we're trying to use ColdFusion 9 to post an update to Twitter via its API v. 1.1, but despite everything looking like it should work, we continue to get 401 "Unauthorized" errors. Any help would be most appreciated!
Looking back through previous posts here reinforces the belief that we're doing everything correctly, but perhaps there is something assumed that we're missing.
None of the following three approaches work for us (update is in a formfield; update is in a body field; update is part of the URL.):
<cfhttp url="https://api.twitter.com/1.1/statuses/update.json" method="POST" throwonerror="yes">
<cfhttpparam type="header" name="Authorization" value="OAuth oauth_consumer_key="vAA11oLz0R7kigH0iXwjQ", oauth_nonce="3D18D32A07048D54724AA0F304E83CFF", oauth_signature="TaEA6Ip9AJ07QKTxcWWT4fzPNpA%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1386088450", oauth_token="82684171-ptqIw8uOz0KNwBEL4AO7ue8DpzciWSNKvUqDoAf8p", oauth_version="1.0" ">
<cfhttpparam type="header" name="Content-Type" value="application/x-www-form-urlencoded">
<cfhttpparam type="formfield" name="status" value="HelloWorld" encoded="yes">
</cfhttp>
<cfhttp url="https://api.twitter.com/1.1/statuses/update.json" method="POST" throwonerror="yes">
<cfhttpparam type="header" name="Authorization" value="OAuth oauth_consumer_key="vAA11oLz0R7kigH0iXwjQ", oauth_nonce="3D18D32A07048D54724AA0F304E83CFF", oauth_signature="TaEA6Ip9AJ07QKTxcWWT4fzPNpA%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1386088450", oauth_token="82684171-ptqIw8uOz0KNwBEL4AO7ue8DpzciWSNKvUqDoAf8p", oauth_version="1.0" ">
<cfhttpparam type="header" name="Content-Type" value="application/x-www-form-urlencoded">
<cfhttpparam type="body" value="status=HelloWorld" encoded="yes">
</cfhttp>
<cfhttp url="https://api.twitter.com/1.1/statuses/update.json?status=HelloWorld" method="POST" throwonerror="yes">
<cfhttpparam type="header" name="Authorization" value="OAuth oauth_consumer_key="vAA11oLz0R7kigH0iXwjQ", oauth_nonce="3D18D32A07048D54724AA0F304E83CFF", oauth_signature="TaEA6Ip9AJ07QKTxcWWT4fzPNpA%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1386088450", oauth_token="82684171-ptqIw8uOz0KNwBEL4AO7ue8DpzciWSNKvUqDoAf8p", oauth_version="1.0" ">
<cfhttpparam type="header" name="Content-Type" value="application/x-www-form-urlencoded">
</cfhttp>
The Twitter account has read/write access granted for this app. We are encoding according to directions at https://dev.twitter.com/docs/auth/authorizing-request and https://dev.twitter.com/docs/auth/creating-signature and we have seen these SO pages: ColdFusion Twitter API Bad Request, ColdFusion Post To Twitter Authentication Error, Twitter, oauth and coldfusion, Twitter API status update not working when updating to v1.1 and we tried Apigee.
We're using our access token and its secret to generate the signature. What are we missing here? Is this supposed to be a single-step process to post an update, or do we need to have a step that authenticates or authorizes before we try to post? The OAuth tool tab on the Twitter dev site generates the same headers, etc., that our ColdFusion script produces.
-Ken