$callbackUrl = urlencode(self::CALLBACK_URL);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"https://api.twitter.com/oauth/request_token");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, [
'oauth_callback' => $callbackUrl,
'oauth_consumer_key' => self::TWITTER_API_KEY
]);
$timestamp = date("U"); // UTC UNIX time
$oauth_nonce = preg_replace( '/[\W]/', '', base64_encode($timestamp));
$headers = [
"Authorization: OAuth oauth_consumer_key=\"".self::TWITTER_API_KEY."\"",
"oauth_nonce: \"$oauth_nonce\"",
"oauth_signature: \"oauth_signature\"",
"oauth_signature_method: \"HMAC-SHA1\"",
"oauth_timestamp: \"$timestamp\"",
"oauth_version: \"1.0\"",
];
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($ch, CURLOPT_STDERR, $fp);
curl_setopt($ch, CURLINFO_HEADER_OUT , true);
$curlResult = curl_exec($ch);
if (curl_errno($ch)) {
echo 'Curl Request Error:' . curl_error($ch);
throw new CHttpException(404,'ERROR');
}
curl_close ($ch);
The Twitter Result: {"errors":[{"code":215,"message":"Bad Authentication data."}]}
Request:
[url] => https://api.twitter.com/oauth/request_token
[content_type] => application/json; charset=utf-8
[http_code] => 400
[header_size] => 1395
[request_size] => 429
[filetime] => -1
[ssl_verify_result] => 0
[redirect_count] => 0
[total_time] => 0.250341
[namelookup_time] => 0.028679
[connect_time] => 0.044366
[pretransfer_time] => 0.093077
[size_upload] => 344
[size_download] => 62
[speed_download] => 247
[speed_upload] => 1374
[download_content_length] => 62
[upload_content_length] => 344
[starttransfer_time] => 0.115261
[redirect_time] => 0
[redirect_url] => 0
[primary_ip] => 104.244.42.2
[certinfo] => Array
(
)
[primary_port] => 443
[local_ip] => 192.168.208.2
[local_port] => 48502
[request_header] => POST /oauth/request_token HTTP/1.1
I did everything like the Twitter Documentation but it returns 215. I think the Problem is on the headers part but i don't know what is wrong there.
I generated the nonce with random base64 Stuff like Twitter said that in there Documentation. The Time looks similar to the example Time from Twitter. I saw when the Time is 5 minutens above twitters the Request gets blocked. Is that the same Error Code then?
CodePudding user response:
As per documentation, Authorization header should contains all the data. Your Authorization header contains only OAuth oauth_consumer_key.
Your actual header (bad format, because , for example, 'oauth' is an entry of the headers, but should be a property of Authorization - see below).
Authorization: OAuth oauth_consumer_key='xxx'
oauth_nonce: 'MTY0MzIwNjg5NQ'
oauth_signature: 'oauth_signature'
oauth_signature_method: 'HMAC-SHA1'
oauth_timestamp: '1643206895'
oauth_version: '1.0'
you should have
Authorization: OAuth oauth_consumer_key='xxx', oauth_nonce="MTY0MzIwNjg5NQ", oauth_signature="oauth_signature", ...
You need to concat all data in one string. But you could create an array to help to build it. Here is an example :
$authParams = implode(', ', [
'oauth_consumer_key="' . self::TWITTER_API_KEY . '"',
'oauth_nonce="' . $oauth_nonce . '"',
'oauth_signature="oauth_signature"',
'oauth_signature_method="HMAC-SHA1"',
'oauth_timestamp="' . $timestamp . '"',
'oauth_version="1.0"',
]);
$headers = [
"Authorization: OAuth $authParams"
];
var_dump($headers);
Outputs something like:
array(1) {
[0]=>
string(197) "Authorization: OAuth oauth_consumer_key="xxx", oauth_nonce="MTY0MzIwNjg2MA", oauth_signature="oauth_signature", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1643206860", oauth_version="1.0""
}