Geek Answers Handbook

Twitter API oAuth failed signing when adding callback URL

I use this code / guide another oAuth cURL twitter that is not responding to verify the signing of my API request. I'm still trying to go to step 1 this

Note: keys are random, they are not real :)

when I try to make a request without oauth_callback, I get the correct response from api

https://api.twitter.com/oauth/request_token?oauth_consumer_key=nHb2kSQ2CD9MW1MdW5VeQ&oauth_nonce=1356902849&oauth_signature=MbvhwGiNPKQR0yauthaut_authaut_auto_auto_auto_shock

when I add the oauth_callback line (it is imperative that users sign up with redirection!) I get "Failed to check oauth signature and token"

https://api.twitter.com/oauth/request_token?oauth_callback=http%3A%2F%2F127.0.0.1%2Ftest%2F&oauth_consumer_key=nHb2kSQ2CD9MW1MdW5VeQ&oauth_nonce=1356902915&oauth_signature=2WTaI9jXNBaDd7f8AqIe6y3%2Beno%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1356902915&oauth_version=1.0

I mean, there is no difference between the two URLs, they both go through the same execution, and they respect the signature method. How to fix it?

yes I added http://127.0.0.1/test/ as the callback URL in the Twitter app settings.

thanks

+4
source share
3 answers

I solved the problem. The problem was that even if the callback URL was sent correctly using the method or request headers, as you can see on the links, it was also double escaped when creating the signature from basestring. Since the documentation in this regard is pretty bad, I didn’t think you should double it, as well as other oauth_ * parameters (or percent coding "&" s).

0
source

Have you configured the callback url in your Twitter app settings?

If you do not install this, the api may fail.

Give up here :

enter image description here

Also check that your time is synchronized (use an NTP server); see https://dev.twitter.com/discussions/1043

+1
source

I agree that the Twitter API is poorly documented :)

Follow this rule:

  • If your oauth_callback does not contain a query string = nothing funky is required.
  • If your oauth_callback has query string parameters = URL code of query string parameters separately.

Hope this explains.

0
source

More articles:


All Articles