Desperate for Help! Twitter API Blues...
Obrzut
before.
http://www.aponetworks.com/dumpurge/index.html
Take a look at the source code here. PLEASE!
I keep getting an 401 unauthorised when I try to access anything on
twitter.
Please help - I've followed all the tutorials - this really should be
working and it is not...
Is there a time delay between when you reecive your application
tokens / secret to when they become active?
Kind regards,
Obrzut
catcalls
http://www.aponetworks.com/dumpurge/index.html
This is a link to the source code so far. It has my Keys / Tokens I
received from Twitter in it.
I customised a C# Class into a VB.NET class of my own. I also imported
the standard C# OAuth DLL into the program to use.
I still get an 401 Unauthorised when using this source code and I am
really unsure why!?
I cannot even view pages that do not require authorisation! Haha.
This sucks - OAuth sucks - How am I supposed to view a simple xml page
on twitter? I have followed all the tutorials to the letter and even
copied loads of custom Twitter API code into my program and it STILL
DOES NOT WORK!
I am going out my box on this one guys. Srsly, some one take a look at
the files and offer some help!
Matt Sanford
Sorry for the trouble, but could you include the message you're
getting in the body of that 401? Without the error message it's hard
to tell what the problem is or where the source of all of this "suck"
is. Thanks for the hostile tone though … it really got my morning going.
Thanks;
— Matt Sanford / @mzsanford
Obrzut
This is the exact error. I was not being hostile - just going out my
wits end! *smiles*
I've de-stressed by laying in bed for the past hour trying to forget
about the Twitter API and OAuth. Ha!
That said - shall I include the URL I am using with Parameters?
Perhaps that will help, no? I'll get right on that.
Obrzut
SHA1&oauth_consumer_key=CgZiTeNqGk2c0eZSdb9qg&oauth_signature=vxFWk3JvGKdKIRYR31%2b2JC
%2bh30o%3d"
This is an example URL I am sending. Is there anything suspect you can
see just by looking at it?
It really would help me out no end.
Kind regards,
Obrzut
Matt Sanford
When you get an HTTP 401 there should be a body, Something like:
"Failed to validate oauth signature or token", or the more informative
"Invalid / expired token", or a host of other things. The "401
Unauthorized" is the HTTP status line itself and is the error we use
for all OAuth failures. If you're using a library to access Twitter
via OAuth perhaps it is not displaying the body message be default. If
that's the case I recommend adding some print statements, using a
debugging proxy (such as Charles), or watching via tcpdump (or
equivalent) so you can see the body.
Also helpful for debugging just about any error with the API is
the full request and response headers. Look at this from my
perspective … right now I have even less to go on than you. I don't
know your code, what request you made, and I cannot debug interactively.
Thanks;
— Matt Sanford
ProTip: When reporting bugs try to remember that no matter how
frustrated you are you're asking someone who is not sitting with you
and is not in the same frame of mind. This is like shouting at the
police when you called them. Therapeutic? yes. Helpful? probably not.
Good matrial for the show Cops? definitely.
Obrzut
I'm coding in Visual Studio 2005. I am using a HTTP REQUEST function
to make the request to the server.
This is basically all I get to go on is the error messages. I dunno
how to incorporate Charles into VB.NET?
Also, how do I go about printing out the body from VB.NET? If any one
else other than Matt would like to take a look at my code it really
would help.
Kind regards,
Obrzut
Bojan Rajkovic
Hash: SHA1
You need to apply a lexicographical byte ordering to the OAuth
parameters--that is, sort them alphabetically.
I ran into this in the beginning, and scratched my head for a while
until I read the OAuth standard.
Cheers,
- --
Bojan Rajkovic <boj...@brandeis.edu>
Biochemistry '10, Brandeis University
PGP Signature Key ID: 0x8783D016
PGP Encryption Key ID: 0x2497B8B2
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIcBAEBAgAGBQJKQ647AAoJEO4IwQyHg9AWnVkP/2H5dQWnGSYXGGQV0YW6oswQ
gBELIhWjHiq9lkQQbOrCUqV6hR4wycSa5hNfaW+YxQsVEuORTw1FAhiayJPRcVAH
I8cgewOSgXG5CSbXfutPmfQFHZNdN3zgJMaS0sAwoyEik+nb/JePlUEkn7f9CPzb
buqLAjadh0bLNdB/U2ld5FBgnAc1zQEJrGCePqfzYls3RTQm+dc6wtpzRnlKVDER
hfsVh0E9OUZOIjEmaHsc7KUjoiATSB/j0LXrF+3x3BR/ISYkoLW0cJPQEscJVrG+
JbtJ3Q4H1uJpDn5iF4ENhzjZa1/v45w/zliXk8MeDixLC4jtTUE54oKZsYFjhL/v
d1BMgmgTVCJq7Qj2jJNKjD/A2nriAErh/i/42850MsF9JCnff6d2kruXccdHM8Lv
ExttUH9k6c0U4SBVYjjv+Np4OOwWDJvwNx3mXW5mgfLsCtMKdSDD+mm4/M9MHDxR
sHo54jlWDXGYHrbAJLtCBp02UN3FTlieQ61QYniaUJcZOuzMoKkmVn4/uHMJT7SQ
u+DxUMYaFEpot72IOzgFmAmeToGw1GWyeBzeZnkPq5li5Y+EyUCVKH8dxSj4omM+
qUHwvhI93cS6+mmh3L1KGsfg6uXl88xi1oP3d+k1N65nX4troGWE00VPROTbAPzk
+UNJsrk9WkRuaif1le0b
=M/IL
-----END PGP SIGNATURE-----
Obrzut
Just a side note - I extracted the URL and ran it thru a web browser -
then it started popping open a Username / Password box?
It stated;
The server twitter.com at Twitter API requires a username and
password.
What is all this about? I ask, because, my twitter username and
password do not work?
When I ran the URL via the web browser object in VB.NET the document
completed without any body of text. It just exited without a login
prompt. Nothing.
So, it seems the URL I am creating seems sound - as it created a Login
prompt in google Chrome. But, I dunno what credentials I require for
the login prompt?
http://twitter.com/oauth/access_token?oauth_version=1.0&oauth_nonce=2475068&oauth_timestamp=1245949941&oauth_signature_method=HMAC-SHA1&oauth_consumer_key=CgZiTeNqGk2c0eZSdb9qg&oauth_signature=6Uq%2brP1nCHcS3WFLkPMtANO1Zso%3d
This is the URL I used to access the login prompt.
Any pointers?
On Jun 25, 6:04 pm, Bojan Rajkovic <boj...@brandeis.edu> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Obrzut wrote:
> > "oauth_version=1.0&oauth_nonce=5048009&oauth_timestamp=1245948327&oauth_sig nature_method=HMAC-
> > SHA1&oauth_consumer_key=CgZiTeNqGk2c0eZSdb9qg&oauth_signature=vxFWk3JvGKdKI RYR31%2b2JC
> > %2bh30o%3d"
>
> > This is an example URL I am sending. Is there anything suspect you can
> > see just by looking at it?
>
> > It really would help me out no end.
>
> > Kind regards,
>
> > Obrzut
>
> You need to apply a lexicographical byte ordering to the OAuth
> parameters--that is, sort them alphabetically.
>
> I ran into this in the beginning, and scratched my head for a while
> until I read the OAuth standard.
>
> Cheers,
>
> - --
> Bojan Rajkovic <boj...@brandeis.edu>
> Biochemistry '10, Brandeis University
> PGP Signature Key ID: 0x8783D016
> PGP Encryption Key ID: 0x2497B8B2
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
Abraham Williams
http://oauth.net/documentation/getting-started so you have a thorough
understanding of how Oauth.
--
Abraham Williams | Community Evangelist | http://web608.org
Hacker | http://abrah.am | http://twitter.com/abraham
Project | http://fireeagle.labs.poseurtech.com
This email is: [ ] blogable [x] ask first [ ] private.
Obrzut
read the tutorials and FAQs.
Furthermore - I have converted a C# Class that utilises OAuth C# Base
Class to VB.NET without a hitch.
It works just fine - the only problem is that it is reaching a Login
prompt that is asking for credentials that I do not have.
A. Williams - did you even read my last post? I find it highly
ignorant of you to refer me to the guide when I have successfully
authenticated the OAuth procedure.
That said, will anyone who cares to read my posts reply with some
thing that is relevant and makes sense?
I have given all the URL's needed - the parameters I am passing to
Twitters oauth page - and I am getting a LOGIN PROMPT.
Read my previous posts for more information.
Kind regards,
Obrzut
On Jun 25, 7:23 pm, Abraham Williams <4bra...@gmail.com> wrote:
> I would recommend readinghttp://oauth.net/documentation/getting-startedso you have a thorough
>
>
>
>
>
> On Thu, Jun 25, 2009 at 12:17, Obrzut<sa...@peyoteuk.com> wrote:
>
> > WOW! Thanks! I'll try that!
>
> > Just a side note - I extracted the URL and ran it thru a web browser -
> > then it started popping open a Username / Password box?
>
> > It stated;
>
> > The server twitter.com at Twitter API requires a username and
> > password.
>
> > What is all this about? I ask, because, my twitter username and
> > password do not work?
>
> > When I ran the URL via the web browser object in VB.NET the document
> > completed without any body of text. It just exited without a login
> > prompt. Nothing.
>
> > So, it seems the URL I am creating seems sound - as it created a Login
> > prompt in google Chrome. But, I dunno what credentials I require for
> > the login prompt?
>
Matt Sanford
The access token URL [1] should be accessed by your application
to exchange a request token for an access token, not from a browser.
You're seeing a login dialog because that is what browsers do with
HTTP 401 (Unauthorized). Your description has been a bit confusing,
is this the problem (excluding this browser thing):
1. Application gets a request token
2. Redirect the user to twitter.com/oauth/authorize … user clicks
through to accept
3. User returns to your site
4. Your site called twitter.com/oauth/access_token
5. BOOM: twitter.com/oauth/access_token returns 401
Is that the flow? If so, the body of the 401 would be most
helpful. If that is not the flow, please try and describe what you are
doing so I can try and reproduce the error and look for bugs on our
side.
Thanks;
– Matt Sanford / @mzsanford
Twitter Dev
[1] - http://twitter.com/oauth/access_token
Obrzut
Basically, it is hard to describe exactly what my app is doing because
it is using third party code.
Firstly, this is the URL I am trying to access;
url = "http://twitter.com/statuses/show/123.xml"
Then, here are the URL's for authentication that my API uses;
Public Const REQUEST_TOKEN As String = "http://twitter.com/oauth/
request_token"
Public Const AUTHORISE As String = "http://twitter.com/oauth/
authorize"
Public Const ACCESS_TOKEN As String = "http://twitter.com/oauth/
access_token"
I am using the C# Base Class with a VB.NET adapted C# Class to
interface with the C# Base Class for OAuth.
That is basically everything!
It generates a URL too. BUT - I just tried something:
I added http://<MY USERNAME>:<MY PASSWORD>@twitter.com/etc...
To the URL that asks for the Login Prompt and also changed the Nonce.
I get a blank page then! Haha.
You see - when I clicked CANCEL on the Login prompt - I would get the
following output;
<hash>
<request>/oauth/access_token?
oauth_version=1.0&oauth_nonce=9995405&oauth_timestamp=1245956104&oauth_signature_method=HMAC-
SHA1&oauth_consumer_key=CgZiTeNqGk2c0eZSdb9qg&oauth_signature=DaoiZKL5EMak1RyvTsGzYhlKe7Y
%3d</request>
<error>Invalid / used nonce</error>
</hash>
You see - the Nonces have been used for some reason? I changed the
nonce from the original 6545405 to 9995405 and when I updated with a
new nonce I got the blank page. When I tried to access the source code
for you - I got the Login prompt again with the expired nonce.
SO
It seems the problem lies somewhere with updateing the nonces for each
request? AND/OR Supplying Login Credentials?
Perhaps this is what the 401 : Unauthorised error message from Visual
Studio means during a Web Request?
I will keep tinkering with the code by firstly adding my Twitter
Username and Password to the URL as above - but also try updateing the
nonce?
Any ideas on how to do this? I have posted my code in the initial
post.
On Jun 25, 7:41 pm, Matt Sanford <m...@twitter.com> wrote:
> Hello again,
>
> The access token URL [1] should be accessed by your application
> to exchange a request token for an access token, not from a browser.
> You're seeing a login dialog because that is what browsers do with
> HTTP 401 (Unauthorized). Your description has been a bit confusing,
> is this the problem (excluding this browser thing):
>
> 1. Application gets a request token
> 2. Redirect the user to twitter.com/oauth/authorize … user clicks
> through to accept
> 3. User returns to your site
> 4. Your site called twitter.com/oauth/access_token
> 5. BOOM: twitter.com/oauth/access_token returns 401
>
> Is that the flow? If so, the body of the 401 would be most
> helpful. If that is not the flow, please try and describe what you are
> doing so I can try and reproduce the error and look for bugs on our
> side.
>
> Thanks;
> – Matt Sanford / @mzsanford
> Twitter Dev
>
Matt Sanford
A nonce is expected to be unique for each request, that is really
it's only function. You should not need the login/password anywhere,
and if the library you're using requires that it's doing something
incorrectly. I'm not much of a VB programmer, but I just read through
your source and from the Form1 class it looks like you're writing a
desktop application, is that correct?
The other thing I noticed in Form1 is that you try to call
OAuth.AccessTokenGet without ever getting a request token. I think one
step you're missing here is OAuth.AuthorizationLinkGet, which gets a
request token and returns the URL the user's browser should be sent
to. Your code from Form1 does not appear to get the URL or send the
user there, unless the source on this site is incomplete or I'm mis-
reading it.
Thanks;
– Matt Sanford / @mzsanford
Twitter Dev
Obrzut
Dim responseReader As StreamReader = Nothing
Dim responseData As String = ""
Try
responseReader = New StreamReader
(web_Request.GetResponse.GetResponseStream())
responseData = responseReader.ReadToEnd()
Catch
Throw
Finally
web_Request.GetResponse().GetResponseStream().Close()
responseReader.Close()
responseReader = Nothing
End Try
Return responseData
End Function
---------------------------------------------------------------------------------
This above is the final code for my VB.NET program.
I think because it is retreiving the same URL twice or even three
times - the nonce expires.
Any one got any solutions to this problem?
Obrzut
There is an OAuthLinkGet routine in the OAuth_Twitter Class. I am not
sure if it is being used tho?
That said, the code in Form1 basically implements Twitter OAuth Class
- which in turn uses OAuth Class.
It is a heirarchy of classes :)
It should, really, be doing it properly because I only adopted the
classes to VB.NET and did not write them from scratch myself. AND I am
useing the official C# Base Class for OAuth - so it really should
work :(
But, I definitely think that is the problem - the nonces are not being
updated between requests.
But, when I update the nonces in the browser - I get a empty page? Is
that normal?
Perhaps some one here can help with the VB.Net side of things?
Obrzut
Dim ret As String = Nothing
Dim response As String = OAuthWebRequest("GET", REQUEST_TOKEN,
String.Empty)
If (response.Length > 0) Then
REM response contains token and token secret. We only
need the token.
Dim qs As NameValueCollection =
HttpUtility.ParseQueryString(response)
If (Not qs.Item("oauth_token") = Nothing) Then
ret = AUTHORISE & "?oauth_token=" & qs.Item
("oauth_token")
End If
End If
Return ret
End Function
-----------------------------------------------------------
This is the OAuthLinkGet function. It fails with an 401 :
Unauthorised!
This also calls the above offending function 'WebResponseGet' - as
part of 'OAuthWebRequest'.
As soon as WebResponseGet try to access the WebResponse - it gets a
401 Unauthorised.
So, it seems I need to to something with this part of the class.
Thanks - I really feel confident now that we have sussed out the
problems?
Obrzut
Dim test As String = url
Dim UR As System.Net.WebRequest = System.Net.WebRequest.Create
(test)
UR.Credentials = New NetworkCredential("APONetworks",
"<password>")
Dim str As System.IO.Stream = UR.GetResponse
().GetResponseStream()
Dim r As New System.IO.StreamReader(str)
TextBox1.Text = r.ReadToEnd()
r.Close()
str.Close()
========================================================
SUSSED IT!
Yeah - I cheated a lil bit - but I am now able to retrieve all the
data from the page and parse it into my textbox! Ha.
Now - I am making my first Twitter App!