HI Tom, Thanks for your support. I am using javascript for samsung TV Applicaiton not for normal browser so there is no way to know about keys and secret key.Actually Samsung SDK uses Maple browser and application runs on this browser.
I hope you help me out from this issue. Please find the below code. <html> <head> <script type ="text/Javascript" language="Javascript" src="sha1.js"></script> <script type="text/javascript" charset="utf-8"> /*To authorize on Twitter API through xAuth, you need HMAC-SHA1 I'm using the following lib for that: http://jssha.sourceforge.net Make sure you have sha.js included!Also, you need to email a...@twitter.comto get xAuth access I cannot do that for you - see http://dev.twitter.com/pages/xauth cross-domain XHRs only work on file:// protocol pages use PhoneGap! **** */ var TwitterApiRequest = function() { this.nonce = this.generateNonce(); this.timestamp = this.getUTCtimestamp(); this.postBody = null; this.signature = null; this.signatureBaseString = null; this.consumerSecret="MY consumerSecret "; } TwitterApiRequest.prototype.generateNonce = function () { var nonce = []; var length = 6; // arbitrary - looks like a good length for (length; length > 0; length--) nonce.push((((1+Math.random())*0x10000)|0).toString(16).substring(1)); return nonce.join(""); } // could possibly do without UTC, but here we are TwitterApiRequest.prototype.getUTCtimestamp = function () { //var currentTime = new Date(); //var currentUTCTimeInSecs = Math.floor(Date.parse(currentTime.toUTCString()) / 1000); //return currentUTCTimeInSecs; return (new Date((new Date).toUTCString())).getTime() / 1000; } // don't forget trailing &! //TwitterApiRequest.prototype.consumerSecret = "MY consumerSecret "; TwitterApiRequest.prototype.signatureBaseStringTemplate = "POST&" + "https%3A%2F%2Fapi.twitter.com <http://2fapi.twitter.com/>%2Foauth%2Faccess_token&" + // oauth_path "oauth_consumer_key%3DMY CONSUMER KEY%26" + "oauth_nonce%3D" + "{{ nonce }}" + "%26" + "oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D" + "{{ time }}" + "%26" + "oauth_version%3D1.0%26" + "x_auth_mode%3Dclient_auth%26" + "x_auth_password%3D" + "{{ password }}" + "%26" + "x_auth_username%3D" + "{{ username }}" TwitterApiRequest.prototype.authHeaderTemplate = "OAuth " + "oauth_nonce=\"" + "{{ nonce }}" + "\", " + "oauth_signature_method=\"HMAC-SHA1\", " + "oauth_timestamp=\"" + "{{ time }}" + "\", " + "oauth_consumer_key=\"MY CONSUMER KEY\", " + "oauth_signature=\"" + "{{ signature }}" + "\", " + "oauth_version=\"1.0\""; TwitterApiRequest.prototype.processCredentials = function (user, pw) { this.signatureBaseString = this.signatureBaseStringTemplate .split("{{ nonce }}").join(this.nonce) .split("{{ time }}").join(this.timestamp) .split("{{ password }}").join(encodeURIComponent(pw)) .split("{{ username }}").join(encodeURIComponent(user)); this.postBody = "x_auth_mode=client_auth&" + "x_auth_password=" + encodeURIComponent(pw) + "&" + "x_auth_username=" + encodeURIComponent(user); } TwitterApiRequest.prototype.sign = function () { //var shaObj = new jsSHA(base_string, "ASCII"); //var oauth_signature = shaObj.getHMAC(consumersecret, "ASCII", "B64"); alert("this.signatureBaseString :"+this.signatureBaseString); var hmacGen = new jsSHA(this.signatureBaseString,"ASCII"); this.signature = hmacGen.getHMAC(this.consumerSecret,"ASCII","B64")+"%3D"; this.authHeader = this.authHeaderTemplate .split("{{ nonce }}").join(this.nonce) .split("{{ time }}").join(this.timestamp) .split("{{ signature }}").join(this.signature); } function ajaxrequest() { var authorizeRequest = new TwitterApiRequest(); authorizeRequest.processCredentials("suyambu.vikn...@gmail.com", "simcard00"); authorizeRequest.sign(); var twitterUrl = 'https://api.twitter.com/oauth/access_token?' + authorizeRequest.postBody; var req = new XMLHttpRequest(); alert("this.postBody :" +authorizeRequest.postBody); alert("header :"+authorizeRequest.authHeader); // sync for testing purposes, not required req.open('POST', twitterUrl, false); req.setRequestHeader("Authorization", authorizeRequest.authHeader); req.send(); alert("Response :"+req.responseText); // should be 200 //console.log(req.status); alert("Status :"+req.status); // should look like: // oauth_token=HERE-IS-MY-AWESOME-TOKEN&oauth_token_secret=THIS-IS-MY-TOKEN-SECRET& // user_id=007&screen_name=JamesBond&x_auth_expires=0 //console.log(req.responseText); } </script> </head> <body onLoad="ajaxrequest();"> </body> </html> On Sat, Dec 4, 2010 at 4:35 PM, Tom van der Woerdt <i...@tvdw.eu> wrote: > You really shouldn't implement xAuth in JavaScript for obvious reasons, > like how impossible it is to keep your keys secret. > > Tom > > > > > On 12/4/10 6:19 AM, mahesh wrote: > >> HI Team, >> >> Here i have been getting the following problem. >> >> I can able to post the message to twitter using xAuth Protocol in >> safari >> but i can't from firefox ,samsung tv browser Maple and IE. >> >> I am using javascript xmlhttprequest and sha1 for signature. >> >> Is twitter send response when we request from samsung tv >> maple browser?. >> >> More over when i try to request from samsung tv maple browser >> >> i get following Error. >> >> Status 401 >> Response :Failed to validate oauth signature and token >> >> If i Run Same code in safari working fine can able to post the >> message. >> >> Please help me out what is the issue. >> >> Thanks in Advance. >> >> > -- > Twitter developer documentation and resources: http://dev.twitter.com/doc > API updates via Twitter: http://twitter.com/twitterapi > Issues/Enhancements Tracker: > http://code.google.com/p/twitter-api/issues/list > Change your membership to this group: > http://groups.google.com/group/twitter-development-talk > -- With Regards M A H E S H . . . -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
