Home > Archive >  2009 >  February >  14

Another day banging my head against OAuth

Saturday, February 14, 2009 by Dave Winer.

A picture named accordion.gifI thought I had my signature-generating code right, I had it verified by two sources, but it still was being rejected by Twitter. I was looking for another service to test against, when Chris Messina posted a link to a wiki page that in turn pointed to three sites that verified signatures -- and I did a quick check, confident that my signature code would be validated, but it wasn't. They didn't agree. But, that implies that they don't agree with the first two sources I checked against. Which is really seriously troubling if I didn't make a mistake, which is why I'm going to very carefully check my work now. My notes follow, realtime. Permalink to this paragraph

1. First result, I tested it with the Google page, and their signature and mine do not agree. I'm going to see if the "signature base strings" agree. They don't. Now to see where they differ and why. They don't differ -- I made a mistake in the test script. Once I corrected it, my signature-generating code and Google's return the same string. Permalink to this paragraph

2. Tested against the Netflix page, and they agree as well. Of course had they not agreed then I suppose we'd all be fracked. (Speaking of which did you see BSG last night. I gotta watch that one again, for sure.) Permalink to this paragraph

So.... Permalink to this paragraph

My next plan of attack is to try some other call with Twitter, maybe I happened to hit on the one API they haven't debugged with OAuth yet. And try another OAuth-compatible app to test against. Something simple, one that a lot of people have developed against. Not sure there are any yet. I'll keep you posted. ;-> Permalink to this paragraph


Recent stories:

A picture named dave.jpgDave Winer, 53, pioneered the development of weblogs, syndication (RSS), podcasting, outlining, and web content management software; former contributing editor at Wired Magazine, research fellow at Harvard Law School, entrepreneur, and investor in web media companies. A native New Yorker, he received a Master's in Computer Science from the University of Wisconsin, a Bachelor's in Mathematics from Tulane University and currently lives in Berkeley, California.

"The protoblogger." - NY Times.

"The father of modern-day content distribution." - PC World.

One of BusinessWeek's 25 Most Influential People on the Web.

"Helped popularize blogging, podcasting and RSS." - Time.

"The father of blogging and RSS." - BBC.

"RSS was born in 1997 out of the confluence of Dave Winer's 'Really Simple Syndication' technology, used to push out blog updates, and Netscape's 'Rich Site Summary', which allowed users to create custom Netscape home pages with regularly updated data flows." - Tim O'Reilly.


Dave Winer Mailto icon

My most recent trivia on Twitter.

© Copyright 1994-2009 Dave Winer Mailto icon.

Last update: 2/14/2009; 10:56:32 AM Pacific. "It's even worse than it appears."

Click here to view blogs commenting on  RSS 2.0 feed.