I'm trying to connect a user with its Twitter account in an iPad app. Now I'm trying to understand how the oAuth protocol works at Twitter. All fine till now. But I see there is a need for signing each request. In the examples of Twitter there is stated ([http://dev.twitter.com/pages/auth][1]):
A base url:
POST&https%3A%2F%2Fapi.twitter.com%2Foauth%2Frequest_token&oauth_callback%3Dhttp%253A%252F%252Flocalhost%253A3005%252Fthe_dance%252Fprocess_callback%253Fservice_provider_id%253D11%26oauth_consumer_key%3DGDdmIQH6jhtmLUypg82g%26oauth_nonce%3DQP70eNmVz8jvdPevU3oJD2AfF7R7odC2XJcn4XlZJqk%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1272323042%26oauth_version%3D1.0
A signing key:
MCD8BKwGdgPHvAuvgvz4EQpqDAtx89grbuNMRd7Eh98&
Which gives an outcome for a HMAC-SHA1 hash of:
8wUi7m5HFQy76nowoCThusfgB+Q=
But this is not correct for an HMAC-SHA1 hash. Or am I overseeing something?
I think you will find that the official Twitter docs are unclear at best and many times just plain wrong. The best way to learn how to use OAuth is to download one of the oAuth libraries written in a language you understand, and take that apart. At least you can be assured that the library code works. If you want to build your own code for this, then use the library as a starting point.