Oauth Authorization header problem with Nodejs


#1

Hi,

I am working on an test twitter app with node.js and I am unable to authorise GET API request.
I am trying to get the friends list of the user who authorised my test app.

https://api.twitter.com/1/friends/ids.json?cursor=-1&user_id=22523050582

and my header looks like,

{ host: ‘api.twitter.com’,
authorization: ‘OAuth cursor="-1",oauth_consumer_key=“2SrY0yqoV7u11sBZVazpFg”,oauth_nonce=“5EB0F1A00781421BBAC97A1A43EC7A60”,oauth_signature_method=“HMAC-SHA1”,oauth_timestamp=“1341474803”,oauth_token=“523050582-QizPw7WfKJVrUQ3N0SL3FDYnuO0Kv1i4W0ghjrK1”,oauth_version=“1.0”,user_id=“523050582”,oauth_signature=“n9Y8ltnBaiSl8VfllPhtPHHCu%2F4%3D”’,
‘content-type’: ‘application/json’,
accept: ‘application/json’,
‘content-length’: 0 }

I am able to get the friends list but I am getting the Rate-Limit: 150 and Warning: Invalid OAuth credentials detected.
I am able to query successfully with the same oauth token using java. So I am quite sure that my oauth_token is right. In node.js I am doing the following,

var url = 'https://api.twitter.com/1/friends/ids.json?cursor=-1&user_id=’+12345;

var oauth =
{
      consumer_key: config.twitter.consumer_key
    , consumer_secret: config.twitter.consumer_secret
    , token: oauth.oauth_token
    , token_secret: oauth.token_secret
};

request.get({url:url, oauth:oauth, json:true}, function (e, response, user) {
    console.log(user);
    console.log(response.headers['status']);
    console.log(response.client.parser.socket._httpMessage._headers);
    console.log('Rate-Limit: '+ response.headers['x-ratelimit-limit'] + ' - Warning: '+response.headers['x-warning']);
});

Can anyone please help me in finding what I am doing wrong here? Any problem with my authorisation header and how to solve this?

Thanks in advance.


#2

There could be more going wrong here, but at first glance I do notice that you’re sending parameters in the authorization header that aren’t part of that header – your cursor and user_id values should only be in the query string (and within your signature base string) but not in the header itself.


#3

Thanks a lot @episod

I solved the issue. The problem is not with the header but with the twitter app. Something have messed up. I created a new twitter app and got the new oauth token and it started working…

Cheers.