tags:

views:

143

answers:

2
Q: 

twitter oAuth cURL Example not working - why?

The following code simply gives me:

Failed to validate oauth signature and token 

        // Set url
        $url = "http://api.twitter.com/oauth/request_token";

        // Params to pass to twitter and create signature
        $params['oauth_callback'] = "http://localhost/twitter/tweet/";
        $params['oauth_consumer_key'] = $this->consumerKey;
        $params['oauth_nonce'] = SHA1(time());
        $params['oauth_timestamp'] = time();
        $params['oauth_signature_method'] = $this->signatureMethod;
        $params['oauth_version'] = $this->version;
        ksort($params);

        // Signing
            // Concatenating
            $concatenatedParams = '';
            foreach($params as $k => $v)
            {
              $k = urlencode($k);
              $v = urlencode($v);
              $concatenatedParams .= "{$k}={$v}&";
            }
            $concatenatedParams = urlencode(substr($concatenatedParams,0,-1));

            $signatureBaseString = "POST&".urlencode($url)."&".$concatenatedParams;         
            $base64Hashmac = base64_encode( hash_hmac('sha1', $signatureBaseString, $this->secret."&", true) );
            $params['oauth_signature'] = urlencode($base64Hashmac);


        // Do cURL
        $ch = curl_init();
            curl_setopt($ch, CURLOPT_URL, $url);
            curl_setopt($ch, CURLINFO_HEADER_OUT, 1);
            curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect:'));
            curl_setopt($ch, CURLOPT_POST, 1);
            curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
            curl_setopt($ch, CURLOPT_HEADER, 0);
            curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
            curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,1);
            curl_setopt($ch, CURLOPT_FOLLOWLOCATION,1);
            $exec = curl_exec ($ch);
            $info = curl_getinfo($ch);
        curl_close ($ch);

        print $exec;

Below is the info printed out from curls $info ...

Array
(
    [url] => http://api.twitter.com/oauth/request_token
    [content_type] => text/html; charset=utf-8
    [http_code] => 401
    [header_size] => 919
    [request_size] => 181
    [filetime] => -1
    [ssl_verify_result] => 0
    [redirect_count] => 0
    [total_time] => 1.176
    [namelookup_time] => 0
    [connect_time] => 0.127
    [pretransfer_time] => 0.127
    [size_upload] => 934
    [size_download] => 44
    [speed_download] => 37
    [speed_upload] => 794
    [download_content_length] => 44
    [upload_content_length] => 934
    [starttransfer_time] => 0.127
    [redirect_time] => 0
    [request_header] => POST /oauth/request_token HTTP/1.1
Host: api.twitter.com
Accept: */*
Content-Length: 934
Content-Type: multipart/form-data; boundary=----------------------------7465678a46cc
)
A: 

You might want to specify exactly how it isn't working, things can "not work" in a large number of different ways. Are you getting error results? What are they, and from which calls? Is any particular step failing?

To start with, you can't use "localhost" address as a callback URL, if the twitter server connects to "localhost" it would just be connecting to itself, not to you.

Also the way you're building $concatenatedParams leaves your $signatureBaseString only partly URL-encoded. Instead of using "{$k}%3D{$v}%26" use = and & normally, and then urlencode the final completed $concatenatedParams when you add it to $signatureBaseString.

Brook Miles  2010-07-20 19:22:13
$concatenatedParams .= "{$k}%3D{$v}%26"; should complete the url encoding but I gave it a try and it still fails.
Derrick  2010-07-20 19:30:12
Ive updated the code as per your suggestion -> but not luck hey.
Derrick  2010-07-20 19:37:27
After being base64 encoded, the hash_hmac must also be url encoded before it is assigned to the `oauth_signature` parameter, I can't tell if that's happening inside `base64_encode`.
Brook Miles  2010-07-20 19:46:41
not its not but have updated to do so. no luck, same error.
Derrick  2010-07-20 19:57:19
You might want to try using GET and sending the oauth parameters as an Authorization: header, as recommended on Twitter's website:http://dev.twitter.com/pages/auth#at-twitter
Brook Miles  2010-07-20 22:10:25
yeah I was trying that now now, not much documentation on it. And not a clue on how to do that. But it should accept POST params as well anyway.
Derrick  2010-07-21 01:05:52
A: 

See here:

http://stackoverflow.com/questions/3295466

Derrick  2010-07-24 23:50:46

related questions

Can't access website via cURL from localhost, but can from hosted server.
Curl post data and headers only
PHP app using Twitter API works on some accounts, not others
Is it possible to compile libCurl with SSH support using vc8?
How do I make php wait for curl to finish before continuing?
Why does session_start cause a timeout when one script calls another script using curl
What $_POST[] do i need to post to a forum?
PHP: how to save cookies for remote web pages ?
PHP4: Send XML over HTTPS/POST via cURL?
How to manage a simple PHP session using C++ cURL (libcurl)
Building libcurl with SSL support on Windows
How do I install cURL on Windows?
php cURL iis 6.0 windows server 2003
How to install PHP/CURL?
"CURLE_OUT_OF_MEMORY" error when posting via https
cURL equivalent in JAVA
PHP :: Emulate <form method="post">, forwarding user to page
cURL in PHP returns different data in _FILE and _RETURNTRANSFER
is there a curl/wget option that says not to save files upon http errors?
Curl command line for consuming webServices?
What is cURL good for ?
Passing $_POST values with cURL
cURL adding whitespace to post content?
PHP / cURL on Windows install: "The specified module could not be found."
How to curl or wget a web page?