REST API works but got Unauthorized with Streaming API


#1

Hello,

When I try to use the streaming API, my request was always refused whereas it worked fine with REST API.
I tried to use the CURL command generated from the applications pannel and here’s the stacktrace :

E:\claimtracker\claimtracker>curl --get https://userstream.twitter.com/1.1/user.
json --data 'https%3A%2F%2Fuserstream_twitter_com%2F2%2Fuser_json=' --header 'Au
thorization: OAuth oauth_consumer_key="xxx", oauth_nonce="53b8
193d29ec3f73a3c9143cdcaf5349", oauth_signature="pZK9W8KNgPoQXWLToypROzFNoS0%3D",
 oauth_signature_method="HMAC-SHA1", oauth_timestamp="1394638578", oauth_token="xxx", oauth_version="1.0"' --verbose

* timeout on name lookup is not supported
* Hostname was NOT found in DNS cache
*   Trying 199.16.156.81...

* Connected to userstream.twitter.com (199.16.156.81) port 443 (#0)
* libcurl is now using a weak random seed!
* successfully set certificate verify locations:
*   CAfile: C:\Python33\curl-ca-bundle.crt
  CApath: none
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using ECDHE-RSA-AES128-GCM-SHA256
* Server certificate:
*        subject: C=US; ST=California; L=San Francisco; O=Twitter, Inc.; OU=Twit
ter Security; CN=userstream.twitter.com
*        start date: 2013-10-29 00:00:00 GMT
*        expire date: 2015-10-30 23:59:59 GMT
*        subjectAltName: userstream.twitter.com matched
*        issuer: C=US; O=VeriSign, Inc.; OU=VeriSign Trust Network; OU=Terms of
use at https://www.verisign.com/rpa (c)10; CN=VeriSign Class 3 Secure Server CA
- G3
*        SSL certificate verify ok.
> GET /1.1/user.json?'https%3A%2F%2Fuserstream_twitter_com%2F2%2Fuser_json=' HTT
P/1.1
> User-Agent: curl/7.35.0
> Host: userstream.twitter.com
> Accept: */*
>
< HTTP/1.1 401 Authorization Required
< Connection: close
< Cache-Control: must-revalidate,no-cache,no-store
< Content-Type: text/html
< Date: Wed, 12 Mar 2014 15:59:58 GMT
< X-Transaction: e671918688d61b4e9678b785e3365ba3
< Content-Length: 311
<
<html>\n<head>\n<meta http-equiv="Content-Type" content="text/html; charset=utf-
8"/>\n<title>Error 401 Unauthorized</title>
</head>
<body>
<h2>HTTP ERROR: 401</h2>
<p>Problem accessing '/1.1/user.json?'https%3A%2F%2Fuserstream_twitter_com%2F2%2
Fuser_json=''. Reason:
<pre>    Unauthorized</pre>
</body>
</html>
* Closing connection 0
* SSLv3, TLS alert, Client hello (1):
* timeout on name lookup is not supported
* Hostname was NOT found in DNS cache
* Curl_ipv4_resolve_r failed for OAuth
* Couldn't resolve host 'OAuth'
* Closing connection 1
curl: (6) Couldn't resolve host 'OAuth'
* timeout on name lookup is not supported
* Hostname was NOT found in DNS cache
* Curl_ipv4_resolve_r failed for oauth_consumer_key=xxxx,
* Couldn't resolve host 'oauth_consumer_key=xxxxx,'
* Closing connection 2
curl: (6) Couldn't resolve host 'oauth_consumer_key=xxxx,'
* timeout on name lookup is not supported
* Hostname was NOT found in DNS cache
* Curl_ipv4_resolve_r failed for oauth_nonce=53b8193d29ec3f73a3c9143cdcaf5349,
* Couldn't resolve host 'oauth_nonce=53b8193d29ec3f73a3c9143cdcaf5349,'
* Closing connection 3
curl: (6) Couldn't resolve host 'oauth_nonce=53b8193d29ec3f73a3c9143cdcaf5349,'
* timeout on name lookup is not supported
* Hostname was NOT found in DNS cache
* Curl_ipv4_resolve_r failed for oauth_signature=pZK9W8KNgPoQXWLToypROzFNoS0%3D,

* Couldn't resolve host 'oauth_signature=pZK9W8KNgPoQXWLToypROzFNoS0%3D,'
* Closing connection 4
curl: (6) Couldn't resolve host 'oauth_signature=pZK9W8KNgPoQXWLToypROzFNoS0%3D,
'
* timeout on name lookup is not supported
* Hostname was NOT found in DNS cache
* Curl_ipv4_resolve_r failed for oauth_signature_method=HMAC-SHA1,
* Couldn't resolve host 'oauth_signature_method=HMAC-SHA1,'
* Closing connection 5
curl: (6) Couldn't resolve host 'oauth_signature_method=HMAC-SHA1,'
* timeout on name lookup is not supported
* Hostname was NOT found in DNS cache
* Curl_ipv4_resolve_r failed for oauth_timestamp=1394638578,
* Couldn't resolve host 'oauth_timestamp=1394638578,'
* Closing connection 6
curl: (6) Couldn't resolve host 'oauth_timestamp=1394638578,'
* timeout on name lookup is not supported
* Hostname was NOT found in DNS cache
* Curl_ipv4_resolve_r failed for oauth_token=xxxx
* Couldn't resolve host 'oauth_token=xxxx
* Closing connection 7
curl: (6) Couldn't resolve host 'oauth_token=xxxxx
* timeout on name lookup is not supported
* Hostname was NOT found in DNS cache
* Curl_ipv4_resolve_r failed for oauth_version=1.0'
* Couldn't resolve host 'oauth_version=1.0''
* Closing connection 8
curl: (6) Couldn't resolve host 'oauth_version=1.0''

I first though it was because of my server clock but the REST API works fine.
Does anyone have a clue ? Thanks


#2

I might be in the same problem.

The REST API and public statuses/sample stream work fine but I get HTTP response “401 Authorization Required” on accessing Sitesteam control REST API.

HTTP session log is:
https://sitestream.twitter.com/1.1/site/c//info.json

GET /1.1/site/c//info.json HTTP/1.1
Accept: /
User-Agent: OAuth gem v0.4.7
Accept-Encoding: deflate, gzip
Authorization: OAuth oauth_consumer_key="", oauth_nonce="", oauth_signature="", oauth_signature_method=“HMAC-SHA1”, oauth_timestamp=“1394675326”, oauth_token="", oauth_version="1.0"
Host: sitestream.twitter.com

HTTP/1.1 401 Authorization Required
Connection: close
Content-Type: text/html
Date: Thu, 13 Mar 2014 01:48:47 GMT
X-Transaction: e2b5c215d7a621019e2fc012f936d443
Content-Length: 102

Thank you.


#3

Hi @ClaimTracker,

Just replace those single quotes with the double quotes and try running the command again. It should work.

Use the curl command that is generated in the “test oauth” panel and follow the steps I mentioned above.

Thanks.