1
votes

I am trying to update status on twitter using twitter4j. Everything works fine on localhost, but when I try to do it on server I get authorization error:

401:Authentication credentials were missing or incorrect. {"error":"Invalid \/ used nonce","request":"\/1\/statuses\/update.json"} TwitterException{exceptionCode=[15bb6564-00e4d61f], statusCode=401, retryAfter=0, rateLimitStatus=null, version=2.1.7-SNAPSHOT(build: 6498f401635aacf3388891cc5140b2086ff3f8aa)}

I generated access token for a user using "PIN" method on localhost. I think it shouldn't matter where it was generated, accessToken.getToken() and accessToken.getTokenSecret() values shouldn't depend on which machine I run them, they should work anywhere, right?

What does this error message mean? I don't understand "used nonce" part.

UPDATE

Ok something is really messed up somewhere. I am trying to generate access token on a server now and can't even make it to generate authorization URL for me:

Twitter twitter = new TwitterFactory().getInstance();
twitter.setOAuthConsumer("twitterConsumerKey", "twitterConsumerSecret");

RequestToken requestToken = twitter.getOAuthRequestToken();
System.out.println(requestToken.getAuthorizationURL());

This fails with:

401:Authentication credentials were missing or incorrect.
Failed to validate oauth signature and token
TwitterException{exceptionCode=[68a00bf1-d29b9452], statusCode=401, retryAfter=0, rateLimitStatus=null, version=2.1.7-SNAPSHOT(build: 6498f401635aacf3388891cc5140b2086ff3f8aa)}
at twitter4j.internal.http.HttpClientImpl.request(HttpClientImpl.java:308)
        at twitter4j.internal.http.HttpClientWrapper.request(HttpClientWrapper.java:72)
        at twitter4j.internal.http.HttpClientWrapper.post(HttpClientWrapper.java:103)
        at twitter4j.http.OAuthAuthorization.getOAuthRequestToken(OAuthAuthorization.java:124)
        at twitter4j.TwitterOAuthSupportBaseImpl.getOAuthRequestToken(TwitterOAuthSupportBaseImpl.java:87)
        at twitter4j.Twitter.getOAuthRequestToken(Twitter.java:54)
        at twitter4j.TwitterOAuthSupportBaseImpl.getOAuthRequestToken(TwitterOAuthSupportBaseImpl.java:80)
        at twitter4j.Twitter.getOAuthRequestToken(Twitter.java:54)

On localhost everything works fine.

3
Deprecated, new people coming across this thread: try this new OAuth Tutorial: goo.gl/99vpL - Blundell
The comment above is wrong. This question is still fully valid and the OAuth Tutorial advertised in the comment above has nothing to do with the question here. - seinecle

3 Answers

4
votes

A week and few grey hairs later it turned out that the problem was in local time on a server which was off. Someone did a great job with clear error messages on Twitter.

0
votes

A nonce is a value that is designed to only be used once.

My guess is that the code you are using to generate a nonce is saving the nonce and trying to reuse it.

I am not familiar with the twitter4j library, but I would check and make sure you are generating a new nonce for each request.

0
votes

For your "401:Authentication credentials were missing or incorrect" error. Make sure you also include the verifier pin with the request as part of the signature base.