7

I am working on a twitter oauth login. However, when I do the request_token, the very first step, the response code always return 401 Unauthorized.

I have searched a lot for a week, but I cannot find the solution, please help.

Here is my connection:

URL url = new URL("https://api.twitter.com/oauth/request_token");
HttpURLConnection conn = (HttpURLConnection)url.openConnection();
conn.setRequestProperty("Host","api.twitter.com");
conn.setRequestProperty("Authorization", data);
conn.setRequestMethod("POST");
conn.connect();

For my data:

String data = "OAuth oauth_nonce=\"" + oauth_nonce
    + "\", oauth_callback=\"" + oauth_callback
    + "\", oauth_signature_method=\"" + oauth_signature_method
    + "\", oauth_timestamp=\"" + oauth_timestamp
    + "\", oauth_consumer_key=\"" + oauth_consumer_key
    + "\", oauth_signature=\"" + oauth_signature
    + "\", oauth_version=\"" + oauth_version + "\"";

Also, I am sure that my signature is right, because I used the parameter of twitter example, I can calculate the same result as its example, so I think my method is right.

Here is my calculation:

String oauth_para = "oauth_callback=" + oauth_callback
    + "&oauth_consumer_key=" + oauth_consumer_key
    + "&oauth_nonce=" + oauth_nonce
    + "&oauth_signature_method=" + oauth_signature_method
    + "&oauth_timestamp=" + oauth_timestamp
    + "&oauth_version=" + oauth_version;

String signingRequests = "POST&" + requestToken + "&" + URLEncoder.encode(oauth_para, "UTF-8");

String key = oauth_consumer_secret + "&";
SecretKeySpec signingKey = new SecretKeySpec(key.getBytes(), "HmacSHA1");

Mac mac = null;
try {
    mac = Mac.getInstance("HmacSHA1");
    mac.init(signingKey);
}
catch(Exception e) {
    System.err.println("Error: " + e);
}
byte[] rawHmac = mac.doFinal(signingRequests.getBytes());

String oauth_signature =  Base64.encodeBytes(rawHmac);
oauth_signature = URLEncoder.encode(oauth_signature);

I understand that the nonce and timestamp should be random and unique. So, my method is like that:

StringBuffer buffer = new StringBuffer("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"); 
StringBuffer sb = new StringBuffer(); 
Random r = new Random(); 
int range = buffer.length(); 
for (int i = 0; i < 43;i ++) { 
    sb.append(buffer.charAt(r.nextInt(range))); 
} 
long epoch = System.currentTimeMillis() / 1000;
String oauth_nonce = sb.toString();

Can somebody help me?

P.S: I have also removed my apps, and then create a new one. The result also is the same. Also, the apps is write and read already.

sigod
  • 3,514
  • 2
  • 21
  • 44
Ian
  • 501
  • 2
  • 10
  • 20
  • 2
    Make sure that your servers time is synced to within five minutes of Twitter's servers. – abraham Oct 23 '10 at 06:51
  • When you're building your signing requests string what is the value of requestToken? It should be empty as this is the first step of the OAuth process. – Stephen Dryden Jan 16 '11 at 19:54
  • Did you ever get this working, Ian? I'm having the same problems (401). – Dave Dec 09 '11 at 04:06
  • I get this working suddenly. I think there are some problems with the token generated, please double check the token is correct or not. And your app domain configuration should be set appropriately. – Ian Dec 14 '11 at 07:49

1 Answers1

5

hey,,, I was getting the same problem 1 min ago, but I figured this out. My problem, at least, was that in the configuration of the application(inside twitter), my application type was Client, when should be Browser! So I changed to Browser, put a callback URL and worked fine!!

Arthur Neves
  • 11,840
  • 8
  • 60
  • 73
  • 6
    There is no longer an application type in Twitter's settings. Instead, just complete the `Callback URL` field in the app's settings. More info at: http://stackoverflow.com/a/1994569/193896 – bendytree Mar 01 '12 at 00:44