Hey Chrys, Agreed. The authentication header doesn't have to be in order but as said previously, it helps with debugging.
It is really strange that the response body is empty. It maybe easier if you email me the full request headers, with response headers and content so I can debug further. For security it'll be easier if you email me that directly. Best, @themattharris Developer Advocate, Twitter http://twitter.com/themattharris On Fri, Nov 19, 2010 at 12:20 PM, Chrys Bader <chr...@gmail.com> wrote: > Also, the example here shows that the Auth header and the base string > aren't in the same order: > > http://dev.twitter.com/pages/xauth > > On Nov 19, 11:04 am, Matt Harris <thematthar...@twitter.com> wrote: > > Hey Chrys, > > > > The order of the parameters in the base string matter and they should be > in > > lexicollexicographical order. For ease of debugging and to remove any > > ambiguity it would be better to have the authorization header use the > same > > order too. > > > > Can you tell me what the body content of the 401 error is? > > > > Best, > > @themattharris > > Developer Advocate, Twitterhttp://twitter.com/themattharris > > > > > > > > > > > > > > > > On Thu, Nov 18, 2010 at 6:55 PM, Chrys Bader <chr...@gmail.com> wrote: > > > Does the order of the params in either the Authorization or Base > > > string matter? > > > > > Here are my Request Headers: > > > > > Authorization = "OAuth oauth_timestamp=\"1290134876\", oauth_nonce= > > > \"D3EC42D2-A37F-4298-987D-0F9603B0C9C7\", oauth_version=\"1.0\", > > > oauth_consumer_key=\"xxx\", oauth_signature_method=\"HMAC-SHA1\", > > > oauth_signature=\"MOWT%2BaSs35RhzvRRMVxRG0Y5p0E%3D\""; > > > "Content-Length" = 71; > > > "Content-Type" = "application/x-www-form-urlencoded; > > > charset=utf-8"; > > > > > Here is my actual base string: > > > > > POST&https%3A%2F%2Fapi.twitter.com%2Foauth > > > %2Faccess_token&oauth_consumer_key%3Dxxx%26oauth_nonce%3DD3EC42D2- > > > A37F-4298-987D-0F9603B0C9C7%26oauth_signature_method%3DHMAC- > > > SHA1%26oauth_timestamp%3D1290134876%26oauth_version%3D1.0%26x_auth_mode > > > %3Dclient_auth%26x_auth_password%3Dxxx%26x_auth_username%3Dchrysb > > > > > On Nov 18, 6:47 pm, Chrys Bader <chr...@gmail.com> wrote: > > > > Yes I compared the UTC timestamp that my phone is generating with the > > > > actual UTC timestamp, and they were the same. > > > > > > Is there anything else I can show you for more information? > > > > > > No matter what, I just keep getting a 401 response from Twitter. > > > > > > On Nov 18, 6:41 pm, Matt Harris <thematthar...@twitter.com> wrote: > > > > > > > OK, but is the UTC timestamp actually accurate? we've heard of a > number > > > of > > > > > phones whose date/time are wildly wrong. It maybe find but it's > quite > > > > > common. > > > > > > > Your content-type is fine. > > > > > Matt > > > > > > > On Thu, Nov 18, 2010 at 6:03 PM, Chrys Bader <chr...@gmail.com> > wrote: > > > > > > Ok, I looked into it. According to the iPhone SDK documentation, > I > > > am > > > > > > indeed sending the UTC (GMT) timestamp. > > > > > > > > Still not sure what else could be wrong? > > > > > > > > Is this the right Content-Type? > > > > > > > > "Content-Type" = "application/x-www-form-urlencoded; > charset=utf-8"; > > > > > > > > On Nov 18, 5:53 pm, themattharris <thematthar...@twitter.com> > wrote: > > > > > > > Hey Chrys, > > > > > > > > > A couple of things to check first: > > > > > > > > > 1. Have you been granted xAuth access? > > > > > > > 2. Double check the timestamp of your request is within 10 or > so > > > > > > > minutes of the time returned by Twitter's servers. Our server > time > > > is > > > > > > > in UTC. > > > > > > > 3. Verify your encoding is correct. For example: a password > like > > > ab$ > > > > > > > %&123 should be in your basestring as ab%2524%2525%2526123 and > in > > > your > > > > > > > post body as ab%24%25%26123. > > > > > > > > > Best, > > > > > > > Matt > > > > > > > > > On Nov 18, 5:31 pm, Chrys Bader <chr...@gmail.com> wrote: > > > > > > > > > > *bump* > > > > > > > > > > I've run my base string through an oAuth verifier ( > > >http://quonos.nl/ > > > > > > > > oauthTester/), and it all checks out! > > > > > > > > > > Any ideas? > > > > > > > > > > On Oct 27, 4:50 pm, Chrys Bader <chr...@gmail.com> wrote: > > > > > > > > > > > Hey all, > > > > > > > > > > > This is my first post in this group, hi! > > > > > > > > > > > I am having trouble making a request onhttps:// > > > > > > api.twitter.com/oauth/access_token. > > > > > > > > > I've been at this for 2 days and I can't make any progress. > I > > > feel > > > > > > > > > like everything matches up with all examples, > documentation, > > > and > > > > > > other > > > > > > > > > forum posts perfectly. > > > > > > > > > > > Here is my post body: > > > > > > > > > > > x_auth_username=oauth_test_exec&x_auth_password=twitter- > > > > > > > > > xauth&x_auth_mode=client_auth > > > > > > > > > > > Here is my base string (using the example's test > credentials): > > > > > > > > > > > POST&https%3A%2F%2Fapi.twitter.com%2Foauth > > > > > > > > > %2Faccess_token&oauth_consumer_key%3DJvyS7DO2qd6NNTsXJ4E7zA > > > > > > > > > %26oauth_nonce%3DE0E37C06-F12A-407B-8D80-20C78FF6183A > > > > > > > > > %26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp > > > > > > > > > > %3D1288223176%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth > > > > > %26x_auth_password%3Dtwitter-xauth%26x_auth_username%3Doauth_test_exec > > > > > > > > > > > Here is my Authorization header: > > > > > > > > > > > OAuth oauth_timestamp="1288223176", oauth_nonce="E0E37C06- > > > > > > > > > F12A-407B-8D80-20C78FF6183A", oauth_version="1.0", > > > > > > > > > oauth_consumer_key="JvyS7DO2qd6NNTsXJ4E7zA", > > > > > > > > > oauth_signature_method="HMAC-SHA1", > > > oauth_signature="IwPFrvb0PExyS > > > > > > > > > %2F2QQvtbelsWk48%3D" > > > > > > > > -- > > > > > > Twitter developer documentation and resources: > > >http://dev.twitter.com/doc > > > > > > API updates via Twitter:http://twitter.com/twitterapi > > > > > > Issues/Enhancements Tracker: > > > > > >http://code.google.com/p/twitter-api/issues/list > > > > > > Change your membership to this group: > > > > > >http://groups.google.com/group/twitter-development-talk > > > > > -- > > > Twitter developer documentation and resources: > http://dev.twitter.com/doc > > > API updates via Twitter:http://twitter.com/twitterapi > > > Issues/Enhancements Tracker: > > >http://code.google.com/p/twitter-api/issues/list > > > Change your membership to this group: > > >http://groups.google.com/group/twitter-development-talk > > -- > Twitter developer documentation and resources: http://dev.twitter.com/doc > API updates via Twitter: http://twitter.com/twitterapi > Issues/Enhancements Tracker: > http://code.google.com/p/twitter-api/issues/list > Change your membership to this group: > http://groups.google.com/group/twitter-development-talk > -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
