I did not understand from the documentation how to generate an Auth header (signature). On the "OAuth Tool" page ( https://dev.twitter.com/oauth/tools/signature-generator ) I can generate this header. On the Internet, authorization is described everywhere, but on this page I can generate a request without Access token.
1 answer
To generate oauth_signature using the example request_token, these parameters are needed
"oauth_callback =" // if you have a desktop application, then it is equal to "obb"
"oauth_consumer_key =" // key
"oauth_nonce =" // random string of 32 characters
"oauth_signature_method =" // "HMAC-SHA1"
"oauth_timestamp =" // time in seconds since January 1, 1970
"oauth_version =" // "1.0"
1) We put all this into an array in ascending order (alphabetically), with each element having the form: "oauth_callback=" + <oauth_callback> + "&" (last element without "&")
2) Next we merge the array into a string, encoding each element in urlencode
3) Add to the beginning of the line <тип запроса(GET или POST)> + "&" + <ulencode(request_url)> + "&"
4) So, we got the baseline. Now you need to get the key
key=CONSUMER_SECRET + "&" + OAUTH_TOKEN_SECRET;
In my case, OAUTH_TOKEN_SECRET is not yet known, so we simply do not write it
5) Last step
It is necessary to encrypt the base string by key using the hmacSha1 algorithm. Further, the result of this encryption is represented as a base64 string.
To check the performance of your algorithm, use the parameters from this site. I thought it all right. https://dev.twitter.com/web/sign-in/implementing
Artyom Prokudin Artyom Prokudin
88 7
|