Le Web Social de Pierre-Julien Grizel

I’ve been playing lately with Twitter’s OAuth API.

BTW, some nice resources about it are :

• Abraham Williams’ documentation for his module ; there’s just a quirck that prevents you to understand the whole process when Twitter redirects you to your module – but more to come later ;
• Jaisen Mathai’s module to access Twitter. Nice module with test cases.
• Hueniverse’s official documentation, which is very didactic but not as straightforward and technical as a web developper would expect (or is it just me ?)

I’ve been trying desperately to make this stuff work in my Debian Virtual Machine while I was behind a proxy. No matter what I did, I either had a looong timeout on my Twitter requests (which looked like a proxy problem) or a very strange 401 error (« Failed to validate oauth signature and token »).

Weird.

Then I carefully read the specs one more time, studied the curl module and I’ve found the following clue :

• curl uses the http_proxy environment variable you’d set to have most of your Unix tools work behind a proxy. Great news.

So this way I knew my proxy wouldn’t be a big issue. But, no matter how I tried, I still had the 401 error. I thought at first that there was some mysterious exchange between Twitter and my application beyond the formal URL redirect. But no. I thought my code was bad (well, it is anyway, but…), so I installed it on an internet box and tried it… it worked. No way to debug my app from my virtual machine. Sigh…

Then I checked one basic paramter : date. My Virtual Machine was 6 days late ! I issued a « sudo date -s » command to make it right, and, guess what? It worked! No more 401 error. Of course, I had forgotten that the ‘timestamp’ parameter was critical to make OAuth work.

So if you meet the strange 401 error while requestion an auth token to Twitter, don’t look any further: must be a date problem if you’re sure your app tokens are ok.