Why am I getting "failed to validate oauth signature and token"? PLEASE HELP!


#1

I constantly get “Failed to validate oauth signature and token” why?!?!

Here is my base-string used to get a signature:

POST&https%3A%2F%2Fapi.twitter.com%2Foauth%2Frequest_token&oauth_callback=oob&oauth_consumer_key=zFTjin9aaaaaaaaaaa4562njr&oauth_nonce=1405553154&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1405553154&oauth_version=1.0

I use “my_consumer_secret_key&” (replacing the key with the actual one provided) to hash the base-string. The signature was HMAC-SHA1 encoded, then Base64Encoded, and URLEncoded for use in the header

In the header for Authorization I have:

OAuth oauth_nonce=“1405553333”, oauth_callback=“oob”, oauth_signature_method=“HMAC-SHA1”, oauth_timestamp=“1405553333”, oauth_consumer_key=“zFTjin9aaaaaaaaaaa4562njr”, oauth_version=“1.0”, oauth_signature=“IWwFFdI%2FXe2iMT81YO%2BxkJsljzQ%3D”

The POST URL is https://api.twitter.com/oauth/request_token

Twitter’s header response is as follows:

HTTP/1.0 401 Unauthorized
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 44
content-security-policy-report-only: default-src https:; connect-src https:; font-src https: data:; frame-src https: http://*.twimg.com http://itunes.apple.com about: javascript:; img-src https: data:; media-src https:; object-src https:; script-src ‘unsafe-inline’ ‘unsafe-eval’ about: https:; style-src ‘unsafe-inline’ https:; report-uri https://twitter.com/i/csp_report;
content-type: text/html; charset=utf-8
date: Wed, 16 Jul 2014 20:29:02 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Wed, 16 Jul 2014 20:29:02 GMT
pragma: no-cache
server: tfe
set-cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCCou3UBHAToHaWQiJTIzMTk2NTUyNDlmY2Fi%250AM2Y4Y2QxZTI2YTBjMmJiYmY4IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA–2b73764167cf4e991c8e9ace76d7377b41257fb0; domain=.twitter.com; path=/; secure; HttpOnly
set-cookie: guest_id=v1%3A140554254281679424; Domain=.twitter.com; Path=/; Expires=Fri, 15-Jul-2016 20:29:02 UTC
status: 401 Unauthorized
strict-transport-security: max-age=631138519
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-mid: e2a5dd535b9a09fb8d071fc2c28d93609a592d94
x-runtime: 0.00651
x-transaction: 5bc19eb35c9fe4da
x-ua-compatible: IE=edge,chrome=1
x-xss-protection: 1; mode=block

I’ve tried everything!!! Please help!


#2

I’m having the same issue, please post here if you find a solution