Discussion for "an improved OAuth 1.0a experience"


If you have any questions, comments, or suggestions about the [Node:3411] blog post, please post them to this discussion thread.


And for those who still have problems with generating a proper base string, I strongly recommend this tool: http://quonos.nl/oauthTester/. Basically, it checks your base string and tells you some things it notices. People generally find this helpful :slight_smile:


thank you


I’m using the OAuth tool with curl and am getting a 401 Failed to validate oauth signature and token. The date and time on my computer are within seconds of the Date header returned.

I set the request type as POST and the request URI to : https://twitter.com/oauth/request_token

I copied the resulting cURL command text and immediately pasted it into the terminal.

I’ve ruled out date and time issues, so what else could cause your OAuth tool to fail? Am I using it wrong?




when is this going to be fixed? https://dev.twitter.com/discussions/3290


Other issues you can be having aside, that’s not a valid API or OAuth URL on twitter – you want https://api.twitter.com/oauth/request_token – once you’ve tried changing to the correct path and you still can’t get it to work, feel free to share the curl command you’re trying to execute


Here is the curl command I executed:
curl --request ‘POST’ ‘https://api.twitter.com/oauth/request_token’ --header ‘Authorization: OAuth oauth_consumer_key=“kpScDAXRWf0DtkTwuNotgQ”, oauth_nonce=“1f2c4a93d93ad3f2c1d27eda066dce5b”, oauth_signature=“rUrwAmftckVlQ2dJd%2FDZ0A9hw2A%3D”, oauth_signature_method=“HMAC-SHA1”, oauth_timestamp=“1321395189”, oauth_token=“21396527-0dY6VFl9iQi90FF3YJM40ixLPZn7GbD4E9MrqlIdc”, oauth_version=“1.0”’ --verbose

This results in a 401 Unauthorized response with the message “Failed to validate oauth signature and token”


You’re including an oauth_token in a request oauth/request_token – one of the few methods where you shouldn’t send an oauth_token at all – it’s the method to get the first oauth_token (“request token”) you need to complete the other parts of the sequence.


I’m trying to get our users to login to our website with their twitter id & password (as an option). The authorisation window comes up fine asking for twitter details (or, if already logged in to twitter, asks for confirmation of authorisation). But when ‘Connect’ is clicked, this is what appears in the the window:

“Something is technically wrong.
Thanks for noticing—we’re going to fix it up and have things back to normal soon”.

I’m using CB Connect for this facility… I’ll also post this in the Community Builder forum. But is there any help I can get with this issue from this end, please?

Many thanks in advance.


PS: Even though I get that error message, it still logs me in to my Twitter account (if not already logged in).


Ok, here’s an example of my current search api call:


What would be the new search api v1.1 equivalent of this?

Not sure about how to use authentication in a public call like this for the new api.

Thanks for your help.