Hey Matt, I am using Loren Brichter's OAuthCore library to create the Authorization header... so I imagine he did it correctly.
The body content of the 401 is empty. Content-Length: 0 On Nov 19, 11:04 am, Matt Harris <thematthar...@twitter.com> wrote: > Hey Chrys, > > The order of the parameters in the base string matter and they should be in > lexicollexicographical order. For ease of debugging and to remove any > ambiguity it would be better to have the authorization header use the same > order too. > > Can you tell me what the body content of the 401 error is? > > Best, > @themattharris > Developer Advocate, Twitterhttp://twitter.com/themattharris > > > > > > > > On Thu, Nov 18, 2010 at 6:55 PM, Chrys Bader <chr...@gmail.com> wrote: > > Does the order of the params in either the Authorization or Base > > string matter? > > > Here are my Request Headers: > > > Authorization = "OAuth oauth_timestamp=\"1290134876\", oauth_nonce= > > \"D3EC42D2-A37F-4298-987D-0F9603B0C9C7\", oauth_version=\"1.0\", > > oauth_consumer_key=\"xxx\", oauth_signature_method=\"HMAC-SHA1\", > > oauth_signature=\"MOWT%2BaSs35RhzvRRMVxRG0Y5p0E%3D\""; > > "Content-Length" = 71; > > "Content-Type" = "application/x-www-form-urlencoded; > > charset=utf-8"; > > > Here is my actual base string: > > > POST&https%3A%2F%2Fapi.twitter.com%2Foauth > > %2Faccess_token&oauth_consumer_key%3Dxxx%26oauth_nonce%3DD3EC42D2- > > A37F-4298-987D-0F9603B0C9C7%26oauth_signature_method%3DHMAC- > > SHA1%26oauth_timestamp%3D1290134876%26oauth_version%3D1.0%26x_auth_mode > > %3Dclient_auth%26x_auth_password%3Dxxx%26x_auth_username%3Dchrysb > > > On Nov 18, 6:47 pm, Chrys Bader <chr...@gmail.com> wrote: > > > Yes I compared the UTC timestamp that my phone is generating with the > > > actual UTC timestamp, and they were the same. > > > > Is there anything else I can show you for more information? > > > > No matter what, I just keep getting a 401 response from Twitter. > > > > On Nov 18, 6:41 pm, Matt Harris <thematthar...@twitter.com> wrote: > > > > > OK, but is the UTC timestamp actually accurate? we've heard of a number > > of > > > > phones whose date/time are wildly wrong. It maybe find but it's quite > > > > common. > > > > > Your content-type is fine. > > > > Matt > > > > > On Thu, Nov 18, 2010 at 6:03 PM, Chrys Bader <chr...@gmail.com> wrote: > > > > > Ok, I looked into it. According to the iPhone SDK documentation, I > > am > > > > > indeed sending the UTC (GMT) timestamp. > > > > > > Still not sure what else could be wrong? > > > > > > Is this the right Content-Type? > > > > > > "Content-Type" = "application/x-www-form-urlencoded; charset=utf-8"; > > > > > > On Nov 18, 5:53 pm, themattharris <thematthar...@twitter.com> wrote: > > > > > > Hey Chrys, > > > > > > > A couple of things to check first: > > > > > > > 1. Have you been granted xAuth access? > > > > > > 2. Double check the timestamp of your request is within 10 or so > > > > > > minutes of the time returned by Twitter's servers. Our server time > > is > > > > > > in UTC. > > > > > > 3. Verify your encoding is correct. For example: a password like > > ab$ > > > > > > %&123 should be in your basestring as ab%2524%2525%2526123 and in > > your > > > > > > post body as ab%24%25%26123. > > > > > > > Best, > > > > > > Matt > > > > > > > On Nov 18, 5:31 pm, Chrys Bader <chr...@gmail.com> wrote: > > > > > > > > *bump* > > > > > > > > I've run my base string through an oAuth verifier ( > >http://quonos.nl/ > > > > > > > oauthTester/), and it all checks out! > > > > > > > > Any ideas? > > > > > > > > On Oct 27, 4:50 pm, Chrys Bader <chr...@gmail.com> wrote: > > > > > > > > > Hey all, > > > > > > > > > This is my first post in this group, hi! > > > > > > > > > I am having trouble making a request onhttps:// > > > > > api.twitter.com/oauth/access_token. > > > > > > > > I've been at this for 2 days and I can't make any progress. I > > feel > > > > > > > > like everything matches up with all examples, documentation, > > and > > > > > other > > > > > > > > forum posts perfectly. > > > > > > > > > Here is my post body: > > > > > > > > > x_auth_username=oauth_test_exec&x_auth_password=twitter- > > > > > > > > xauth&x_auth_mode=client_auth > > > > > > > > > Here is my base string (using the example's test credentials): > > > > > > > > > POST&https%3A%2F%2Fapi.twitter.com%2Foauth > > > > > > > > %2Faccess_token&oauth_consumer_key%3DJvyS7DO2qd6NNTsXJ4E7zA > > > > > > > > %26oauth_nonce%3DE0E37C06-F12A-407B-8D80-20C78FF6183A > > > > > > > > %26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp > > > > > > > > %3D1288223176%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth > > > %26x_auth_password%3Dtwitter-xauth%26x_auth_username%3Doauth_test_exec > > > > > > > > > Here is my Authorization header: > > > > > > > > > OAuth oauth_timestamp="1288223176", oauth_nonce="E0E37C06- > > > > > > > > F12A-407B-8D80-20C78FF6183A", oauth_version="1.0", > > > > > > > > oauth_consumer_key="JvyS7DO2qd6NNTsXJ4E7zA", > > > > > > > > oauth_signature_method="HMAC-SHA1", > > oauth_signature="IwPFrvb0PExyS > > > > > > > > %2F2QQvtbelsWk48%3D" > > > > > > -- > > > > > Twitter developer documentation and resources: > >http://dev.twitter.com/doc > > > > > API updates via Twitter:http://twitter.com/twitterapi > > > > > Issues/Enhancements Tracker: > > > > >http://code.google.com/p/twitter-api/issues/list > > > > > Change your membership to this group: > > > > >http://groups.google.com/group/twitter-development-talk > > > -- > > Twitter developer documentation and resources:http://dev.twitter.com/doc > > API updates via Twitter:http://twitter.com/twitterapi > > Issues/Enhancements Tracker: > >http://code.google.com/p/twitter-api/issues/list > > Change your membership to this group: > >http://groups.google.com/group/twitter-development-talk -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk