Databases
StackOverflow2013
Postsdbo
PO"Failed to validate oauth signature and token" when acquiring a request_token from Twitter OAuth1.0a
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO"Failed to validate oauth signature and token" when acquiring a request_token from Twitter OAuth1.0a
    primarykey
    data
    text
    <p>Good day, I am writing an iOS app that needs to authenticate with Twitter. When I POST a request to <a href="https://api.twitter.com/oauth/request_token" rel="nofollow">https://api.twitter.com/oauth/request_token</a> I get a 401 error with the message "Failed to validate oauth signature and token".</p> <p>Here is an example of a base string I generated:</p> <pre><code>POST&amp;https%3A%2F%2Fapi.twitter.com%2Foauth%2Frequest_token&amp;oauth_callback%3Doob%26oauth_consumer_key%3Dfy5lC1V4ojgaolKPnEsbg%26oauth_nonce%3Da55d09b40e3fc189addaf203ef7f2dc475ea2a69%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1315413303%26oauth_version%3D1.0 </code></pre> <p>Can't see anything wrong with it. I also checked my signature generation method using the example base string and consumer secret in the Twitter documentation here: <a href="https://dev.twitter.com/docs/auth/oauth" rel="nofollow">https://dev.twitter.com/docs/auth/oauth</a> I get the same signature.</p> <p>I also checked my timestamp but it is within a second of UTC epoch time. Here are the response headers I'm getting:</p> <pre><code>Response:{ "Cache-Control" = "no-cache, no-store, must-revalidate, pre-check=0, post-check=0"; Connection = close; "Content-Encoding" = gzip; "Content-Length" = 62; "Content-Type" = "text/html; charset=utf-8"; Date = "Wed, 07 Sep 2011 16:35:05 GMT"; Expires = "Tue, 31 Mar 1981 05:00:00 GMT"; "Last-Modified" = "Wed, 07 Sep 2011 16:35:05 GMT"; Pragma = "no-cache"; Server = hi; "Set-Cookie" = "admobuu=10208a061552e8488e7953874e764745; domain=.m.twitter.com; path=/; expires=Tue, 19 Jan 2038 03:14:07 GMT, _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCBMnvkQyAToHaWQiJThkNjJhNDI5YjI1MDEz%250AOWQxYTcxYTYyODg3NWQ2OTkyIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--94b10215c29c55d20de023c624296349f461f69d; domain=.twitter.com; path=/; HttpOnly"; Status = "401 Unauthorized"; Vary = "Accept-Encoding"; "X-Content-Type-Options" = nosniff; "X-Frame-Options" = SAMEORIGIN; "X-Mid" = d09597bbd71f66cf5869d99b2f3cf994fbf7dfb9; "X-Revision" = DEV; "X-Runtime" = "0.00428"; "X-Transaction" = "1315413305-15807-4243"; } </code></pre> <p>And here's my Objective C code:</p> <pre><code>// Strings NSString *urlString = @TWITTER_REQUEST_TOKEN_URL; NSString *urlEncoded = (NSString *)CFURLCreateStringByAddingPercentEscapes(NULL, (CFStringRef)urlString, NULL, (CFStringRef)@"!*'();:@&amp;=+$,/?%#[]", kCFStringEncodingUTF8); NSString *oauthCallback = @TWITTER_CALLBACK; NSString *oauthConsumerKey = @TWITTER_KEY; NSString *oauthConsumerSecret = @TWITTER_SECRET; NSString *timestamp = [NSString stringWithFormat:@"%d",(long)[[NSDate date] timeIntervalSince1970]]; NSInteger randomNumber = arc4random(); NSString *randomString = [NSString stringWithFormat:@"%d",randomNumber]; NSString *oauthNonce = [HashService sha1DigestFromKey:timestamp andBaseString:randomString]; NSString *oauthSignatureMethod = @"HMAC-SHA1"; NSString *oauthVersion = @"1.0"; // Create base string and signature NSMutableString *baseString = [NSMutableString stringWithFormat:@"POST&amp;%@&amp;",urlEncoded]; NSString *paramString = [NSString stringWithFormat:@"oauth_callback=%@&amp;oauth_consumer_key=%@&amp;oauth_nonce=%@&amp;oauth_signature_method=%@&amp;oauth_timestamp=%@&amp;oauth_version=%@",oauthCallback,oauthConsumerKey,oauthNonce,oauthSignatureMethod,timestamp,oauthVersion]; NSString *paramStringEncoded = (NSString *)CFURLCreateStringByAddingPercentEscapes(NULL, (CFStringRef)paramString, NULL, (CFStringRef)@"!*'();:@&amp;=+$,/?%#[]", kCFStringEncodingUTF8); [baseString appendString:paramStringEncoded]; NSString *signingKey = [NSString stringWithFormat:@"%@&amp;",oauthConsumerSecret]; NSString *oauthSignature = [HashService HmacSha1FromKey:signingKey andBaseString:baseString]; // Create request NSURL *url = [NSURL URLWithString:urlString]; NSString *authHeader = [NSString stringWithFormat: @"OAuth oauth_nonce=\"%@\",oauth_callback=\"%@\",oauth_signature_method=\"%@\",oauth_timestamp=\"%@\",oauth_consumer_key=\"%@\",oauth_version=\"%@\",oauth_signature=\"%@\"",oauthNonce,oauthCallback,oauthSignatureMethod,timestamp,oauthConsumerKey,oauthVersion,oauthSignature]; ASIFormDataRequest *request = [ASIFormDataRequest requestWithURL:url]; [request addRequestHeader:@"Authorization" value:authHeader]; request.requestMethod = @"POST"; [request startSynchronous]; </code></pre> <p>I just can't get it to work. Suggestions?</p>
    singulars
    1. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. PTQuestion
    1. This table or related slice is empty.
    1. USjcm
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. This table or related slice is empty.
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload