c# - Twitter OAuth "Could not authenticate you" when I specify a callback url -


i'm having issue twitter oauth 1.0 during request_token stage

if set oauth_callback of oob (or omit callback url) works fine, of course doesnt redirect user web app afterwards.

n.b. may going wrong way. want specify url client browser should directed after having authorized oauth request on twitter

as change oauth_callback app's callback url, error "could not authenticate you"

i have setup callback url in app settings on twitter same url 1 settings in oauth_callback parameter of request_token process fyi https base url i.e. no path specified, https://www.example.com/

any assistance appreciated

update

this request works (no callback url specified @ all):

post https://api.twitter.com/oauth/request_token http/1.1 authorization: oauth oauth_consumer_key="----myconsumerkey----", oauth_nonce="r70s1926", oauth_signature="ifgmxepdav0lvpge9ls9acgi6r0%3d", oauth_signature_method="hmac-sha1", oauth_timestamp="1503053275", oauth_version="1.0"

this request not (callback url specified, same twitter app setting):

post https://api.twitter.com/oauth/request_token http/1.1 authorization: oauth oauth_callback="https%3a%2f%2fwww.example.com", oauth_consumer_key="----myconsumerkey----", oauth_nonce="707n8282", oauth_signature="0kwzejwq%2fnmfmdz%2bt0zneu4g3ag%3d", oauth_signature_method="hmac-sha1", oauth_timestamp="1503053306", oauth_version="1.0"

the request above returns:

{"errors":[{"code":32,"message":"could not authenticate you."}]}

because exclusion or setting of oob works sounds encoding problem within signature generation.

check oauth_callback url double encoded within signature base string should like:

post&https%3a%2f%2fapi.twitter.com%2foauth%2frequest_token&oauth_callback%3dhttps%253a%252f%252fwww.example.com%26oauth_consumer_key%3dmyconsumerkey%26oauth_nonce%3d707n8282%26oauth_signature_method%3dhmac-sha1%26oauth_timestamp%3d1503057157%26oauth_version%3d1.0

Comments

Post a Comment

Popular posts from this blog

Is there a better way to structure post methods in Class Based Views -

i'm using class based views in django , never specify url in ajax calls , omit action parameter in form because know these requests go through post method of class based view. notice view - profile page make many requests depending on user updating on page - post method become convoluted , if/else mess example: def post(self, request, *args, **kwargs): # handle user changing available date if request.post.get('availabledate') != none: self.updateavailabledate(request) return jsonresponse({'result':'success'}) if request.post.get('newprojectname') != none: creative_user = creativeuserprofile.objects.get(id = request.user.id) project = project.create_project(creative_user, request.post['newprojectname']) project.save() return jsonresponse({'projectid': project.id }) if request.post.get('projectimage') != none , request.files['file']: proj...
Read more

performance - Why is XCHG reg, reg a 3 micro-op instruction on modern Intel architectures? -

i'm doing micro-optimization on performance critical part of code , came across sequence of instructions (in at&t syntax): add %rax, %rbx mov %rdx, %rax mov %rbx, %rdx i thought had use case xchg allow me shave instruction , write: add %rbx, %rax xchg %rax, %rdx however, dimay found agner fog's instruction tables , xchg 3 micro-op instruction 2 cycle latency on sandy bridge, ivy bridge, broadwell, haswell , skylake. 3 whole micro-ops , 2 cycles of latency! 3 micro-ops throws off 4-1-1-1 cadence , 2 cycle latency makes worse original in best case since last 2 instructions in original might execute in parallel. now... cpu might breaking instruction micro-ops equivalent to: mov %rax, %tmp mov %rdx, %rax mov %tmp, %rdx where tmp anonymous internal register , suppose last 2 micro-ops run in parallel latency 2 cycles. given register renaming occurs on these micro-architectures, though, doesn't make sense me done way. why wouldn't register renamer ...
Read more

c# - Asp.net web api : redirect unauthorized requst to forbidden page -

im trying redirect unauthorized request forbidden page instead i'm getting forbidden page in response body , how can fix ? here's startup class : app.createperowincontext(storecontext.create); app.createperowincontext<applicationusermanager>(applicationusermanager.create); app.createperowincontext<applicationsigninmanager>(applicationsigninmanager.create); app.usecookieauthentication(new cookieauthenticationoptions { authenticationtype = defaultauthenticationtypes.applicationcookie, expiretimespan = timespan.fromdays(30), }); app.useexternalsignincookie(defaultauthenticationtypes.externalcookie); app.usetwofactorsignincookie(defaultauthenticationtypes.twofactorcookie, timespan.fromminutes(5)); app.usetwofactorrememberbrowsercookie(defaultauthenticationtypes.twofactorrememberbrowsercookie); the method im trying reach : [httpget] [authorize(roles = "admin")] public string getcurrentusername() { return userman...
Read more