php - Authentication issues with the Twitter API -

-

i'm trying display latest tweets of twitter account on website, , i'm trying fetch data using curl , php. when use oauth tool (signature generator) on twitter developers website. there curl command generated , runs fine on terminal. however, when try use curl same parameters in php code, following error :

{    "errors": [        {            "code": 215,            "message": "bad authentication data."        }    ] }

here curl command : 

 curl --get 'https://api.twitter.com/1.1/statuses/user_timeline.json' --data 'count=2&screen_name=[my user name]' --header 'authorization: oauth oauth_consumer_key="[my key]", oauth_nonce="[my key]", oauth_signature="[the signature]", oauth_signature_method="hmac-sha1", oauth_timestamp="1439736924", oauth_version="1.0"' --verbose

and here php code :

$ch = curl_init("https://api.twitter.com/1.1/statuses/user_timeline.json?count=2&screen_name=xxxxx");  curl_setopt($ch, curlopt_header, 0); curl_setopt($ch, curlopt_httpheader, array(     'authorization' => 'oauth',     'oauth_consumer_key' => '[my key]',     'oauth_nonce' => '[my key]',     'oauth_signature' => '[the signature]',     'oauth_signature_method' => 'hmac-sha1',     'oauth_timestamp' => '1439736924',     'oauth_version' => '1.0') );  curl_setopt($ch, curlopt_postfields, array(     'count' => 2,     'screen_name' => '[my username]') );  curl_setopt($ch, curlopt_returntransfer, 1); curl_setopt($ch, curlopt_ssl_verifypeer, false);  echo curl_exec($ch);

the values same , don't understand why works curl command not in php code. here 2 logs :

curl command (works fine):

* connected api.twitter.com (199.16.156.199) port 443 (#0) * set certificate verify locations: *   cafile: none   capath: /etc/ssl/certs/ * tlsv1.2, tls handshake, client hello (1): * tlsv1.2, tls handshake, server hello (2): * tlsv1.2, tls handshake, cert (11): * tlsv1.2, tls handshake, server key exchange (12): * tlsv1.2, tls handshake, server finished (14): * tlsv1.2, tls handshake, client key exchange (16): * tlsv1.2, tls change cipher, client hello (1): * tlsv1.2, tls handshake, finished (20): * tlsv1.2, tls change cipher, client hello (1): * tlsv1.2, tls handshake, finished (20): * ssl connection using tlsv1.2 / ecdhe-rsa-aes128-gcm-sha256 * server certificate: *    subject: c=us; st=california; l=san francisco; o=twitter, inc.; ou=twitter security; cn=api.twitter.com *    start date: 2014-08-03 00:00:00 gmt *    expire date: 2016-12-31 23:59:59 gmt *    subjectaltname: api.twitter.com matched *    issuer: c=us; o=verisign, inc.; ou=verisign trust network; ou=terms of use @ https://www.verisign.com/rpa (c)10; cn=verisign class 3 secure server ca - g3 *    ssl certificate verify ok. > /1.1/statuses/user_timeline.json?count=2&screen_name=xxx http/1.1 > user-agent: curl/7.38.0 > host: api.twitter.com > accept: */* > authorization: oauth oauth_consumer_key="bbbbbb",     oauth_nonce="cccccccc", oauth_signature="dddddddd", oauth_signature_method="hmac-sha1", oauth_timestamp="1439736924", oauth_version="1.0" >  < http/1.1 200 ok < cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0 < content-disposition: attachment; filename=json.json < content-length: 7512 < content-type: application/json;charset=utf-8 < date: sun, 16 aug 2015 16:09:46 gmt < expires: tue, 31 mar 1981 05:00:00 gmt < last-modified: sun, 16 aug 2015 16:09:46 gmt < pragma: no-cache < server: tsa_b < set-cookie: guest_id=v1%3a143974138658672554; domain=.twitter.com; path=/; expires=tue, 15-aug-2017 16:09:46 utc < status: 200 ok < strict-transport-security: max-age=631138519 < x-connection-hash: ae1b9fcc59bb90b767b246dfd06f6c94 < x-content-type-options: nosniff < x-frame-options: sameorigin < x-rate-limit-limit: 300 < x-rate-limit-remaining: 298 < x-rate-limit-reset: 1439741812 < x-response-time: 23 < x-transaction: 8515dfd151751885 < x-twitter-response-tags: bouncercompliant < x-xss-protection: 1; mode=block <

php log (returns error message):

* hostname in dns cache stale, zapped *   trying 199.16.156.199... * connected api.twitter.com (199.16.156.199) port 443 (#0) * set certificate verify locations: *   cafile: none   capath: /etc/ssl/certs/ * ssl connection using tlsv1.2 / ecdhe-rsa-aes128-gcm-sha256 * server certificate: *    subject: c=us; st=california; l=san francisco; o=twitter, inc.; ou=twitter security; cn=api.twitter.com *    start date: 2014-08-03 00:00:00 gmt *    expire date: 2016-12-31 23:59:59 gmt *    subjectaltname: api.twitter.com matched *    issuer: c=us; o=verisign, inc.; ou=verisign trust network; ou=terms of use @ https://www.verisign.com/rpa (c)10; cn=verisign class 3 secure server ca - g3 *    ssl certificate verify ok. > /1.1/statuses/user_timeline.json?count=2&screen_name=xxxx http/1.1 host: api.twitter.com accept: */* authorization: oauth oauth_consumer_key: bbbbbb oauth_nonce: ccccccc oauth_signature: ddddddd oauth_signature_method: hmac-sha1 oauth_timestamp: 1439740787 oauth_version: 1.0  < http/1.1 400 bad request < content-length: 62 < content-type: application/json; charset=utf-8 < date: sun, 16 aug 2015 16:26:50 gmt < server: tsa_b < set-cookie: guest_id=v1%3a143974241022741403; domain=.twitter.com; path=/; expires=tue, 15-aug-2017 16:26:50 utc < strict-transport-security: max-age=631138519 < x-connection-hash: abbabb47dc8a7d355f595f389f868de2 < x-response-time: 4 <  * connection #0 host api.twitter.com left intact

any appreciated. if possible, use curl instead of third party library.

thanks

edit : michael's solution didn't work, here updated php output :

 authorization: oauth oauth_consumer_key="...", oauth_nonce="...", oauth_signature="...", oauth_signature_method="hmac-sha1" oauth_timestamp= "1439744503", oauth_version= "1.0"

the chief difference between these in cli curl command, authorization header specified single string multiple key=value pairs separated commas. in php code have specified key=value pairs multiple individual headers. need add single authorization header of values concatenated 1 string.

the cli request's header output:

authorization: oauth oauth_consumer_key="bbbbbb",     oauth_nonce="cccccccc", oauth_signature="dddddddd", oauth_signature_method="hmac-sha1", oauth_timestamp="1439736924", oauth_version="1.0"

the php request's header output differs:

authorization: oauth oauth_consumer_key: bbbbbb oauth_nonce: ccccccc oauth_signature: ddddddd oauth_signature_method: hmac-sha1 oauth_timestamp: 1439740787 oauth_version: 1.0

so correct php produce comparable single-header string be:

curl_setopt($ch, curlopt_header, 0); // oauth values in single authorization header string. curl_setopt($ch, curlopt_httpheader, array(     'authorization' => 'oauth oauth_consumer_key="[my key]", oauth_nonce="[my key]", oauth_signature="[the signature]", oauth_signature_method="hmac-sha1", oauth_timestamp="1439736924", oauth_version="1.0"'   ) ); // etc... else should fine have

Comments

Post a Comment

Popular posts from this blog

dns - How To Use Custom Nameserver On Free Cloudflare? -

-
i have problem. i own small hosting company. trying add cloudflare site free cdn. problem when sign have change nameservers nameservers. have nameserver dns set through godaddy, how add them cloudflare? main site uses company's nameservers whenever add them site goes offline. when go cloudflare's dns records click on dropdown, click ns, , there's 2 boxes 'name' , 'nameserver'. mean input 'ns1' 'name' , 'ns1.domain.com' 'nameserver'? input server's ip addresses? is there way of accomplishing free version of cloudflare? that impossible. option have custom name servers available on business , enterprise. see https://www.cloudflare.com/plans . also, might mistaken. must change name servers in domain register settings, not on cloudflare.
Read more

python - Pygame screen.blit not working -

-
in program creating in python/pygame, screen.blit not working. in other programs have made, screen.blit works. error: traceback (most recent call last): file "c:...\main.py", line 46, in <module> screen.blit(sight.image, sight.rect) attributeerror: 'int' object has no attribute 'blit' the error in question caused screen variable being allocated integer instead of pygame.surface() object.perhaps accidentally rewrote variable somewhere? from can make of doing, seems stating position of blit full rect instead of coordinate. when do: screen.blit(sight.image,sight.rect) what program seeing is: screen.blit(sight.image,(sight.rect.x,sight.rect.y,sight.rect.width,sight.rect.height)) i assuming don't intend this. remember rect object consists of position, width , height. to correct code, put (sight.rect.x,sight.rect.y) location goes instead this: screen.blit(sight.image,(sight.rect.x,sight.rect.y)) the .x , .y corres
Read more

c# - Web API response xml language -

-
i having simple post url clients send post request. http://mydomain.com/requests/request post data: <request> <orderid>1e008921</orderid> <ordername>mc1</ordername> </request> to respond sending them xml <srequest> <requestedby>client 1 </requestedby> <requestname>test name</requestname> <requeststatus>success</requeststatus> <srequest> now client wants above xml in different language (say french ) how handle ? how send response language preference in web api ? specially post scenario ? (append language string ? or best practices ?) i suggest either include in url: http://mydomain.com/fr/requests/request or use http header accept-language . read more in answer to: good way changing language resources dynamically request
Read more