Getting "Failed to validate oauth signature and token" after adding an explicit "oauth_callback" in the request token phase

880 views
Skip to first unread message

Nathan Rajlich

unread,
Jul 31, 2011, 12:43:02 AM7/31/11
to Twitter Development Talk
Hello all. I am using nodejs, and specifically ciranj's node-oauth[0]
module, attempting to override the default callback URL with an
explicit one as per the 1.0A specification changes. I'm not entirely
sure if it's a bug with the module or just me being dumb, but after I
changing the code from:

request_token_url // is set to: 'https://www.twitter.com/oauth/
request_token'

as the URL posting to (which works) to:

request_token_url + '?oauth_callback=' + encode(callback)

where 'callback' could be something like 'http://www.google.com', I
get a 401 response code with a "Failed to validate oauth signature and
token" error message.

Any hints in the right direction would be much appreciated. Thanks in
advance!


[0]: https://github.com/ciaranj/node-oauth

Ciaran

unread,
Aug 1, 2011, 3:29:05 PM8/1/11
to twitter-deve...@googlegroups.com
Hi Nathan,

Just had a check through my code, and it should work just fine. I've
placed an example working solution inline to this response :)


var http = require('http')
, OAuth= require('./index').OAuth
, url = require('url')
, consumerKey= "YOUR_KEY"
, consumerSecret= "YOUR_SECRET"
, callbackURL= "YOUR_CALLBACK;

var oAuth= new OAuth("http://twitter.com/oauth/request_token",
"http://twitter.com/oauth/access_token",
consumerKey, consumerSecret,
"1.0a", callbackURL, "HMAC-SHA1");

http.createServer(function (req, res) {
var urlp= url.parse(req.url, true);
if( urlp.query && urlp.query.oauth_verifier ) {
res.writeHead(200, {'Content-Type': 'text/plain'});
res.end('Verification callback: ' + urlp.query.oauth_verifier +'\n');
}
else {
oAuth.getOAuthRequestToken(function(error, oauth_token,
oauth_token_secret, oauth_authorize_url, additionalParameters ) {
console.log( error );
res.writeHead(301, {
'Location':
"http://twitter.com/oauth/authenticate?oauth_token=" + oauth_token
});
res.end();
});
}
}).listen(80, "127.0.0.1");

Hope this helps :)

- Cj.

Nathan Rajlich

unread,
Aug 1, 2011, 5:04:13 PM8/1/11
to twitter-deve...@googlegroups.com
Interesting... your example does indeed work as expected! I suppose there must be some difference between that and what I am already doing. Thanks for the example, hopefully it will help me drill down the problem!


--
Have you visited the Developer Discussions feature on https://dev.twitter.com/discussions yet?

Twitter developer links:
Documentation and resources: https://dev.twitter.com/docs
API updates via Twitter: https://twitter.com/twitterapi

Unsubscribe or change your group membership settings: http://groups.google.com/group/twitter-development-talk/subscribe

Nathan Rajlich

unread,
Aug 1, 2011, 8:38:39 PM8/1/11
to Twitter Development Talk
For anybody whose interested, the problem turned out to be that I was
prefixing Twitter's OAuth URLs with 'www.'. After removing the prefix,
and having the urls be top-level, everything is working as expected.
Reply all
Reply to author
Forward
0 new messages