Constant 401 Unauthorized on GET Request


#1

My oAuth appears correct as I can get request and access tokens via POST however everytime I issue a GET request I get a 401 unauthorized error. I have triple checked my authorization string. I am trying to use GET users/show for an authorized user that I have an access token, secret etc. I have tried deleting and recreating the Twitter app. I am running on my dev machine from localhost. Any ideas why I can’t issue GET requests?

//Get oauth Request Token int t = (int) ((System.currentTimeMillis()) / 1000); String n = generateNonce(); String parameterStr = "oauth_consumer_key=" + TWITTER_KEY + "&oauth_nonce=" + n + "&oauth_signature_method=" + oauthSignatureMethod + "&oauth_timestamp=" + t + "&oauth_token=" + userValues.get("oauth_token") + "&oauth_version=1.0" + "&screen_name=" + userValues.get("username"); String oauthSignature = ""; String authorizationHeaderStr = ""; try { String signatureBaseStr = "GET&https%3A%2F%2Fapi.twitter.com%2F1.1%2Fusers%2Fshow.json&" + URLEncoder.encode(parameterStr, "UTF-8"); oauthSignature = computeSignature(signatureBaseStr, URLEncoder.encode(TWITTER_SECRET, "UTF-8") + "&" + URLEncoder.encode(userValues.get("oauth_secret"), "UTF-8")); oauthSignature = URLEncoder.encode(oauthSignature, "UTF-8"); authorizationHeaderStr = "OAuth oauth_consumer_key=\"" + TWITTER_KEY + "\",oauth_nonce=\"" + URLEncoder.encode(n, "UTF-8") + "\",oauth_signature=\"" + oauthSignature + "\",oauth_signature_method=\"HMAC-SHA1\",oauth_timestamp=\"" + t + "\",oauth_token=\"" + URLEncoder.encode(userValues.get("oauth_token"), "UTF-8") + "\",oauth_version=\"1.0\""; System.out.println(signatureBaseStr); System.out.println(oauthSignature); System.out.println(authorizationHeaderStr); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } catch (GeneralSecurityException e) { e.printStackTrace(); }
	//Create post and receive oauth token
	try {
		String urlStr = "https://api.twitter.com/1.1/users/show.json?" + "screen_name=" + userValues.get("username");
		URL url = new URL(urlStr);
		HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
		conn.setRequestMethod("GET");
		conn.setRequestProperty("Authorization", authorizationHeaderStr);
		
		//Send post
		conn.setDoOutput(true);
		DataOutputStream wr = new DataOutputStream(conn.getOutputStream());
		wr.flush();
		wr.close();
		
		//Get post
		int twitterResponseCode = conn.getResponseCode();
		BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream()));
		String inputLine;
		StringBuffer twitterResponse = new StringBuffer();
 
		while((inputLine = in.readLine()) != null) {
			twitterResponse.append(inputLine);
		}
		in.close();
		System.out.println(twitterResponse);
	} catch (MalformedURLException e) {
		e.printStackTrace();
	} catch (IOException e) {
		e.printStackTrace();
	}

#2

Why don’t you use an already existing library doing OAuth for you, like for example Twitter4J (http://twitter4j.org/en/)? When implementing OAuth by hand it’s very easy to make small mistakes that make the authentication fail.
If you really do want to do it by hand, if you use the OAuth tool available on all the endpoints’ documentation page (for example https://dev.twitter.com/docs/api/1.1/get/users/show), you can see the signature base string, or an example of authentication header with the values you entered.


#3

Problem fixed. I removed the output stream from the code:

DataOutputStream wr = new DataOutputStream(conn.getOutputStream());
wr.flush();
wr.close();

I’m honestly not sure why it was there to begin with.