function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
Varun99Varun99 

Salesforce with twitter integration Failed to validate oauth signature and token

Hello,

 

Integrating salesforce with twitter through apex code am facing error like

 

"Failed to validate oauth signature and token"

 

 

Am passing twitter Oauth token, secretkey... in string format like

 

string Stringval='Oauth_callback="'+EncodingUtil.urlEncode('https://c.ap1.visual.force.com/apex/twitterForcepage';, 'UTF-8')+'",oauth_consumer_key="eIGzjmMGeclmpSzxmjnKhQ", oauth_nonce="3de317379683f90d4f80da8879472036", oauth_signature="fiyY68Llzy2yREjUeJw0o%2Fdqcns%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1365504459", oauth_token="354671694-MrReLR18pmpDZulKaRVZR3CifKpI9ZFo1XUofyJn", oauth_version="1.0"';

 

string bVal=EncodingUtil.Base64Encode(blob.valueof(Stringval)); 
String authorizationHeader = 'Bearer :' + bval;
req.setHeader('Authorization',bVal);

 

 

How to integrate salesforce with twitter through apex? how to authenticate with twitter? or acess responce from twitter?

 

Can anyone suggest my issue where it is problem?




Thank you

AshwaniAshwani

Hi, 

 

Your string format not seems to be correct . String format must be in following format:

 

// EndPoint URL

String endpoint = 'https://api.twitter.com/oauth/request_token'

 

// Passing parameter and must be percent encode.

String params='oauth_callback='+EncodingUtil.urlEncode('https://c.ap1.visual.force.com/apex/twitterlogin' , 'UTF-8')+'&oauth_consumer_key=lHVBPYDxxxx2JASf9yyEA&oauth_nonce=0afa694efd3feee68ebc180f3858a9a3&oauth_signature='+oauth_signature+'&oauth_signature_method=HMAC-SHA1&oauth_timestamp='+oauth_timestamp+'&oauth_token='+oauth_token+'&oauth_version=1.0';

 

To authenticate follow following link: https://dev.twitter.com/docs/api/1.1

 

POST oauth/request_token  is first step of initialization through apex.

 

Twittet uses OAuth 1.0 authentication flow. Which require correct signature to generate. Before signing every key must be percent encode. Format of string to sign must be:

 

String baseString = 'POST&'+EncodingUtil.urlEncode('https://api.twitter.com/oauth/request_token' , 'UTF-8')+'&'+EncodingUtil.urlEncode('oauthcallback=https://c.ap1.visual.force.com/apex/twitterlogin&oauth_consumer_key=lHVBPYDxxxx2JASf9yyEA&oauth_nonce='+oauth_nonce+'&oauth_signature_method=HMAC-SHA1&oauth_timestamp='+oauth_timestamp+'&oauth_token='+oauth_token+'&oauth_version=1.0' , 'UTF-8');

 

Signature key is combination of "Consumer sectret + access Secret" and must be joined with '&'. e.g.

signkey = consumer_secret+'&'+oauth_token_secret;

 

Signature can be generate by this approach:

Blob OAuth = Crypto.generateMac('hmacSHA1' , Blob.valueOf(baseString) , blob.valueOf(signkey));
oauth_signature = EncodingUtil.urlEncode(EncodingUtil.base64Encode(Oauth), 'UTF-8');

 

nonce is a unique string of 32 byte random data and must not be repeat in any of requests.

 

 

For any doubts please reply and if it resolves your problem please mark it as solution.

 

Thanks.

 
StarhunterStarhunter
Could you please let me know the mistake I am making by looking at the below code. I am getting status= 401 error
  
public void makeCall(){
        //String callBack= EncodingUtil.urlEncode('https://testCallback.com', 'UTF-8');
        String callBack = EncodingUtil.urlEncode('https://login.salesforce.com/','UTF-8');
        String consumerKey = '***';
        Http h = new Http();
        HttpRequest req = new HttpRequest();
        String timestamp = String.valueOf(DateTime.now().getTime()/1000);
        String nounce = String.valueOf(Crypto.getRandomLong())+String.valueOf(Crypto.getRandomLong())+String.valueOf(Crypto.getRandomLong())+String.valueOf(Crypto.getRandomLong());
        //String nounce = 'eicbejsnoiajsfiohadlf89u89mnasmd';
        system.debug(timestamp+'   '+nounce);
        String paramString = EncodingUtil.urlencode('oauth_callback','UTF-8')    +'='+EncodingUtil.urlencode(callBack,'UTF-8')+'&'+EncodingUtil.urlencode('oauth_consumer_key','UTF-8')+'='+EncodingUtil.urlencode(consumerKey,'UTF-8')+'&'+EncodingUtil.urlencode('oauth_nonce','UTF-8')+'='+EncodingUtil.urlencode(nounce,'UTF-8')+'&'+EncodingUtil.urlencode('oauth_signature_method','UTF-8')+'='+EncodingUtil.urlencode('HMAC-SHA1','UTF-8')+'&'+EncodingUtil.urlencode('oauth_timestamp','UTF-8')+'='+EncodingUtil.urlencode(timestamp,'UTF-8')+'&'+EncodingUtil.urlencode('oauth_version','UTF-8')+'='+EncodingUtil.urlencode('1.0','UTF-8');
        req.setEndpoint('https://api.twitter.com/oauth/request_token');
        String basestring = 'POST'+'&'+EncodingUtil.urlencode('https://api.twitter.com/oauth/request_token','UTF-8')+'&'+EncodingUtil.urlencode(paramString,'UTF-8');
        system.debug('**basestring'+basestring);
        String signkey = EncodingUtil.urlencode('##','UTF-8')+'&';
        Blob OAuth = Crypto.generateMac('hmacSHA1' , Blob.valueOf(baseString) , blob.valueOf(signkey));
        String final_signature = EncodingUtil.urlEncode(EncodingUtil.base64Encode(Oauth), 'UTF-8');
        string authheader = 'OAuth oauth_callback ='+callBack+',oauth_nonce='+nounce+',oauth_signature='+final_signature+',oauth_signature_method="HMAC-SHA1",oauth_timestamp='+timestamp+',oauth_consumer_key='+consumerKey+',oauth_version="1.0"' ;
        req.setMethod('POST');
        req.setHeader('Authorization', authheader);
        HttpResponse res = h.send(req);
        system.debug(res);
    }