twitter 406 error?

[cometta]

i get below error. can anyone explain what cause it?

15:15:32,405 WARN [org.springframework.web.client.RestTemplate] - POST request for "https://api.twitter.com/oauth/request_token" resulted in 406 (OK); invoking error handler
Dec 8, 2011 3:15:32 PM com.google.apphosting.utils.jetty.JettyLogger warn
WARNING: /auth/twitter
org.springframework.web.client.HttpClientErrorExce ption: 406 OK
at org.springframework.web.client.DefaultResponseErro rHandler.handleError(DefaultResponseErrorHandler.j ava:75)
at org.springframework.web.client.RestTemplate.handle ResponseError(RestTemplate.java:486)
at org.springframework.web.client.RestTemplate.doExec ute(RestTemplate.java:443)
at org.springframework.web.client.RestTemplate.execut e(RestTemplate.java:415)
at org.springframework.web.client.RestTemplate.exchan ge(RestTemplate.java:391)
at org.springframework.social.oauth1.OAuth1Template.e xchangeForToken(OAuth1Template.java:194)
at org.springframework.social.oauth1.OAuth1Template.f etchRequestToken(OAuth1Template.java:116)
at org.springframework.social.security.provider.OAuth 1AuthenticationService.getAuthToken(OAuth1Authenti cationService.java:79)
at org.springframework.social.security.SocialAuthenti cationFilter.attemptAuthService(SocialAuthenticati onFilter.java:249)
at o

[habuma]

Well, a 406 (Unacceptable) means that the request has an Accept header specifying a content type that the server is not planning to return. In other words, the client may ask for "image/png", but if Twitter wants to return "application/json", then the JSON data will not be acceptable to the client wanting PNG...so Twitter would return an HTTP 406 error instead.

Why this is happening for you I do not know. I'd be curious to know what the Accept header looks like for that request. And if it's something unusual, then I'd like to know what you might be doing to cause the Accept header to be peculiar. Without that, it's hard to say why Twitter thinks its response would be unacceptable.

[cometta]

I debug restTemplate . The SimpleBufferingClientRequest.connection.messageHea der look like below ... can comment?
My ClientHttpRequestFactorySelector is using SimpleClientHttpRequestFactory

Code:

sun.net.www.MessageHeader@311888733 pairs: {Accept: application/x-www-form-urlencoded, multipart/form-data}{Authorization: OAuth oauth_callback="http%3A%2F%2F127.0.0.1%3A8080%2Fauth%2Ftwitter", oauth_version="1.0", oauth_nonce="-459360054", oauth_signature_method="HMAC-SHA1", oauth_consumer_key="xxx", oauth_timestamp="1323447246", oauth_signature="yyy%2Fbevw%3D"}{Content-Length: 0}

[habuma]

I'm not sure what's out of place here. I've tried this several times, both with SimpleClientHttpRequestFactory and with HttpClient and it works fine either way.

One thing that might help is to break it down to simple parts. Try running the following test and see if it works for you:

Code:

import org.junit.Test;
import org.springframework.social.oauth1.OAuth1Template;
import org.springframework.social.oauth1.OAuthToken;
public class OAuth1TemplateExplorationTest {

	@Test
	public void stuff() {
		String consumerKey = "your twitter key";
		String consumerSecret = "your twitter secret";
		OAuth1Template oauth = new OAuth1Template(consumerKey, consumerSecret, 
				"https://api.twitter.com/oauth/request_token", 
				"https://api.twitter.com/oauth/authorize", 
				"https://api.twitter.com/oauth/access_token");
		
		OAuthToken requestToken = oauth.fetchRequestToken("http://localhost:8080/spring-social-showcase/connect/twitter", null);
		System.out.println(requestToken.getValue() + "  ::  " + requestToken.getSecret());
	}
}

Be sure to plug in your application's key and secret in the appropriate variables. You might also try running Spring Social Showcase in the same environment as you are running our own code, just to rule out any environmental issues.

Finally, if your code exists in a GitHub repo somewhere then I can try running it myself and see if I can nail down the problem. (I can't stress enough how helpful code in GitHub is when trying to track down things like this.)

[cometta]

i captured both request and response header

Request header
---------------------
Accept application/x-www-form-urlencoded, multipart/form-data
Authorization OAuth oauth_callback="http%3A%2F%2F127.0.0.1%3A8080%2Fau th%2Ftwitter",

Response header
--------------
oauth_version="1.0", oauth_nonce="493078010", oauth_signature_method="HMAC-SHA1", oauth_consumer_key="xxx", oauth_timestamp="1323504246", oauth_signature="yyy%2B9kdfE%3D"
excute=Content-Length 0
date Sat,10 Dec 2011 08:04:10 GMT
status 406 Not Acceptable
www-authenticate OAuth realm="https://api.twitter.com"
x-transaction 53719d3cbaf382f1
x-frame-options SAMEORIGIN
last-modified Sat,10 Dec 2011 08:04:10 GMT
content-type text/html; charset=utf-8
content-length 1
pragma no-cache
x-revision DEV
expires Tue,31 Mar 1981 05:00:00 GMT
cache-control no-cache,no-store,must-revalidate,pre-check=0,post-check=0
x-mid aede0422207f98b9e0fc379b45dea485e4eaa251
set-cookie k=10.34.123.134.1323504250586360; path=/; expires=Sat,17-Dec-11 08:04:10 GMT; domain=.twitter.com,guest_id=v1%3A1323504250594314 95; domain=.twitter.com; path=/; expires=Mon,09-Dec-2013 20:04:10 GMT,_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCOMuACc0 AToHaWQiJWNiMDJkYWRjYjc2YjBk%250AMGQ0ZjgwOGE5MWRhO WU1NDM1IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOj pGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--65a13cfaea26253a843ebb4156ddd658feb16b09; domain=.twitter.com; path=/; HttpOnly
vary Accept-Encoding
server tfe
08:04:10,871 WARN [org.springframework.web.client.RestTemplate] - POST request for "https://api.twitter.com/oauth/request_token" resulted in 406 (OK); invoking error handler
08:04:10,871 WARN [org.springframework.web.client.RestTemplate] - POST request for "https://api.twitter.com/oauth/request_token" resulted in 406 (OK); invoking error handler




i able to call restTemplate for OAuth2 for facebook without problem.

[nealeu]

Craig,

I've been facing the same problem. I've just narrowed it down by taking the Spring Social Showcase and changing only the twitter key and secret in application.properties to that of an application I just registered. That fails, as does the test.

I think the problem is actually one of documentation by twitter. I left the callback URL blank as it would not accept http://localhost:8080/.. as a valid URL. Leaving it blank prevents the application from using callbacks.

When I changed it to any valid URL, in this case: http://www.fuzzydb.org/, it worked.

I'll get a post up at http://fuzzydb.blogspot.com

Enjoy the season of festivities.

Neale

@nealeu, @fuzzydb

[nambi]

I'm not sure what's out of place here. I've tried this several times, both with SimpleClientHttpRequestFactory and with HttpClient and it works fine either way.

One thing that might help is to break it down to simple parts. Try running the following test and see if it works for you:

Code:

import org.junit.Test;
import org.springframework.social.oauth1.OAuth1Template;
import org.springframework.social.oauth1.OAuthToken;
public class OAuth1TemplateExplorationTest {

	@Test
	public void stuff() {
		String consumerKey = "your twitter key";
		String consumerSecret = "your twitter secret";
		OAuth1Template oauth = new OAuth1Template(consumerKey, consumerSecret, 
				"https://api.twitter.com/oauth/request_token", 
				"https://api.twitter.com/oauth/authorize", 
				"https://api.twitter.com/oauth/access_token");
		
		OAuthToken requestToken = oauth.fetchRequestToken("http://localhost:8080/spring-social-showcase/connect/twitter", null);
		System.out.println(requestToken.getValue() + "  ::  " + requestToken.getSecret());
	}
}

Be sure to plug in your application's key and secret in the appropriate variables. You might also try running Spring Social Showcase in the same environment as you are running our own code, just to rule out any environmental issues.

Finally, if your code exists in a GitHub repo somewhere then I can try running it myself and see if I can nail down the problem. (I can't stress enough how helpful code in GitHub is when trying to track down things like this.)

Hi Craig,

I'm running this unit test, it works fine, when I use twitter "consumerKey" and "consumerSecret" from the "spring-social-showcase" example project.

However, I put my "consumerKey" and "consumerSecret", it throws 406 exception.
This makes me think that, may be something is different in the way these twitter keys are setup.

What could be different?

Thanks
Nambi

[laureta]

The Twitter API returns a whole series of 400 and 500 errors randomly and at a low level. Generally the exact error code is meaningless, since it varies. From my experience a false error happens about 0.1% of the time when you make a request. The only solution is to repeat the request.

[habuma]

nambi: I can't say for sure what's different, but one thing to consider is that nealeu suggested back on Dec 23. Is your application registered at Twitter with a callback URL? As nealeu suggested, it won't accept localhost:8080, but if it's not configured with a callback URL, then it won't accept callbacks (I believe it falls back to out-of-band authorization instead--that is, it requires the user to type in a code instead of letting the app handle it automatically with callbacks). So, for it to work, you *must* give it a callback URL--but it doesn't have to be the actual URL you'll callback to, as Spring Social will always send a callback URL during the auth process overriding the one configured at Twitter. (For instance, Spring Social Showcase is configured at Twitter with "http://www.springsource.org/spring-social-showcase/connect/twitter" as it's callback URL, but it sends "http://localhost:8080/spring-social-showcase/connect/twitter" at runtime.)

[habuma]

laureta: What you say is probably generally true of any API. Randomly and rarely, crap happens, some HTTP error code is returned, and you submit again and it works.

That said, your post feels a bit like forum spam to me. You posted just enough context to seem like you're contributing to the conversation, but not any real useful information...and then there was a link. I could be wrong...and if I am, then I apologize. And if you are a real user and really want to contribute to the conversation, then I'm sure you won't mind that I've removed the link from your post.