My iOS app has been using xAuth for a while. Recently, I noticed a problem in which it can’t post to a newly authorized account until 1-2 hours passes.
Authorization seems successful as usual, and when I plug the oauth_token and oauth_token_secret I get from https://twitter.com/oauth/access_token into the Twitter for Mac Developer Console, I can successfully post to statuses/update.json.
Yet, when I post to it from my app (either in the simulator or on the device), I get:
{“error”:“Could not authenticate you.”,“request”:"/1/statuses/update.json"}
My request header fields look like this:
OAuth realm="", oauth_consumer_key="[redacted consumer key]", oauth_token=“240370803-qAp80UwmPikqN6onjCSN5p2oQ2Gfn4Nz3AiuA”, oauth_signature_method=“HMAC-SHA1”, oauth_signature=“LxY1IO%2B0d7vxSfYsChOScHro%2FEY%3D”, oauth_timestamp=“1321938373”, oauth_nonce=“C8EC7A74-802C-4C2E-B7F6-25BA4DCB7508”, oauth_version=“1.0”
If I try again two hours later, it usually works.
Is there anything that has changed in the last month or so that would cause this?
ETA:
Here’s the packet that my app sends out:
POST /1/statuses/update.json HTTP/1.1
Host: api.twitter.com
User-Agent: MyApp/1.0.8.1 CFNetwork/548.0.3 Darwin/11.2.0
Content-Length: 32
Accept: /
Content-Type: application/x-www-form-urlencoded
Authorization: OAuth realm="", oauth_consumer_key="[redacted]", oauth_token=“129586119-CbDOxQlEmypePEP9g1rZYx7YIwWkYAXMHVposXW9”, oauth_signature_method=“HMAC-SHA1”, oauth_signature="%2Bzsm2ii%2Bs57PxQUWfQ6%2BhhgMYf4%3D", oauth_timestamp=“1321944592”, oauth_nonce=“0844F3DC-EB1C-4CFD-AC7B-0BC09D43AC17”, oauth_version="1.0"
Accept-Language: en-us
Accept-Encoding: gzip, deflate
Cookie: secure_session=default; twid=u%3D129586119%7CiZ%2FE7EuExAQGrp9z%2FWV0JF%2FUKbA%3D; twll=l%3D1321943169; guest_id=v1%3A132192353930146552; k=10.35.27.120.1321923539293830
Connection: keep-alive
Here’s what Twitter for Mac’s console sends out to post successfully:
POST /1/statuses/update.json HTTP/1.1
Host: api.twitter.com
User-Agent: Tweetie-Mac/2.1.1 iOS/1138.230000
Content-Length: 52
Accept: /
Authorization: OAuth oauth_signature=“ruKz68PMJHBEZHIXGkPBgGWq5zU%3D”, oauth_nonce=“F6E50CC6-1C82-4E36-A27F-BC10A8BAE5F2”, oauth_timestamp=“1321945075”, oauth_consumer_key="[redacted, but same as above]", oauth_token=“129586119-CbDOxQlEmypePEP9g1rZYx7YIwWkYAXMHVposXW9”, oauth_version=“1.0”, oauth_signature_method="HMAC-SHA1"
Accept-Language: en
X-Twitter-Client: Tweetie-Mac
X-Twitter-Client-Version: 2.1.1
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Connection: keep-alive
The main differences I see are that Twitter for Mac has the X-Twitter fields, accepts en instead of en-us, has no realm, and - as expected - has different signature, nonce, and timestamp fields. Is any difference more likely than the others to cause this problem?
