Puzzling "Invalid authorization header" error when working with update_with_media


#1

Hi,

I’m trying use the new update_with_media API from Google App Engine. I’m using a basic Oauth library which works well with all other OAuth services like Flickr, LinkedIn, etc… and also Twitter’s own statuses/update API. Problem is that I’m getting “Invalid authorization header” error and I don’t understand why: looking at the raw data and comparing to the example in https://dev.twitter.com/discussions/1059, everything seems correct:

I must be missing something obvious, so any help appreciated, thanks!

=== Signed string ===

POST&https%3A%2F%2Fupload.twitter.com%2F1%2Fstatuses%2Fupdate_with_media.json&oauth_consumer_key%3DIkIZwr9DDZvsB97A671LA%26oauth_nonce%3D16203194635602708920%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1313504858%26oauth_token%3D220186573-YZVqXFd4N8w40mteqY3AKoNXs6DcByt7I4ud88Hl%26oauth_version%3D1.0

=== HTTP request ===

host = upload.twitter.com

url = https://upload.twitter.com/1/statuses/update_with_media.json

payload = --konFko4jZM6LQnDj3EXubQ\r\nContent-Disposition: form-data; name=“status”\r\n\r\nCheck out my photo at http://www.everpix.net\r\n–konFko4jZM6LQnDj3EXubQ\r\nContent-Disposition: form-data; name=“media[]”; filename=“Photo.jpg”\r\nContent-Type: image/jpeg\r\n\r\n\xff\xd8\xff\xe0\x00\x10JFIF\x00\x01\x01\x01\x00H\x00H\x00\x00\xff\xdb\x00C\x00\x03\x02\x02\x03\x02\x02\x03\x03\x03\x03\x04\x03\x03\x04\x05\x08\x05\x05\x04\x04\x05\n\x07\x07\x06\x08\x0c\n\x0c\x0c\x0b\n\x0b\x0b\r\x0e\x12\x10\r\x0e\x11\x0e\x0b\x0b\x10\x16\x10\x11\x13\x14\x15\x15\x15\x0c\x0f\x17\x18\x16\x14\x18\x12\x14\x15\x14\xff\xdb\x00C\x01\x03\x04\x04\x05\x04\x05\t\x05\x05\t\x14\r\x0b\r\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\x14\xff\xc2\x00\x11\x08\x02\xc4\x04\x00\x03\x01"\x00\x02\x11\x01\x03\x11\x01\xff\xc4\x00\x1c

\x04@\x8a\x17\x0cb(ef\xb09\x84 \x0e\xe9(+\xf1\xe2[@\xa2\xf1\x80\xc2\xdc\x1e\xcf2\xf2E:\x97\x10CO|\xb0\x16\xa4\xc8\xe4\xa7\x11J\xd4\xdeX\x8c\x02\xc6\x87\x17?\xff\xd9\r\n–konFko4jZM6LQnDj3EXubQ–

headers = {
‘Content-Length’: ‘184213’,
‘Accept-Encoding’: ‘gzip’,
‘User-Agent’: ‘AppEngine-Google; (+http://code.google.com/appengine)’,
‘Host’: ‘upload.twitter.com’,
‘Content-Type’: ‘multipart/form-data; boundary=konFko4jZM6LQnDj3EXubQ’,
‘Authorization’: ‘OAuth oauth_consumer_key=“IkIZwr9DDZvsB97A671LA”, oauth_nonce=“16203194635602708920”, oauth_signature=“3kf5ymaRbc/j2XboqKpnlkA5aT0=”, oauth_signature_method=“HMAC-SHA1”, oauth_timestamp=“1313504858”, oauth_token=“220186573-YZVqXFd4N8w40mteqY3AKoNXs6DcByt7I4ud88Hl”, oauth_version=“1.0”’
}


#2

When you actually send your Authorization HTTP headers, do you percent encode the oauth_* values first? For example, the equals ("=") character in your signature should be “%3D”


#3

Ah… I finally found the problem: the OAuth library wasn’t URL encoding the special characters “oauth_signature” in the authentication header!


#4

can u please tell me in detail… how it fix?? plz…


#5

i Solved It… :slight_smile: