How to generate OAuth signature with php for Twitter API?

Question

Hi,

Actually it is not a php question it's more about OAuth. I'm trying to understand how to generate the OAuth sign key. I read the Twitter Docs and tried the example, but I couldn't understand how to use the SHA1.

Should I use SHA1 on the base string with or without the secret_key? I tried many variations but the sign key was different form the one in the example.

This is my code:

function request_token(){

    $headers = 'POST&';
    $headers .= urlencode('https://api.twitter.com/oauth/request_token');
    $headers .= '%26oauth_callback%3d'.urlencode($this->oauth_callback);
    $headers .= '%26oauth_consumer_key%3d'.urlencode($this->oauth_consumer_key);
    $headers .= '%26oauth_nonce%3d'.urlencode($this->oauth_nonce);
    $headers .= '%26oauth_signature_method%3d'.urlencode($this->oauth_signature_method);
    $headers .= '%26oauth_timestamp%3d'.urlencode($this->oauth_timestamp);

    $request_token_url = 'http://api.twitter.com/oauth/request_token?';
    $sha = sha1($headers);
    $url = $request_token_url.$sha.$this->consumer_secret.'&';

    $ch = curl_init();
    curl_setopt($ch,CURLOPT_URL,$url);
    curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,2);
    curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
    curl_setopt($ch,CURLOPT_HTTPHEADER,$headers);
    curl_setopt($ch, CURLOPT_POST      ,1);
    curl_setopt($ch,CURLOPT_PUT,true); 
    curl_setopt($ch, CURLOPT_HEADER, 1);

    $result = curl_exec($ch);
    curl_close($ch);
    return $result;

}

Thanks

Answer 1

I would recommend using Abraham's Open Source OAuth solution rather than trying to write your own.

Answer 2

You may want to see this working solution http://stackoverflow.com/questions/3295466/another-twitter-oauth-curl-access-token-request-that-fails/3327391#3327391