An attempt to do xauth in a shell script.

xauth.sh

function xauth(){
    NONCE=`head -n 64 /dev/urandom | env LC_CTYPE=C tr -dc 0-9 | cut -c1-64`
    TIMESTAMP=`date +%s`


# signature base string
# POST&https%3A%2F%2Fapi.twitter.com%2Foauth%2Faccess_token&oauth_consumer_key%3Dri8JxYK2ZdwSV5xIUfNNvQ%26oauth_nonce%3DqfQ4ux5qRH9GaH8tVwDCwInLy6z8snR6wiq8lKcD6s%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1267817662%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth%26x_auth_password%3Dxyz12242134%26x_auth_username%3Depisod
    consumer_key="6tV0bqiCWFPVQDSqUW6kMw"
    consumer_secret="wnqkvIv9AMeeFoWJttIhRXxPQNewRXNs2bAYa6j8U"
    key="${consumer_secret}&"

    password="password"
    username="junkiesxl"
    SIGBASE="POST&https%3A%2F%2Fapi.twitter.com%2Foauth%2Faccess_token&oauth_consumer_key%${consumer_key}%26oauth_nonce%3D${NONCE}%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D${TIMESTAMP}%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth%26x_auth_password%3D${password}%26x_auth_username%3D${username}"

    SIGNATURE=`python -c "import hashlib,hmac;print hmac.new('$key', '$SIGBASE' , hashlib.sha1).hexdigest()"`
    auth_header="OAuth oauth_nonce=\"${NONCE}\", oauth_signature_method=\"HMAC-SHA1\", oauth_timestamp=\"${TIMESTAMP}\", oauth_consumer_key=\"${consumer_key}\", oauth_signature=\"${SIGNATURE}\", oauth_version=\"1.0\""
    echo "nonce : $NONCE"
    echo "ts    : $TIMESTAMP"
    echo "sig   : $SIGNATURE"
    echo "sb    : $SIGBASE"
    echo "header: $auth_header"
}

It creates all the parts needed to create an xauth header. But somewhere along the line this isn't really doing that. So what I basically need is a way to generate an xauth header in another way to quickly test what's wrong.