Databases
StackOverflow2013
Postsdbo
POEncoding a GET using OAuth in Ruby Twitter API
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POEncoding a GET using OAuth in Ruby Twitter API
    primarykey
    data
    text
    <p>I'm trying to write simple Ruby on Rails web app that logs in to Twitter via oAuth and gets the user's list of followers, <strong>without using an existing oAuth library</strong>. Using their guide at <a href="https://dev.twitter.com/docs/auth/oauth" rel="nofollow">https://dev.twitter.com/docs/auth/oauth</a>, I've managed to get logging in working correctly and thus have a subsequent outh_token and oauth_token_secret. However, when trying to encode the GET request for the logged in user's followers, I keep getting a 401 "This method requires authentication."</p> <p>Using my code and their sample data, I can see that I'm generating the oauth_signature correctly. I may be generating the signature_base_string incorrectly, but seeing as it works ok when logging in, I don't see how it could be wrong the second time. The methods are part of a class, so the consumer key and secret are obviously class variables.</p> <p>Relevant code is below. It's the output of the HTTP GET in 'followees' that's giving the 401. I'm hoping this is something ridiculously obvious that I'm just missing from looking at this too long! I know I have the right values passed to the function as parameters. Thanks.</p> <pre><code> def followees(auth_token, auth_token_secret, user_id) method = 'GET' base_uri = 'https://api.twitter.com/1/friends/ids.json' params = { 'cursor' =&gt; '-1', 'oauth_consumer_key' =&gt; @@consumer_key, 'oauth_nonce' =&gt; generate_nonce, #not shown, no need! 'oauth_signature_method' =&gt; 'HMAC-SHA1', 'oauth_token' =&gt; auth_token, 'oauth_timestamp' =&gt; Time.now.to_i.to_s, 'oauth_version' =&gt; '1.0', 'user_id' =&gt; user_id } signature_base_string = signature_base_string(method, base_uri, params) params['oauth_signature'] = url_encode(sign(@@consumer_secret + '&amp;' + auth_token_secret, signature_base_string)) header = header(params) base_uri += '?cursor=-1&amp;user_id=' + user_id url = URI.parse(base_uri) http = Net::HTTP.new(url.host, 443) http.use_ssl = true resp, data = http.get(url.path, { 'Authorization' =&gt; header }) end def signature_base_string(method, uri, params) encoded_params = params.sort.collect{ |k, v| url_encode("#{k}=#{v}") }.join("%26") method + '&amp;' + url_encode(uri) + '&amp;' + encoded_params end def url_encode(string) CGI::escape(string) end def sign(key, base_string) digest = OpenSSL::Digest::Digest.new('sha1') hmac = OpenSSL::HMAC.digest(digest, key, base_string) Base64.encode64(hmac).chomp.gsub(/\n/, '') end def header(params) header = "OAuth " params.each do |k, v| header += "#{k}=\"#{v}\", " end header.slice(0..-3) end </code></pre>
    singulars
    1. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. PTQuestion
    1. USeclipse31
    1. USeclipse31
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. This table or related slice is empty.
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload