876%26oauth_version%3D1.0%26x_auth_mode > %3Dclient_auth%26x_auth_password%3Dxxx%26x_auth_username%3Dchrysb > > On Nov 18, 6:47 pm, Chrys Bader <chr...@gmail.com> wrote: > > Yes I compared the UTC timestamp that my phone is generating with the > > actual UTC timestamp, and they were the same. > > > > Is there anything else I can show you for more information? > > > > No matter what, I just keep getting a 401 response from Twitter. > > > > On Nov 18, 6:41 pm, Matt Harris <thematthar...@twitter.com> wrote: > > > > > > > > > > > > > > > > > OK, but is the UTC timestamp actually accurate? we've heard of a number > of > > > phones whose date/time are wildly wrong. It maybe find but it's quite > > > common. > > > > > Your content-type is fine. > > > Matt > > > > > On Thu, Nov 18, 2010 at 6:03 PM, Chrys Bader <chr...@gmail.com> wrote: > > > > Ok, I looked into it. According to the iPhone SDK documentation, I > am > > > > indeed sending the UTC (GMT) timestamp. > > > > > > Still not sure what else could be wrong? > > > > > > Is this the right Content-Type? > > > > > > "Content-Type" = "application/x-www-form-urlencoded; charset=utf-8"; > > > > > > On Nov 18, 5:53 pm, themattharris <thematthar...@twitter.com> wrote: > > > > > Hey Chrys, > > > > > > > A couple of things to check first: > > > > > > > 1. Have you been granted xAuth access? > > > > > 2. Double check the timestamp of your request is within 10 or so > > > > > minutes of the time returned by Twitter's servers. Our server time > is > > > > > in UTC. > > > > > 3. Verify your encoding is correct. For example: a password like > ab$ > > > > > %&123 should be in your basestring as ab%2524%2525%2526123 and in > your > > > > > post body as ab%24%25%26123. > > > > > > > Best, > > > > > Matt > > > > > > > On Nov 18, 5:31 pm, Chrys Bader <chr...@gmail.com> wrote: > > > > > > > > *bump* > > > > > > > > I've run my base string through an oAuth verifier ( > http://quonos.nl/ > > > > > > oauthTester/), and it all checks out! > > > > > > > > Any ideas? > > > > > > > > On Oct 27, 4:50 pm, Chrys Bader <chr...@gmail.com> wrote: > > > > > > > > > Hey all, > > > > > > > > > This is my first post in this group, hi! > > > > > > > > > I am having trouble making a request onhttps:// > > > > api.twitter.com/oauth/access_token. > > > > > > > I've been at this for 2 days and I can't make any progress. I > feel > > > > > > > like everything matches up with all examples, documentation, > and > > > > other > > > > > > > forum posts perfectly. > > > > > > > > > Here is my post body: > > > > > > > > > x_auth_username=oauth_test_exec&x_auth_password=twitter- > > > > > > > xauth&x_auth_mode=client_auth > > > > > > > > > Here is my base string (using the example's test credentials): > > > > > > > > > POST&https%3A%2F%2Fapi.twitter.com%2Foauth > > > > > > > %2Faccess_token&oauth_consumer_key%3DJvyS7DO2qd6NNTsXJ4E7zA > > > > > > > %26oauth_nonce%3DE0E37C06-F12A-407B-8D80-20C78FF6183A > > > > > > > %26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp > > > > > > > %3D1288223176%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth > > > > > > > %26x_auth_password%3Dtwitter-xauth%26x_auth_username%3Doauth_test_exec > > > > > > > > > Here is my Authorization header: > > > > > > > > > OAuth oauth_timestamp="1288223176", oauth_nonce="E0E37C06- > > > > > > > F12A-407B-8D80-20C78FF6183A", oauth_version="1.0", > > > > > > > oauth_consumer_key="JvyS7DO2qd6NNTsXJ4E7zA", > > > > > > > oauth_signature_method="HMAC-SHA1", > oauth_signature="IwPFrvb0PExyS > > > > > > > %2F2QQvtbelsWk48%3D" > > > > > > -- > > > > Twitter developer documentation and resources: > http://dev.twitter.com/doc > > > > API updates via Twitter:http://twitter.com/twitterapi > > > > Issues/Enhancements Tracker: > > > >http://code.google.com/p/twitter-api/issues/list > > > > Change your membership to this group: > > > >http://groups.google.com/group/twitter-development-talk > > -- > Twitter developer documentation and resources: http://dev.twitter.com/doc > API updates via Twitter: http://twitter.com/twitterapi > Issues/Enhancements Tracker: > http://code.google.com/p/twitter-api/issues/list > Change your membership to this group: > http://groups.google.com/group/twitter-development-talk > -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
