0

It's the first time for me to try to get a REST call to work thru POST from Firefox. I generated the token and the Auth strings needed as follows:

oauth_consumer_key

oauth_nonce

oauth_signature

oauth_signature_method

oauth_timestamp

oauth_token

Does the order meter? Because I can't understand if I'm missing anything else. Here is my Request

https://api.twitter.com/1.1/search/tweets.json?q=&geocode=30.0444,31.2357,1km&until=2013-11-30&result_type=mixed&oauth_consumer_key=0xxxQ&oauth_nonce=bcbcxxx8&oauth_signature=pXXXglKjY%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1390221337&oauth_token=2287933520-fuxxxR0&count=100

The Response is:

401 Unouthorized
{"errors":[{"message":"Could not authenticate you","code":32}]}

Could anyone help please?

Thanks,

EDIT 1

As Mike suggested the Console, it actually does work from the console, but the console asks you to login so it manages the authorization, which is fine

Now that I know my request works, how to add these parameters to an $.ajax call? I tried adding the following:

beforeSend : function(req) {
 req.setRequestHeader('Authorization', auth);
},

where "auth" is the "OAuth oauth_consumer_key=..." but I get a bad request error 400.

Ideas anyone?

Thanks,

mzereba
  • 2,467
  • 5
  • 26
  • 40

2 Answers2

0

Per Twitter's authorizing a request page, you need to pass in your oAuth parameters via the Authorization header, not in the query parameters.

Example given on that page (put all of the OAuth fields on the same line, no newlines):

POST /1/statuses/update.json?include_entities=true HTTP/1.1
Accept: */*
Connection: close
User-Agent: OAuth gem v0.4.4
Content-Type: application/x-www-form-urlencoded
Authorization: 
        OAuth oauth_consumer_key="xvz1evFS4wEEPTGEFPHBog", 
              oauth_nonce="kYjzVBB8Y0ZFabxSWbWovY3uYSQ2pTgmZeNu2VS4cg", 
              oauth_signature="tnnArxj06cWHq44gCs1OSKk%2FjLY%3D", 
              oauth_signature_method="HMAC-SHA1", 
              oauth_timestamp="1318622958", 
              oauth_token="370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb", 
              oauth_version="1.0"
Content-Length: 76
Host: api.twitter.com

status=Hello%20Ladies%20%2b%20Gentlemen%2c%20a%20signed%20OAuth%20request%21
Mike Dunker
  • 1,950
  • 15
  • 17
  • Thanks Mike...I found the whole string in my application's page, I recreated my token and regenerated the string. My final intention is to set that in the JQuery/Ajax request as a REST call, but for now I am trying to get the data to make sure it works thru Poster (Firefox sniffer). I tried to add it as a header, putting Authorization as Name and the whole string (in one line) as Value. I still get the same error. – mzereba Jan 21 '14 at 06:54
  • Not sure why Authorization isn't working for you. Make sure you have the first "OAuth" string, plus commas between fields. My recommendation would be to try the [Twitter Console](https://apigee.com/console/twitter) to experiment with the API. Make sure you select version 1.1 in the dropdown. It will show you what is sent in the payload, query parameters, and headers. I was able to use this tool and successfully make a call to tweets.json. Also note that your example above has an empty query parameter (...tweets.json?q=&geocode=30.0444,31.2357,1km...) which I'm not sure is allowed. – Mike Dunker Jan 21 '14 at 07:32
  • Thanks @MikeDunker ...so in the console it works and gives me back 200 OK (when I authenticate by letting it redirect me to login before sending the requets) so I assume my call is correct. But if I want to include these in a Ajax request would it be `beforeSend : function(req) { req.setRequestHeader('Authorization', auth); }` or simply `header: { 'Accept-Encoding': "gzip", 'Authorization':userId}` – mzereba Jan 21 '14 at 09:27
  • I don't know if this helps: I get 401 Unauthorized error in case of 1.1 and 400 Bad Request in case of 1.0 – mzereba Jan 21 '14 at 09:50
0

Another gotcha. It turns out the default .NET implementation of UrlEncode outputs the percent encoding in lower case. Looks like Twitter expects lowercase encoding, returning a 401 when parameters are lower case.

Here's some code to fix that up:

.net UrlEncode - lowercase problem

Community
  • 1
  • 1
Lars
  • 9,976
  • 4
  • 34
  • 40