Timestamp out of Bounds when calling oauth request_token

oauth
web
signin

#1

Hi,

I am trying to integrate the oauth flow in my application.

I am getting a 401 when calling the oauth/request_token endpoint with this error:

"message": "401 - {\"errors\":[{\"code\":135,\"message\":\"Timestamp out of bounds.\"}]}",

This is my authorization header:

"Authorization": "OAuth oauth_callback=http%3A%2F%2F127.0.0.1%3A3000%2Ftwitter%2Foauth_callback,oauth_consumer_key=MYKEY,oauth_nonce=150255341200200,oauth_signature_method=HMAC-SHA1,oauth_timestamp=1502553412002,oauth_version=1.0,oauth_signature=d09f2f2a39e51909442ae6ca717e4aeba7066fda"

I can see in the response header that the server time for Twitter is:`“date”: “Sat, 12 Aug 2017 15:56:52 GMT”

If I take my timestamp and convert it to a GMT date I get: Saturday, August 12, 2017 3:56:52.002 PM

I am not sure why it is considered out of bounds.

Best,
Jeremy


#2

It sounds like your server’s clock is not set correctly. OAuth signatures need the current timestamp included in the signature and the timestamp has to be within 5 minutes of Twitter’s server’s timestamps.


#3

But from the look of it, the timestamp sent as part of the authorization matches the time that is show in the reponse header from twitter. I would see a difference if not. Or am I missing something?