Reputation: 111
Twitter request token OAuth 401 error
Trying to add twitter login using OAuth and it has been a nightmare to get the first step of requesting the token, which results in 401 error as always.
I used twitter's Test OAuth tool to compare the http request that my scala server sends.
Curl request works while my server request fails. Pasting them below for comparison.
Curl Request
curl --request 'POST' 'https://api.twitter.com/oauth/request_token' --data 'oauth_callback=http%3A%2F%2F0.0.0.0%3A8081%2Fweb' --header 'Authorization: OAuth oauth_consumer_key="wRflKWWomJ9jKeK8wbTk0Jck3", oauth_nonce="46ef029600fcc2a6cbe068eb9711401c", oauth_signature="3ptB%2B6%2Fv9QYGgyQjO9DhuD7pmzA%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1422879905", oauth_version="1.0"' --verbose
Scala server Request
HttpRequest(POST,https://api.twitter.com/oauth/request_token,List(Authorization: OAuth oauth_consumer_key="wRflKWWomJ9jKeK8wbTk0Jck3", oauth_nonce="70449464359328", oauth_signature="yEni23tuzEveIMtDm7%2F8N2anU%2FM%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1422879900", oauth_version="1.0"),HttpEntity(application/x-www-form-urlencoded,oauth_callback=http%3A%2F%2F0.0.0.0%3A8081%2Fweb),HTTP/1.1)
Things I tried:
- Made sure timestamp is within 5 minutes
- Made sure "Allow this application to be used to Sign in with Twitter" is set in twitter settings.
- Callback url is set - http://0.0.0.0:8081/web (even tried proxy names for localhost by changing ip table)
- Tried generating request token using Saclaj
- Used custom OAuth signature request primarily using OAuth.scala
This 401 twitter request token seems to be a recurring theme for many folks, complicated by various failure points. Any help is much appreciated.
Upvotes: 2
Views: 5220
Answers (2)
Reputation: 2271
Another possible scenario
In my Twitter client app settings screen, I set an option "Enable Callback Locking (It is recommended to enable callback locking to ensure apps cannot overwrite the callback url)" and this caused me getting 401 unauthorized error on trying to get request token.
Upvotes: 0
Reputation: 111
For anyone else facing this issue, I am listing down few things that you could benefit from.
After excruciating attempts of permutations and combinations,
oauth_tokenhad to be a part of the signature (even if its value is empty string).
I am not sure if it is mentioned anywhere and particularly ironic that you had to remove access token and secret while using Twitter's OAuth testing tool (for the Curl command to work properly which took some bloody lot of time to figure out.)
It is good to validate your basestring - Tool
Validating if your signature process is correct - Check point (f)
Upvotes: 1
Related Questions
- Twitter and Oauth results in 401 error
- Twitter Oauth request token response 401, I cannot resolve
- twitter - request token failing
- Twitter API request_token
- Twitter 401 Unauthorized -- OAuth Request Token
- Twitter oauth/access_token 401 Error
- 401 Unauthorized for https://api.twitter.com/oauth/request_token
- Twitter- Obtaining a request token Response 401 - POST
- Twitter oauth Request Token Response code 401
- twitter request_token 401 unauthorized