Getting 401 when requesting access token with signpost within android

问题

Here is my code, i keep getting an exception "Authorization failed (server replied with a 401). This can happen if the consumer key was not correct or the signatures did not match." on this line 'provider.retrieveAccessToken(consumer, verifier);'. I have triple checked my consumer key and secret and my twitter application is set as a Browser and tried setting provider.setOAuth10a(true), i have been struggling on this for 2 days!! I am using signpost 1.2.1.1 (core & commonshttp4), If anyone can help! Please im desperate

    private static final String CONSUMER_KEY = "MY_CONSUMER_KEY";
    private static final String CONSUMER_SECRET = "MY_CONSUMER_SECRET";

    private static final String CALLBACK_URL = "tweet-mapper://mainactivity";

    private static final String REQUEST_URL = "https://api.twitter.com/oauth/request_token";
    private static final String ACCESS_TOKEN_URL = "https://api.twitter.com/oauth/access_token";
    private static final String AUTH_URL = "https://api.twitter.com/oauth/authorize";

    private static final String PREFERENCE_FILE = "twitter_oauth.prefs";

    private static CommonsHttpOAuthConsumer consumer;
    private static CommonsHttpOAuthProvider provider;

    private static String ACCESS_KEY;
    private static String ACCESS_SECRET;

    private Twitter twitter;


    /**
     * Called when the activity is first created.
     */
    @Override
    public void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.main);

        loginViaOAuth();

    }

    private void loginViaOAuth() {
        try {
            consumer = new CommonsHttpOAuthConsumer(CONSUMER_KEY, CONSUMER_SECRET);
            provider.setOAuth10a(true);
            provider = new CommonsHttpOAuthProvider(REQUEST_URL, ACCESS_TOKEN_URL, AUTH_URL);
            String authURL = provider.retrieveRequestToken(consumer, CALLBACK_URL);
            this.startActivity(new Intent(Intent.ACTION_VIEW, Uri.parse(authURL)));
        } catch (Exception e) {
            e.printStackTrace();
            Toast.makeText(this, e.getMessage(), Toast.LENGTH_LONG).show();
        }
    }

    @Override
    protected void onResume() {

        super.onResume();

        Uri uri = this.getIntent().getData();
        if (uri != null && uri.toString().startsWith(CALLBACK_URL)) {
            String verifier = uri.getQueryParameter(OAuth.OAUTH_VERIFIER);
            Log.d("verifier:", verifier);
            try {

                provider.setOAuth10a(true);
                provider.retrieveAccessToken(consumer, verifier);
                ACCESS_KEY = consumer.getToken();
                ACCESS_SECRET = consumer.getTokenSecret();

                AccessToken a = new AccessToken(ACCESS_KEY, ACCESS_SECRET);

                // initialize Twitter4J
                twitter = new Twitter();
                twitter.setOAuthConsumer(CONSUMER_KEY, CONSUMER_SECRET);
                twitter.setOAuthAccessToken(a);
                String tweet = "#OAuth working via android app!";

                twitter.updateStatus(tweet);
                Toast.makeText(this, tweet, Toast.LENGTH_LONG).show();

            } catch (Exception e) {
                e.printStackTrace();
                Toast.makeText(this, e.getMessage(), Toast.LENGTH_LONG).show();
            }
        }

回答1:

Just found out a possible solution: You need to set a Callback URL on your twitter application account.

回答2:

I had exactly the same problem on my Android application. It was even more frustrating that my twitter login was perfectly working and starting to fail on the signature for some random reasons.

I ran a lot of tests and I found that the problem came from the Android browser which is used in the OAuth process:

• if you are logging in using the stored login/password, or if you have a cookie with your Twitter session and just have to click on "Accept", it fill fail with the 401 error
• if you manually delete and re-enter your password, then it works!

I still can't understand how this affects the API call, but I guess there is some mix up in the browser when you submit the "accept" form with pre-entered information.

I'd be very curious to see if my workaround solves also your problem. I understand this is not a proper solution, but this is a beginning.

EDIT: use http:// instead of https:// for the Twitter OAuth URLs and it solves the problem. I still don't unsertand what is happening...

回答3:

Check your api request it must be .json or .xml, something like https://api.jabbakam.com/network/get_list.json or http://api.twitter.com/1/account/verify_credentials.xml

I advise you to use Scribe library there is a built in class for using Twitter API.

https://github.com/fernandezpablo85/scribe-java/blob/master/src/test/java/org/scribe/examples/TwitterExample.java

When you create your twitter keys did you make Access level: Read and write?

来源：https://stackoverflow.com/questions/5448632/getting-401-when-requesting-access-token-with-signpost-within-android