It works for me now! This is the final script:
var username = encodeURIComponent(cfg.username),
password = encodeURIComponent(cfg.password),
url = "
https://api.twitter.com/oauth/access_token",
timestamp = Math.round((new Date()).getTime() / 1000),
nonce = Math.random();
var accessToken = ("oauth_consumer_key={key}" +
"&oauth_nonce={nonce}" +
"&oauth_signature_method=HMAC-SHA1" +
"&oauth_timestamp={timestamp}" +
"&oauth_version=1.0" +
"&x_auth_mode=client_auth" +
"&x_auth_password={password}" +
"&x_auth_username={username}").supplant({
key: CONSUMER_KEY,
nonce: nonce,
timestamp: timestamp,
password: password,
username: username
});
var baseString = "POST&" + encodeURIComponent(url) + "&" +
encodeURIComponent(accessToken);
var signature = encodeURIComponent(
b64_hmac_sha1(CONSUMER_SECRET + "&", baseString) + "=");
var authHeader = ("OAuth oauth_nonce=\"{nonce}\", " +
"oauth_signature_method=\"HMAC-SHA1\", " +
"oauth_timestamp=\"{timestamp}\", " +
"oauth_consumer_key=\"{key}\", " +
"oauth_signature=\"{signature}\", " +
"oauth_version=\"1.0\"").supplant({
nonce: nonce,
timestamp: timestamp,
key: CONSUMER_KEY,
signature: signature
});
new O.IO.Req({
url: url,
method: "POST",
data: "x_auth_username=" + username + "&x_auth_password=" +
password + "&" + "x_auth_mode=client_auth",
headers: [{
name: "Authorization",
val: authHeader
}],
onSuccess: {
fn: function(req) {
var data = {};
req.responseText.split("&").forEach(function(item) {
var parts = item.split("=");
switch(parts[0]) {
case "oauth_token":
data.token = parts[1];
break;
case "oauth_token_secret":
data.secret = parts[1];
break;
case "user_id":
data.userID = parts[1];
break;
case "screen_name":
data.screenName = parts[1];
break;
default:
break;
}
});
cfg.onSuccess.fn.call(cfg.onSuccess.scope, data);
}
},
onFailure: {
fn: function(req) {
cfg.onFailure.fn.call(cfg.onFailure.scope, req);
}
}});
On Sep 20, 1:51 pm, mlowicki <
mlowi...@gmail.com> wrote:
> @Matt, can you provide some method for debugging my issue or some
> solution because with such error message as "Failed to validate oauth
> signature and token" my debugging now is more like guessing....
>
> On Sep 20, 11:50 am, Tom van der Woerdt <
i...@tvdw.eu> wrote:
>
>
>
> > The only relevant part of my code :
> > $sig = base64_encode(hash_hmac('sha1', $baseString, $key, true));
>
> > Key and Base String are visible on the page itself ;-)
>
> > Tom
>
> > On Mon, 20 Sep 2010 01:59:14 -0700 (PDT), mlowicki <
mlowi...@gmail.com>
> > wrote:
>
> > > When i'm usinghttp://
quonos.nl/oauthTester/foroAuth validation with