Reputation: 22964
Twitter OAuth "Could not authenticate you" when I specify a callback url
I'm having an issue with Twitter OAuth 1.0 during the request_token stage
If I set a oauth_callback of oob (or even omit the callback url) then it works fine, but then of course doesnt redirect the user to my web app afterwards.
N.B. I may be going about this the wrong way. I just want to specify a URL that the client browser should be directed to after having authorized the OAuth request on Twitter
As soon as I change the oauth_callback to my app's callback url, I get the error "Could not authenticate you"
I have setup the callback url in the app settings on twitter to exactly the same url as the one I am settings in the oauth_callback parameter of the request_token process which FYI is an HTTPS base url i.e. no path specified, https://www.example.com/
Any assistance would be appreciated
UPDATE
This request works (no callback url specified at all):
POST https://api.twitter.com/oauth/request_token HTTP/1.1
Authorization: OAuth oauth_consumer_key="----myconsumerkey----", oauth_nonce="r70s1926", oauth_signature="iFGmXEpDav0lVpge9Ls9ACGI6r0%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1503053275", oauth_version="1.0"
This request does not (callback url specified, same as twitter app setting):
POST https://api.twitter.com/oauth/request_token HTTP/1.1
Authorization: OAuth oauth_callback="https%3A%2F%2Fwww.example.com", oauth_consumer_key="----myconsumerkey----", oauth_nonce="707n8282", oauth_signature="0KWzeJwQ%2FNMfmdZ%2Bt0zNEU4g3Ag%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1503053306", oauth_version="1.0"
The request above returns:
{"errors":[{"code":32,"message":"Could not authenticate you."}]}
Upvotes: 1
Views: 921
Answers (1)
Reputation: 4978
Because exclusion or a setting of oob works it sounds like an encoding problem within the signature generation.
Check that the oauth_callback url is double encoded within your signature base string which should look something like:
POST&https%3A%2F%2Fapi.twitter.com%2Foauth%2Frequest_token&oauth_callback%3Dhttps%253A%252F%252Fwww.example.com%26oauth_consumer_key%3Dmyconsumerkey%26oauth_nonce%3D707n8282%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1503057157%26oauth_version%3D1.0
Upvotes: 1
Related Questions
- Twitter OAuth Request Token returning Unauthorized
- Twitter API oAuth failed signature when adding callback url
- twitter unauthorized 401 c# oauth/request_token
- 401 error while trying to call Twitter stream API
- Twitter Invalid request token when requesting access token: C#
- Twitter API Integration - The remote server returned an error: (401) Unauthorized
- Twitterizer: "Could not authenticate with OAuth"
- Acquire Twitter request token failed
- Could not authenticate with OAuth
- Twitter oauth_callback parameter being ignored!