401 Unauthorized with home_timeline


#1

I’m ussing the OAuth Ruby Gem as follows:

consumer = OAuth::Consumer.new(, , {:site => “http://api.twitter.com”})

token = OAuth::AccessToken.new(consumer, , )

request_string = "http://api.twitter.com/1/statuses/home_timeline.json?count=1"
response = token.get(request_string)
response = token.get(request_string)
response = token.get(request_string)
response = token.get(request_string)
response = token.get(request_string)

And I get the following response:

irb(main):120:0> response = token.get(request_string)
=> #<Net::HTTPUnauthorized 401 Unauthorized readbody=true>

irb(main):121:0> response = token.get(request_string)
=> #<Net::HTTPOK 200 OK readbody=true>

irb(main):122:0> response = token.get(request_string)
=> #<Net::HTTPUnauthorized 401 Unauthorized readbody=true>

irb(main):123:0> response = token.get(request_string)
=> #<Net::HTTPUnauthorized 401 Unauthorized readbody=true>

irb(main):124:0> response = token.get(request_string)
=> #<Net::HTTPOK 200 OK readbody=true>

I also tried

consumer = OAuth::Consumer.new(, , {:site => “http://api.twitter.com”, :scheme => :header})

While using the same application credentials and the same user-data, the api call sometimes succeed and many other times fails with 401 error.

What’s wrong with the code I’m using?


#2

Do you know the time you were having these issues at?

Like a number of our other API methods, statuses/home_timeline is under transition to a new implementation with a stricter implementation of OAuth – while there are sporadic times when there are site-wide auth problems (last night there was some of this), it’s possible what you’re seeing here is just hitting the newer implementation with the stricter OAuth in a certain percentage of your requests.

Do you know whether your library uses header-based OAuth or query string based OAuth? Most people have a lot less trouble with pitch-perfect OAuth when using header-based OAuth, so you may want to review what that library does there. I know the most recent versions of the Ruby OAuth gem can potentially add parameters to the request that aren’t strictly part of OAuth 1.0A, so you may want to look into that as well.


#3

Thanks Taylor for the reply.

That was about 20 hours ago (9:30pm GMT).

I’m using OAuth Ruby Gem but I’m not sure about supporting header-based OAuth. I need to double check that.

I will keep you posted.