Failed to validate oauth signature and token

robotabots
@robotabots Robotabots

Hi all,

I built a little twitter app a while back based on Abraham Williams OAuth PHP example. All has been working great with it for the past year or so. It has not been used very much over the past few months. Today, when I went to set up a new account using it, I got an error message. When ever I try to request a token form Twitter the error occurs and I get the following:

Array
(
[Failed to validate oauth signature and token] =>
)

I presume I missed some critical update that twitter made and need to make changes to my code. Can anyone shed some light on this for me?

Thanks.

2 years 35 weeks ago

Replies

robotabots
@robotabots Robotabots

Heh, I got it figured out now... And boy I feel silly. My server's internal clock was not set correctly. So the timestamps that were sent with the requests for a new token were incorrect. Updated the server's internal clock to the correct time and everything is working again!

2 years 35 weeks ago
alamoz
@alamoz Adrien

Can you tell us exactly how you updated your server's internal clock?

2 years 35 weeks ago
SabkaTraffic
@SabkaTraffic Sabka Traffic

I'm having the same issue and also using the same library. I know how to update my clock, but I don't see that much of a time difference. What was the offset of your clock?

2 years 33 weeks ago
episod
@episod Taylor Singletary

Setting a system clock varies from environment to environment.

In a UNIX-based environment, you can set the clock using the "date" command. Most Linux distros, Mac & Windows should all have options to sync your clock with a NTP server.

You should be within about 5 minutes of our servers. You can determine the delta between your machine and ours by examining the Date HTTP header we send in response to every request. By converting that to UTC epoch time in seconds and comparing to your current UTC epoch time in seconds, you can determine how many seconds behind your clock is from ours.

2 years 33 weeks ago
uniqe_mohini
@uniqe_mohini Mohini Gonawala

Hey i am just new to this and trying to learn authentication..and i am not able to figure out how to construct oauth_signature...in php can anyone explain please.......?

2 years 27 weeks ago
episod
@episod Taylor Singletary

Here's a great article on getting started with using tmhOAuth for PHP: http://net.tutsplus.com/tutorials/php/creating-a-twitter-oauth-application/

2 years 27 weeks ago
XAMedia
@XAMedia XAMedia

..also; https://dev.twitter.com/docs/auth/oauth

2 years 24 weeks ago
Yogesh2Jadhav
@Yogesh2Jadhav yogesh

Hi,
I am using.. https://api.twitter.com/oauth/access_token?x_auth_password=@@@@@@&x_auth_username=@@@@@@&x_auth_mode=client_auth&oauth_verifier=pin-code

About url as GET just to see what is output on webpage. and getting error "Failed to validate oauth signature and token"
At the end I have to use Same url as POST in my App.
Can anyone please help me.. and let me know where I am going wrong?

2 years 24 weeks ago
Tech_Martian
@Tech_Martian Tech Martian

Hi, if anyone can help me out, I am using Google's App Inventor website, and for a class project I need to make a twitter app, and well, I am having a lot of difficulty since I am new to all this, any help I can get will be very appreciated

2 years 23 weeks ago
Yellow1003CP
@Yellow1003CP Yellow1003CP

If It Fails, Try using Another Computer. If It Fails Again, You Can Update Your Server's Internal Clock.. It Should Be Working Good Again After You Do These 2 Options..

2 years 15 weeks ago
KarapetKarapety
@KarapetKarapety Karapet Karapetyan

Hi there, guys I have same problem, even dont know what to do, in my local it works fine , but on server I am getting that popular error "Failed to validate oauth signature and token", I tried to fix server clock, but it's ok, and I can see more then 5 minutes delta.I am just thinking, I am in GMT+4 timezone, can this effect on this????

2 years 1 week ago
episod
@episod Taylor Singletary

It's possible this is still timezone conversion related.. when you're checking the delta, how are you comparing times? Are you looking at the Date header we're sending in our responses, then either converting the string into epoch time in seconds or converting your local time object into epoch time in seconds, and comparing?

2 years 1 week ago
OxxFild
@OxxFild GuilhermePacheco

Como faço para minha conta ser verificada ? Eu preciso ! Por favor ..

1 year 45 weeks ago
jerry_sunchen
@jerry_sunchen Jerry Sun

I failed to get Oauth ways today. It turned out that my Ubuntu has updated its time automatically with Windows system (I install both systems on my laptop). As I traveled abroad and I changed my time zone on my Windows. Linux changed with the Windows at the same time. But it did not change the time zone. Thus today I failed many times to get authentication. Finally I changed the time zone and time manually. And it gets to work again.....
Yet I still don't know why ubuntu would change with my windows since they are separated systems.

1 year 39 weeks ago
650MartinB
@650MartinB Martin Barker

Just for others this is due to the fact that time is saved in BIOS for both windows and Linux so changing it in any OS on a PC will change them all

42 weeks 2 days ago
Naga_Prabu
@Naga_Prabu Naga

i was set date_default_timezone_set('America/New_York'); but still i amhaving this http code 401 & reply text as could not connect, refresh the page.

1 year 15 weeks ago
uelikramer
@uelikramer Ueli Kramer

try: date_default_timezone_set('UTC');.. solved for me

1 year 15 weeks ago
viru_f
@viru_f virupaksh

How to get request token for an access token? let me know if any one worked on it....
thanks in advance...

1 year 15 weeks ago
Naga_Prabu
@Naga_Prabu Naga

that same error like "failed to validate oauth signature and token"

1 year 14 weeks ago
Naga_Prabu
@Naga_Prabu Naga

is there any new update in my php info() to avoid the error "Failed to validate oauth signature and token" ?

1 year 14 weeks ago
campbelljustin
@campbelljustin Justin Campbell

This time thing is extremely dumb considering many developers don't have the ability to control their server's system time.

In the mean time: just request the headers from some random server (like Twitter!) parse out the Date returned, and then feed it back to them. Works like a charm, so far, albeit slower execution.

50 weeks 4 days ago
vibhasha1
@vibhasha1 vibhasha sharma

Hello i m getting this error plz help .........Array ( [Failed to validate oauth signature and token] => ).

50 weeks 2 days ago
_introspective
@_introspective Introspective

Dhawal
if you using api of Abhram Williams twitter auth api and if you get error like "Failed to validate oauth signature and token" open Oauth.php
Replace the existing function with this one
private static function generate_timestamp() {
date_default_timezone_set('UTC');
return time();
}
or if you create you own api then oauth_timstamp param must be in UTC current timestamp
the error is occur due to timezone is not in UTC timezone this php function makes in that
date_default_timezone_set('UTC');

47 weeks 3 days ago
rosantamarina
@rosantamarina Rosario

Hello! I've replaced the function generate_timestamp() with yours but i'm still getting the error 'Failed to validate oatuh signature and token'. I'm using windows, do you have any ideas??

27 weeks 3 days ago
SkyConnectiva
@SkyConnectiva Sky Connectiva

http://certifiedshare.blogspot.com/2013/08/twitter-outh-10-api-11.html
Same problem, anyone can help me with JSP serverside code for Tweet?

36 weeks 5 days ago
viLLopimClass
@viLLopimClass viLLopimClassificado

Estava com o mesmo problema. Li que os colegas programadores conseguiram resolver quando acertaram o timestamp do servidor, resolvi tentar e "capixi", funcionou. Eu estou utilizando um servidor Debian. Para acertar o timestamp do Debian eu apenas segui os passos em: https://wiki.debian.org/DateTime#Time_Administration_Tool_GUI, note que não realizei o update manual e sim instalei o ntp

28 weeks 5 days ago
adamandham
@adamandham Adam Herbst

I checked the epoch time that was sent in the URL as well as the epoch time from the response header and they were just 15 seconds apart, but it still gives the aforementioned error message. Is there anything else that could be wrong? On my Twitter dev page it says "It looks like you haven't authorized this application for your own Twitter account yet", but the point is I'm trying to do that programmatically from PHP, so I shouldn't have to do that from the dev portal, right?

13 weeks 6 days ago
vis_1321
@vis_1321 Vishal Sahu

Hi,
I have been using scribe lib for authentication process .Everything was working fine ,but since last week I'm getting problem in the request_token ,the error which I get is "Failed to validate oauth signature and token"

Please help me to figure it out what may be the issuses,I have changed and checked my timezone which is correct,still getting same error.

thanks.

10 weeks 4 days ago
JakubBrabec
@JakubBrabec Jakub Brabec

I have same issue... last two days

8 weeks 6 days ago