Another "Could Not Authenticate You (32)" issue.

Aug 14, 2013 at 4:42 PM
Edited Aug 14, 2013 at 4:44 PM
Hi,

I'm writing an app to post on a users' behalf from a windows service. The user authorizes the application on a web-based flow elsewhere, their access token and secret are stored for later use.

I'm using a SingleUserAuthorizer (below), but it seems that it is having trouble either signing the request or associating the request to a user. I get 401 - Could not authenticate you (32) errors every time I call equivalent of /account/verify_credentials.json?skip_status=true

The kicker is that it was working; and now has a 100% failure rate with no code changes.
During debugging I've tried various values for my access token/secret and have regenerated both my client credentials and access token/secret. I've also tried with various previously known-good user tokens as well as generated new ones through other methods.

Any direction would be greatly appreciated. (snippets below).
var auth = new SingleUserAuthorizer()
{
    Credentials = new SingleUserInMemoryCredentials()
    {
        ConsumerKey = _consumerKey,
        ConsumerSecret = _consumerSecret,
        TwitterAccessToken = twitterAccessToken,
        OAuthToken = twitterAccessToken, // added during debugging
        AccessToken = twitterAccessSecret, // added during debugging
        TwitterAccessTokenSecret = twitterAccessSecret,
        UserId = userId // added during debugging
    }
};
var auth = GetAuthorizer(tokens.AccessToken, tokens.AccessTokenSecret, tokens.UserId.ToString());
auth.Authorize();

var context = new TwitterContext(auth);
context.Log = Console.Out;
return context;
var account = context.Account
    .Where(t => t.Type == AccountType.VerifyCredentials)
    .FirstOrDefault(t => t.SkipStatus == true);
Coordinator
Aug 14, 2013 at 5:30 PM
Hi,

You might want to check out the 401 FAQ. Sometimes your server clock get's out of sync with Twitter's servers, which can cause this. These types of 401s generally occur when authorizing.

As mentioned in the VerifyCredentials API docs, Twitter will return a 401 if the user's credentials are no longer valid. This post reminded me to update the FAQ - thanks.

@JoeMayo
Aug 14, 2013 at 6:50 PM
Edited Aug 14, 2013 at 7:09 PM
I'm using my credentials for my own twitter account locally right now, I have made sure that access has not been revoked. Is there some way for me to verify my credentials are still valid?

Also, the timestamp in the 401 response headers is only 1 second behind server time.

Server Time (at request): Wed, 14 Aug 2013 18:49:12 UTC
Server Time (at response received): Wed, 14 Aug 2013 18:49:13 UTC
401 Header Time: Wed, 14 Aug 2013 18:49:12 UTC

Any other ideas?

Some more info that may shed some light.
Using the same credentials, I am able to call update status successfully, but not verify_credentials.
I'm also not able to get a list of followers or friends.
This is weird.

It is also worth noting that using the curl command generated by the twitters oauth tool successfully returns.
Aug 14, 2013 at 7:39 PM
Is there any way for me to inject the nonce to be used for generating the signature?
Coordinator
Aug 14, 2013 at 9:24 PM
It's the SkipStatus parameter. The temporary work-around is to remove it until I can find out what the problem is.
Coordinator
Aug 14, 2013 at 10:11 PM
This discussion has been copied to a work item. Click here to go to the work item and continue the discussion.
Coordinator
Aug 14, 2013 at 10:14 PM
Found the bug and checked in a fix. Now available via downloadable source code.

@JoeMayo