Twitter update returning 401 Unauthorized when run in QML, but works first time only on desktop Java

I am implementing a twitter post client in Qt Quick/QML, using Javascript for app logic.

I have successfully completed the first steps of the oAuth procedure, and have obtained the oAuth token and se开发者_StackOverflow社区cret.

But posts to http://api.twitter.com/1/statuses/update.json are always failing for me, returning 401 Unauthorized.

All posts are being done using XMLHttpRequests, and none have worked yet.

I have tried to replicate the scenario in a desktop Java program (copying the same authorization header and post body used in the Qt app), with a strange result. The first time this is attempted for any Twitter app, the post is successful, and my tweet gets through. Subsequent attempts for that twitter app all get 401 Unauthorized.

If I then generate a post authorization header for a different Twitter app in my Qt app, and try that in the Java program, it too will work once only.

Has anybody any idea what's going wrong here?

One further thing that indicates I'm doing something else wrong is that I need to append = to the composite signing keys I produce to sign the base strings (I'm using this JS SHA-1 implementation). Any idea of why that mgight be would be appreciated too!

Are you generating a new OAuth header for each request or are you reusing the same OAuth header on each request?

It sounds like you are reusing the header and that will definitely generate a 401 error. Each request requires a newly generated OAuth header.