drinks/gist:1293849

Created October 17, 2011 21:18

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/drinks/1293849.js"></script>
Save drinks/1293849 to your computer and use it in GitHub Desktop.

Download ZIP

oauth_token missing from custom image endpoint requests

Raw

gistfile1.md

Actual hashes have been modified to protect the innocent

Twitter for iPhone (iOS 5)

Request

provider: https://api.twitter.com/1/account/verify_credentials.json
headers: OAuth
oauth_timestamp="1318885877",
oauth_nonce="BC898B80-069E-4C42-A2AD-6A6D3B52A070",
oauth_version="1.0",
oauth_consumer_key="IQKbtAYlXLr9pLGPWd0HUA",
oauth_signature_method="HMAC-SHA1",
oauth_signature="bnVzT%2FhKUQBwNoFVJgwuRMaU79c%3D"

Response

error

Could not authenticate with OAuth. request
/1/account/verify_credentials.json

Tweetbot (iOS 5)

Request

provider: https://api.twitter.com/1/account/verify_credentials.json
headers: OAuth
realm="*",
oauth_consumer_key="8AeR93em84Pyuv5i1QGA",
oauth_nonce="81745325-D1C8-49D6-B47D-B2FFB6AF7E7B",
oauth_signature="PchA53uHATgkhqFvBXdB8DijKVM%3D",
oauth_signature_method="HMAC-SHA1",
oauth_timestamp="1318886086",
oauth_token="11801842-vZqIbiLmWWcLucgO6zxkdZ5mHdPab1cyybuDw22KP",
oauth_version="1.0"

Response

Everything works!

Author

drinks commented Oct 18, 2011

Hey Ben,

This gist was an example to send to twitter to illustrate the problem with OAuth Echo. They're aware of it--there are at least 2 threads on dev.twitter.com with official participation:
https://dev.twitter.com/discussions/2974
https://dev.twitter.com/discussions/2933

The conspiracy theorist in me thinks this 'mistake' is an attempt to gather users for their new upload service from among the ranks of those who aren't satisfied with the mainstream image options, but who's to say what's really happening. I don't think there's anything to do until an update is released, other than suggest your users try a different client.

bennadel commented Oct 18, 2011

Thanks for the response. I definitely came across some threads on Twitter Dev with the same problem. I completely agree re: conspiracy :) It's like every other part of the oAuth stuff is there... but not the token... hmmm. Ok, I'll just sit tight and wait for the update to be released. I have to believe if that this is a super easy fix on their end, now that they know about it.