401 response Twitter reverse auth -


here authorization header use:

authorization = "oauth oauth_consumer_key=\"2d9rld8lu23hrchrh4vmbkq6azkhyi2yy2oeuoeutcfmdas\", oauth_nonce=\"-486353546\", oauth_signature="x3ndgnjmbtuaicbre9c44n8mfd4%3d", oauth_signature_method=\"hmac-sha1\", oauth_timestamp=\"137663828056\", oauth_version=\"1.0\", x_auth_mode=\"reverse_auth\"";

here's base string use:

https://api.twitter.com/oauth/access_token

here's twitter documentation i'm working from:

step 1: obtain special request token

first, make https request twitter request token url https://api.twitter.com/oauth/request_token application's consumer key. in addition conventional oauth_* signing parameters, must include x_auth_mode set value reverse_auth.

as example, consider request following values signed token secret ydc2yubfascbslyko0pmrmjxfelrasi3q2hftolgxqm:

the tokens used here demonstration purposes only, , not work you.

oauth_consumer_key jp3pyvg67rxrsnayojocq oauth_nonce 1b7d865d-9e15-4add-8165-ef90d7a7d3d2 oauth_signature_method hmac-sha1 oauth_timestamp 1322697052 oauth_version 1.0 x_auth_mode reverse_auth these parameters should result in signature base string looks this:

post&https%3a%2f%2fapi.twitter.com%2foauth%2frequest_token&oauth_consumer_key%3djp3pyvg67rxrsnayojocq%26oauth_nonce%3d1b7d865d-9e15-4add-8165-ef90d7a7d3d2%26oauth_signature_method%3dhmac-sha1%26oauth_timestamp%3d1322697052%26oauth_version%3d1.0%26x_auth_mode%3dreverse_auth call should result in response looks this. notice response looks oauth header.

(line wrapping added clarity):

oauth oauth_nonce="xq2maktilfhvtc1msxvc4cqijld53o6w97ymrdogsk8", oauth_signature_method="hmac-sha1", oauth_timestamp="1322697052", oauth_consumer_key="jp3pyvg67rxrsnayojocq", oauth_token="5mgku82w0pta0dlgsia5vfk6c08i8dxzrblnx06vl38", oauth_signature="aom%2fww2kaowaehbrvw7fah245p0%3d", oauth_version="1.0"

edit: still 401. used following code generate oauth_signature, authorization header looks this: oauth oauth_timestamp="1376639141", oauth_nonce="bb2d2634f3-99a5-4b64-8cb34e-2314ce9e4fd7", oauth_version="1.0", oauth_consumer_key="mrcd8lusnkjkfachkhyi2yy2qwh5tcfmdas", oauth_signature_method="hmac-sha1", oauth_signature="moer8h7xzluadoaaafzpv6n4noeu%3d"

nsstring *oauthorizationheader(nsurl *url, nsstring *method, nsdata *body, nsstring *_oauthconsumerkey, nsstring *_oauthconsumersecret, nsstring *_oauthtoken, nsstring *_oauthtokensecret) {     nsstring *_oauthnonce = [nsstring ab_guid];     nsstring *_oauthtimestamp = [nsstring stringwithformat:@"%d", (int)[[nsdate date] timeintervalsince1970]];     nsstring *_oauthsignaturemethod = @"hmac-sha1";     nsstring *_oauthversion = @"1.0";      nsmutabledictionary *oauthauthorizationparameters = [nsmutabledictionary dictionary];     oauthauthorizationparameters[@"oauth_nonce"] = _oauthnonce;     oauthauthorizationparameters[@"oauth_timestamp"] = _oauthtimestamp;     oauthauthorizationparameters[@"oauth_signature_method"] = _oauthsignaturemethod;     oauthauthorizationparameters[@"oauth_version"] = _oauthversion;     oauthauthorizationparameters[@"oauth_consumer_key"] = _oauthconsumerkey;     if(_oauthtoken)         oauthauthorizationparameters[@"oauth_token"] = _oauthtoken;      // query , body parameters     nsdictionary *additionalqueryparameters = [nsurl ab_parseurlquerystring:[url query]];     nsdictionary *additionalbodyparameters = nil;     if(body) {         nsstring *string = [[[nsstring alloc] initwithdata:body encoding:nsutf8stringencoding] autorelease];         if(string) {             additionalbodyparameters = [nsurl ab_parseurlquerystring:string];         }     }      // combine parameters     nsmutabledictionary *parameters = [[oauthauthorizationparameters mutablecopy] autorelease];     if(additionalqueryparameters) [parameters addentriesfromdictionary:additionalqueryparameters];     if(additionalbodyparameters) [parameters addentriesfromdictionary:additionalbodyparameters];      // -> utf-8 -> rfc3986     nsmutabledictionary *encodedparameters = [nsmutabledictionary dictionary];     for(nsstring *key in parameters) {         nsstring *value = parameters[key];         encodedparameters[[key ab_rfc3986encodedstring]] = [value ab_rfc3986encodedstring];     }      nsarray *sortedkeys = [[encodedparameters allkeys] sortedarrayusingfunction:sortparameter context:encodedparameters];      nsmutablearray *parameterarray = [nsmutablearray array];     for(nsstring *key in sortedkeys) {         [parameterarray addobject:[nsstring stringwithformat:@"%@=%@", key, encodedparameters[key]]];     }     nsstring *normalizedparameterstring = [parameterarray componentsjoinedbystring:@"&"];      nsstring *normalizedurlstring = [nsstring stringwithformat:@"%@://%@%@", [url scheme], [url host], [url path]];      nsstring *signaturebasestring = [nsstring stringwithformat:@"%@&%@&%@",                                      [method ab_rfc3986encodedstring],                                      [normalizedurlstring ab_rfc3986encodedstring],                                      [normalizedparameterstring ab_rfc3986encodedstring]];      nsstring *key = [nsstring stringwithformat:@"%@&%@",                      [_oauthconsumersecret ab_rfc3986encodedstring],                      (_oauthtokensecret) ? [_oauthtokensecret ab_rfc3986encodedstring] : @""];      nsdata *signature = hmac_sha1(signaturebasestring, key);     nsstring *base64signature = [signature base64encodedstring];      nsmutabledictionary *authorizationheaderdictionary = [[oauthauthorizationparameters mutablecopy] autorelease];     authorizationheaderdictionary[@"oauth_signature"] = base64signature;      nsmutablearray *authorizationheaderitems = [nsmutablearray array];     for(nsstring *key in authorizationheaderdictionary) {         nsstring *value = authorizationheaderdictionary[key];         [authorizationheaderitems addobject:[nsstring stringwithformat:@"%@=\"%@\"",                                              [key ab_rfc3986encodedstring],                                              [value ab_rfc3986encodedstring]]];     }      nsstring *authorizationheaderstring = [authorizationheaderitems componentsjoinedbystring:@", "];      authorizationheaderstring = [nsstring stringwithformat:@"oauth %@", authorizationheaderstring];      return authorizationheaderstring; }

the parameters pass in method url: https://api.twitter.com/oauth/request_token, method: post, body: nil, oauthconsumertoken: key, oauthconsumersecret: secret, oauthtoken:nil,oauthtokensecret:nil.

edit tried oauth test console verify i'm generating oauth signature, appears need member's token , secret:

enter image description here

you haven't included oauth_signature in authorization header.


Comments

Post a Comment

Popular posts from this blog

c# - Send Image in Json : 400 Bad request -

from android trying send image class of data, iis webservice. (c#) the problem 400 bad request . the image being encoded base64 . , placed json rest of class elements. my guess base64 not valid inside json. server not understand it. if set string "" , post accepted fine. so question is, how make base64 valid within json array? ( tried url.encode no success). or how should send image android webservice? gson gson = new gson(); string json = gson.tojson(record); // record has param { string base64photo } how big image? i'm pretty sure surpassing iis json size limit (default 4 mb). check http://geekswithblogs.net/frankw/archive/2008/08/05/how-to-configure-maxjsonlength-in-asp.net-ajax-applications.aspx or http://www.webtrenches.com/post.cfm/iis7-file-upload-size-limits good luck!
Read more

jquery - Fancybox - apply a function to several elements -

this source code below posted cristiano g. carvalho in answer question: calling fancybox gallery other link made user. <div class="details_gallery"> <a href="#" class="manualfancybox">manual call fancybox</a> <div class="details_gallery_min"> <a rel="details" href="max/1.jpg" class="fancybox"><img src="min/1.jpg" alt="" /></a> <a rel="details" href="max/2.jpg" class="fancybox"><img src="min/2.jpg" alt="" /></a> <a rel="details" href="max/3.jpg" class="fancybox"><img src="min/3.jpg" alt="" /></a> <a rel="details" href="max/4.jpg" class="fancybox"><img src="min/4.jpg" alt="" /></a> </div> </div> <script> $(document).read
Read more

An easy way to program an Android keyboard layout app -

i program android app replaces standard keyboard 1 one-hand optimized coffee++ keyboard layout. what special problems have face in progress? guess such project go deep android core, cause keyboard such essential thing. is wise start android developer tools (adt)—eclipse plugin described in this tutorial ? or there better way achieve goal? i new android programming, firm in php, mysql , javascript , use eclipse php i guess such project go deep android core, cause keyboard such essential thing. no. can create inputmethodservice implementation of keyboard. there sample soft keyboard in android sdk installation (if chose download sample code sdk manager), , there open source input methods floating around well, such hacker's keyboard. inputmethodservice distributed part of ordinary android application, , user can elect activate input method if user chooses. is wise start android developer tools (adt)—eclipse plugin described in tutorial? that fine s
Read more