tweepy.error.TweepError: HTTP Error 401: Unauthorized

3,124 views
Skip to first unread message

pepijn (aka fliebel)

unread,
Mar 12, 2010, 9:26:20 AM3/12/10
to tweepy
Hey,

I'm trying to get oauth working.

When I do this in one terminal. it works:

>>> import tweepy
>>> token = "IGSgAItyWhLtCaEMWaMv5w"
>>> secret = "QIU2ChnM0gSu9li9MRvSVoi72UY1JCBO4HcsrvtIA"
>>> auth = tweepy.OAuthHandler(token, secret)
>>> auth.get_authorization_url()
'http://twitter.com/oauth/authorize?
oauth_token=1Vlq6hb3Hgs0WqgzP0UIdSIXp1bpZXl9PTgryNrI'
>>> auth.get_access_token('8643199')
<tweepy.oauth.OAuthToken object at 0x1021fcb10>
>>> twitter = tweepy.API(auth)
>>> twitter.home_timeline()
<bunch of status objects>
>>> auth.request_token.key
'1Vlq6hb3Hgs0WqgzP0UIdSIXp1bpZXl9PTgryNrI'
>>> auth.request_token.secret
'9ssLyXqnzKbnRToQT4oSRUsjWIBQPfKlGGiC0Mmow'

Now I switch to another terminal and run this:

>>> import tweepy
>>> token = "IGSgAItyWhLtCaEMWaMv5w"
>>> secret = "QIU2ChnM0gSu9li9MRvSVoi72UY1JCBO4HcsrvtIA"
>>> auth = tweepy.OAuthHandler(token, secret)
>>> auth.set_request_token('1Vlq6hb3Hgs0WqgzP0UIdSIXp1bpZXl9PTgryNrI', '9ssLyXqnzKbnRToQT4oSRUsjWIBQPfKlGGiC0Mmow')
>>> auth.get_access_token("8643199")
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/opt/local/Library/Frameworks/Python.framework/Versions/2.6/
lib/python2.6/site-packages/tweepy-1.5-py2.6.egg/tweepy/auth.py", line
126, in get_access_token
tweepy.error.TweepError: HTTP Error 401: Unauthorized

What am I doing wrong?

Thanks,

Pepijn de Vos

Josh Roesslein

unread,
Mar 12, 2010, 10:08:20 AM3/12/10
to twe...@googlegroups.com
I think you want to be passing the access token, not the request token.
You can only fetch the access token once per an authorized request token.
So just replace "request" with "access" in your code and it should work.

Josh

Pepijn de Vos

unread,
Mar 12, 2010, 10:56:46 AM3/12/10
to twe...@googlegroups.com
Hey,

I'm making a web app, so how would I pass the access token?
I only get an access token AFTER the user has signed in, right?
So that is another request, another auth object.
I thought the workflow was like this:

  1. make an auth object with your key and secret
  2. save the request key and secret
  3. get an url to send the user to
  4. --new request--
  5. make another auth object
  6. populate it with the saved request key and secret
  7. get the access key

There must be something wrong with my understanding of oauth.
I also noticed that if I don't supply an explicit return url, Twitter only gives me an oauth_token, and not the oauth_verifier.

Pepijn

Pepijn de Vos

unread,
Mar 12, 2010, 11:06:13 AM3/12/10
to twe...@googlegroups.com
Somehow this works for me...

>>> import tweepy
>>> token = "zglEER0EqPECAj5cZPwrHw"
>>> secret = "FkCHaxVY1PCcdroJmnUPbgWuj7kwaSVxZKZixl00s5Q"
>>> auth = tweepy.OAuthHandler(token, secret)
>>> import webbrowser
>>> webbrowser.open(auth.get_authorization_url())
2010-03-12 17:00:04.282 osascript[1546:607] Error loading /Library/ScriptingAdditions/Adobe Unit Types.osax/Contents/MacOS/Adobe Unit Types:  dlopen(/Library/ScriptingAdditions/Adobe Unit Types.osax/Contents/MacOS/Adobe Unit Types, 262): no suitable image found.  Did find:
/Library/ScriptingAdditions/Adobe Unit Types.osax/Contents/MacOS/Adobe Unit Types: no matching architecture in universal wrapper
osascript: OpenScripting.framework - scripting addition "/Library/ScriptingAdditions/Adobe Unit Types.osax" declares no loadable handlers.
True
>>> auth.request_token.key
'RN8xfvnQdLCghOwUNurCzhpr6gYz1HQ4DlPuYuvvw'
>>> auth.request_token.secret
'2JYK3Gghg1jjp7pCcIyIxra2fXXlJ0PskTYkYY3AABs'

and then

>>> import tweepy
>>> token = "zglEER0EqPECAj5cZPwrHw"
>>> secret = "FkCHaxVY1PCcdroJmnUPbgWuj7kwaSVxZKZixl00s5Q"
>>> auth = tweepy.OAuthHandler(token, secret)
>>> auth.set_request_token('RN8xfvnQdLCghOwUNurCzhpr6gYz1HQ4DlPuYuvvw', '2JYK3Gghg1jjp7pCcIyIxra2fXXlJ0PskTYkYY3AABs')
>>> auth.get_access_token('4730131')
<tweepy.oauth.OAuthToken object at 0x102018810>
>>> twitter = tweepy.API(auth)
>>> tweets = twitter.home_timeline()

Now I used client mode.
If I used browser mode, should I use oauth_token or oauth_verifie?

Pepijn

ps: I'm reseting my keys afterwards of course.

On Mar 12, 2010, at 4:08 PM, Josh Roesslein wrote:

Josh Roesslein

unread,
Mar 12, 2010, 5:15:39 PM3/12/10
to twe...@googlegroups.com
The first example you posted you called get_access_token() in both terminals which is why it would fail
the second time. The second example you posted seems correct.

Yeah the work flow you described is right.

1. Get new request token
2. Redirect user to authorization url
3. Save request token

-- User returns --

4. Get access token
5. Use it / save it

When twitter redirects the user back, use the oauth_verifier value in get_access_token().
oauth_token is just the request token value which you could use to lookup the request token secret
you stored earlier.

Hope that helps you out.

Josh

Pepijn de Vos

unread,
Mar 13, 2010, 4:15:06 AM3/13/10
to twe...@googlegroups.com
Thanks... I did not realize you could get the access token only once.
Do you know why Twitter does not supply oauth_verifier when I leave the return parameter blank? The same url is set in the client settings though.

Here is the result of my efforts btw: http://tweetograph.pepijndevos.nl
Thanks for the help and the great lib!

Pepijn

Josh Roesslein

unread,
Mar 13, 2010, 11:02:46 AM3/13/10
to twe...@googlegroups.com
Looks very good!

Return parameter = callback url? I think if you specify it in your client configuration and don't supply
it at runtime, no verifier is needed. I may be wrong, but if you don't get a verifier back, then you don't need one
to get the access token.

Josh

Pepijn de Vos

unread,
Mar 14, 2010, 7:35:34 AM3/14/10
to twe...@googlegroups.com
You are completely right!

Maybe you should improve the documentation a bit.
I'm not saying your docs are bad, but rather that oath is very confusing.

Pepijn
Reply all
Reply to author
Forward
0 new messages