401 Error generating the Access Token

unity

#1

Hi everyone,

I’m working on integrating Twitter into a Unity app, and have hit a stumbling block.

I’m using the Twity library, and it seems to work good for using OOB/3 legged oauth. I can get the request token back, open up a GET to the /oauth/authorize?blah site to get the PIN, and submit that to the /oauth/access_token endpoint, but trying to convert it to the access token is failing with a 401 error.

Request Token request

OAuth realm=\"Twitter API\",
oauth_callback=\"oob\",
oauth_consumer_key=\"my consumer key\",
oauth_nonce=\"2f677fce48d44bbfb56b0c5842d2b76f\",
oauth_signature_method=\"HMAC-SHA1\",
oauth_timestamp=\"1546278102\",
oauth_token=\"my access token\",
oauth_version=\"1.0\",
oauth_signature=\"Oj5KmZC5a5ZAJ95yHw3Vcb%2BQhFk%3D\"

Reply from a Request Token call

Oauth.requestToken = "DuG9QAAAAAAAvP97AAABaAVbpag"
Oauth.requestTokenSecret = "Yo6eMMOZqD4KVtjgbCuwvAnNDwJYd5uZ"
Oauth.authorizeURL = "https://api.twitter.com/oauth/authorize?oauth_token=DuG9QAAAAAAAvP97AAABaAVbpag"

Access Token Request

OAuth realm=\"Twitter API\",
oauth_consumer_key=\"my consumer key\",
oauth_nonce=\"e25c9448128f4d6ba30a318ef50261cc\",
oauth_signature_method=\"HMAC-SHA1\",
oauth_timestamp=\"1546278158\",
oauth_token=\"my access token\",
oauth_verifier=\"5981554\",
oauth_version=\"1.0\",
oauth_signature=\"vIDRr%2B8mCXkYPGCIFg6zOf9YkI0%3D\"

And making the access token request returns the 401.

Since it’s the same method that is generating the signature and formatting the Authorization header, I don’t think the problem is there. But I’m at a loss as to why it would pass the request token portion, then fail on the access token part. Anyone have any thoughts on where to dig into this mess a bit more?

Edit: The specific error is “Reverse auth credentials are invalid”.


#2

Ok, I figured this out. I was signing the Access Token request with the access tokens, not the request tokens. Derp. :persevere:


#3

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.