how to create authentication string for each twitter API call
how to create authentication string for each twitter API call
Created by Jerry Wang on Aug 16, 2014
The following information must be available to populate authentication string for current twitter API call:
Step1
generate the intermediate authentication string by concatenate the technical name of each field and its value into single line by “%3D”, then concatenate each single line into the intermediate string by “%26”.
Step2
generate the base authentication string via the following logic:
The string populated in this step should be:
<current http request name>&<current twitter API url>&<intermediate authentication string generated in step1 >A sample base authentication string looks like as below:
GET&http%3A%2F%2Fapi.twitter.com%2F1.1%2Fstatuses%2Fmentions_timeline.json&oauth_consumer_key%3DdbsDIeSbFjl7J5UuXXBb8g%26oauth_nonce%3D3DC99B81145ED0726C20207FB8B6A0A8%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1365573543%26oauth_token%3D1322278441-fhsyXxAY3yRLCgJxxQwN7IoRWr73CiJ2ogA08s9%26oauth_version%3D1.0
Step3
Generate authentication string for field “oauth_signature” using HMAC-SHA1 algorithm.
The input parameters for the generation in this step are:
- Encryption key: consists of consumer secret and token secret combined with “&”.
- Base authentication string generated from step2.
For detail how to use HMAC-SHA1 algorithm to generate authentication string, please refer to attached sample code.
Step4
During this step value for all seven fields listed in table1 should be available.
Then the following steps must be done to generate the final authentication string:
- Concatenate field name with field value by “=”.
- Surround field value with “.
- Concatenate each name-value pair with “, “.
- Add header “OAuth “ into the beginning of string.
You can use the following sample authentication string as a reference.
OAuth oauth_consumer_key=“ajaTgSs6QlXni558PjNg”, oauth_token=“1003016971-gRDT3Db0fcnaEvnldIGqrRH6P1Bsu6qXAUfs19b”, oauth_timestamp=“1365576176”, oauth_nonce=“C505BDC4FF6B4804A5A0F17EDD5D48EF”, oauth_version=“1.0”, oauth_signature_method=“HMAC-SHA1”, oauth_signature=“Yj%2BA3IrvgzWpNImngMV1gvnnbiU%3D”
For more detail information about OAuth protocol please refer to following links: