xAuth 403 (Forbidden) request


#1

Hi all,

I sent a request like that:

var oauthObject = {
      oauth_consumer_key: clientId,
      oauth_nonce: $cordovaOauthUtility.createNonce(10),
      oauth_signature_method: "HMAC-SHA1",
      oauth_timestamp: Math.round((new Date()).getTime() / 1000.0),
      oauth_version: "1.0"
    };
    var signatureObj = $cordovaOauthUtility.createSignature("POST", "https://api.twitter.com/oauth/access_token", oauthObject,  {x_auth_username: username, x_auth_password: password, x_auth_mode: 'client_auth'}, clientSecret);
    console.log(signatureObj);
    var xhr = new XMLHttpRequest();
    var params = 'x_auth_username=' + username
               + '&x_auth_password=' + password
               + '&x_auth_mode=client_auth';
    var authorization = signatureObj.authorization_header;
    xhr.open('POST', 'https://api.twitter.com/oauth/access_token', true);
    xhr.setRequestHeader('Authorization', authorization);
    xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
    xhr.send(params);

But i got error “403 (Forbidden) request”. What wrong is in my code request?


#2

Is your app whitelisted for use of xAuth? If not you’ll need to apply for xAuth permissions via the platform support forms.