I'm trying to request a token from Twitter using this PHP library: http://oauth.googlecode.com/svn/code/php/ But it doesn't work, I get "Failed to validate oauth signature and token".
My code:
//http://oauth.googlecode.com/svn/code/php/OAuth.php
require 'OAuth.php';
$key = 'XXXXXX';
$secret = 'XXXXXX';
$consumer = new OAuthConsumer($key, $secret);
$sig_method = new OAuthSignatureMethod_HMAC_SHA1;
$api_endpoint = 'https://api.twitter.com/oauth/request_token';
$parameters = array('oauth_callback'=>'oob');
$req = OAuthRequest::from_consumer_and_token($consumer, null, "POST", $api_endpoint, $parameters);
$sig_method = new OAuthSignatureMethod_HMAC_SHA1();
$req->sign_request($sig_method, $consumer, null);
$ch = curl_init($req->to_url());
curl_exec($ch);
curl_close($ch);
It looks like you need to do the request_token call as a GET request not a POST:
$req = OAuthRequest::from_consumer_and_token($consumer, null, "GET", $api_endpoint, $parameters);
I tested this and it appears to work to get a token from my own application.
You also might want to take a look at Abraham's Twitter OAuth library, makes implementation a whole lot easier.
https://github.com/abraham/twitteroauth
Related
I am developing an etsy application on Node.js and I need to use OAuth to access app user's accounts.
Etsy provides the following PHP example:
$base_uri = 'https://openapi.etsy.com';
$api_key = 'YOURAPIKEY';
$secret = 'YOURSECRET';
$oauth = new OAuth($api_key, $secret);
$req_token = $oauth->getRequestToken($base_uri . '/v2/oauth/request_token?scope=', 'oob', "GET");
$login_url = $req_token['login_url'];
print "Please log in and allow access: $login_url \n\n";
$verifier = readline("Please enter verifier: ");
$verifier = trim($verifier);
$oauth->setToken($req_token['oauth_token'], $req_token['oauth_token_secret']);
$acc_token = $oauth->getAccessToken("https://openapi.etsy.com/v2/oauth/access_token", null, $verifier, "GET");
$oauth_token = $acc_token['oauth_token'];
$oauth_token_secret = $acc_token['oauth_token_secret'];
$oauth->setToken($oauth_token, $oauth_token_secret);
print "Token: $oauth_token \n\n";
print "Secret: $oauth_token_secret \n\n";
Must of this seems pretty straght forward. Obvously,the first few lines would become:
const base_uri = 'https://openapi.etsy.com';
var api_key = 'YOURAPIKEY';
var secret = 'YOURSECRET'
So how would I convert the rest into javascript/Node.js? Is there an OAuth package for Node?
Yes, multiple libraries exist in the Node ecosystem: https://www.npmjs.com/search?q=oauth2
I had a small problem in using twitter oauth in order to get some user data.
// TWITTER APP KEYS
$consumer_key = 'some data';
$consumer_secret = 'some data';
// GETTING ALL THE TOKEN NEEDED
$oauth_verifier = $_GET['oauth_verifier'];
$token_secret = $_COOKIE['token_secret'];
$oauth_token = $_COOKIE['oauth_token'];
// EXCHANGING THE TOKENS FOR OAUTH TOKEN AND TOKEN SECRET
$connection = new TwitterOAuth($consumer_key, $consumer_secret, $oauth_token, $token_secret);
$access_token = $connection->oauth("oauth/access_token", array(
"oauth_verifier" => $oauth_verifier
));
$accessToken = $access_token['oauth_token'];
$secretToken = $access_token['oauth_token_secret'];
$connection = new TwitterOAuth($consumer_key, $consumer_secret, $accessToken, $secretToken);
$connection->get("users/search");
$content = $connection->get("account/verify_credentials");
$media1 = $connection->upload('media/upload', [
'media' => $this->session->image['generatedAbs']
]);
$parameters = [
'media_id' => implode(',', [
$media1->media_id_string
])
];
$result = $connection->post('account/update_profile_banner', $parameters);
now I want to retrieve some information like the name and last name of the connected user , his profile picture link , email adress and his location if it's possible
I read the official twitter dev documentation and i didn't find a way how to use it in my method , i tried to debug my controller using this way
$connection = new TwitterOAuth($consumer_key, $consumer_secret, $accessToken, $secretToken);
$connection->get("https://api.twitter.com/1.1/users/profile_banner.json?screen_name=twitterapi");
$result = json_decode($connection);
// debug the returned result
Zend_Debug::dump($result,$label="debug gass" , $echo= true);
So to retrieving information from twitter using php and Twitter Oauth is super easy , just allow me to enumerate the steps
1) Getting an oauth_token and oauth_verifier (steps are clearly explained in the question
2) The funny part is now :D , you need to copy paste the following in the controller of you callback page:
$connection = new TwitterOAuth($consumer_key, $consumer_secret, $accessToken, $secretToken);
$content = $connection->get("account/verify_credentials");
Now you really have finished everything , just debug the result :D
Zend_Debug::dump($content->profile_image_url , $label = "achref gassoumi", $echo = true);
ps: i used zend debugger since i'm working , if you are working with other framework or with pure php just echo the following result for example :
echo $credentials->screen_name;
echo $credentials->profile_image_url ;
echo $credentials->location;
echo $credentials->profile_background_image_url;
To retrieve other information you might need please visit the official twitter Oauth documentation of GET account/verify_credentials.
I've followed the directions posted in this stackoverflow question, but I am stuck.
I am using tumblr/tumblr.php from Github (the official "PHP client for the tumblr API").
I am also following directions here (which are actually for twitter), but those directions aren't tailored for the git library I am using.
I have a valid consumer key and secret.
From those I make a request and get oauth_token and oauth_token_secret like so:
$client = new Tumblr\API\Client($consumerKey,$consumerSecret);
$client->getRequestHandler()->setBaseUrl('https://www.tumblr.com/');
$req = $client->getRequestHandler()->request('POST', 'oauth/request_token', [
'oauth_callback' => '...',
]);
// Get the result
$result = $req->body->__toString();
print_r( $result );
Which gives me:
oauth_token=2C6f...MqSF&oauth_token_secret=HaGh...IJLi&oauth_callback_confirmed=true
Then I send the user to the http://www.tumblr.com/oauth/authorize?oauth_token=2C6f...MqSF, so they can allow access for the app. This redirects to: ...?oauth_token=2C6f...MqSF&oauth_verifier=nvjl...GtEa#_=_
And now in the final step I believe I am supposed to convert my request token to an access token. Is that right? I am doing something wrong:
$client = new Tumblr\API\Client($consumerKey,$consumerSecret);
$client->getRequestHandler()->setBaseUrl('https://www.tumblr.com/');
$req = $client->getRequestHandler()->request('POST', 'oauth/access_token', [
'oauth_token' => '2C6f...MqSF',
'oauth_verifier' => 'nvjl...GtEa'
]);
// Get the result
$result = $req->body->__toString();
print_r( $result );
because I get responses like this one:
oauth_signature [AqbbYs0XSZ7plqB0V3UQ6O6SCVI=] does not match expected value [0XwhYMWswlRWgcr6WeA7/RrwrhA=]
What is wrong with my last step?
I am not sure if I should even be sending oauth_verifier with the request. Is #_=_ supposed to be part of oauth_verifier? I wouldn't think so. I get signature errors for all the variations Ive tried.
Without the token and tokenSecret I can't make certain calls to the API. I get unauthorized 403 responses. Same when I use the token and token_secret from the second step. I'm pretty sure I need a new token/secret pair.
You're pretty close, you just are passing the oauth_token incorrectly in the last step, and skipping out on oauth_token_secret altogeter.
I've compiled this working code (which you can also now find posted on the Wiki at https://github.com/tumblr/tumblr.php/wiki/Authentication):
<?php
require_once('vendor/autoload.php');
// some variables that will be pretttty useful
$consumerKey = '<your consumer key>';
$consumerSecret = 'your consumer secret>';
$client = new Tumblr\API\Client($consumerKey, $consumerSecret);
$requestHandler = $client->getRequestHandler();
$requestHandler->setBaseUrl('https://www.tumblr.com/');
// start the old gal up
$resp = $requestHandler->request('POST', 'oauth/request_token', array());
// get the oauth_token
$out = $result = $resp->body;
$data = array();
parse_str($out, $data);
// tell the user where to go
echo 'https://www.tumblr.com/oauth/authorize?oauth_token=' . $data['oauth_token'];
$client->setToken($data['oauth_token'], $data['oauth_token_secret']);
// get the verifier
echo "\noauth_verifier: ";
$handle = fopen('php://stdin', 'r');
$line = fgets($handle);
// exchange the verifier for the keys
$verifier = trim($line);
$resp = $requestHandler->request('POST', 'oauth/access_token', array('oauth_verifier' => $verifier));
$out = $result = $resp->body;
$data = array();
parse_str($out, $data);
// and print out our new keys
$token = $data['oauth_token'];
$secret = $data['oauth_token_secret'];
echo "\ntoken: " . $token . "\nsecret: " . $secret;
// and prove we're in the money
$client = new Tumblr\API\Client($consumerKey, $consumerSecret, $token, $secret);
$info = $client->getUserInfo();
echo "\ncongrats " . $info->user->name . "!\n";
I try to make private API requests for Yahoo. I used the code below but it does not work. It always returns the message 'invalid sig'.
Can you help me with a Two-legged OAuth Yahoo PHP example that works?
Thank you very much.
<?php // a super-stripped down 2-leg oauth server/client example
//http://oauth.net/code/
//http://oauth.googlecode.com/svn/code/php/OAuth.php
require 'oauth.php';
$key = 'key';
$secret = 'secret';
$consumer = new OAuthConsumer($key, $secret);
$sig_method = new OAuthSignatureMethod_HMAC_SHA1();
if ($_GET['server']) {
$method = $_SERVER['REQUEST_METHOD'];
$uri = 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
$sig = $_GET['oauth_signature'];
$req = new OAuthRequest($method, $uri);
// token is null because we're doing 2-leg
$valid = $sig_method->check_signature($req, $consumer, null, $sig);
if (!$valid) {
die('invalid sig');
}
echo 'orale!';
}
else {
// call this file
$api_endpoint = 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'];
// handle request in 'server' block above
$parameters = array(
'server' => 'true');
// use oauth lib to sign request
$req = OAuthRequest::from_consumer_and_token($consumer, null, "GET", $api_endpoint, $parameters);
$sig_method = new OAuthSignatureMethod_HMAC_SHA1();
$req->sign_request($sig_method, $consumer, null); // note: double entry of token
// get data using signed url
$ch = curl_init($req->to_url());
curl_exec($ch);
curl_close($ch);
}
Do you generate the signature according to the Yahoo specification here?
Or you can use plaintext signature as described here.
I use the below code to retrieve my tweets and echo json. This works fine.
<?php
session_start();
require_once('includes/twitter/twitteroauth.php');
$twitteruser = "xxxxxx";
$notweets = 3;
$consumerkey = "xxxxxxx";
$consumersecret = "xxxxxx";
$accesstoken = "xxxxxxxx";
$accesstokensecret = "xxxxxx";
$connection = new TwitterOAuth($consumerkey, $consumersecret, $accesstoken, $accesstokensecret);
$tweets = $connection->get("https://api.twitter.com/1.1/statuses/user_timeline.json?screen_name=".$twitteruser."&count=".$notweets);
echo json_encode($tweets);
?>
Now i want to send a tweet using the similar code but it doesnot work. I am not sure if the sending syntax is correct. so please someone help me.
<?php
session_start();
require_once('includes/twitter/twitteroauth.php'); //Path to twitteroauth library
$twitteruser = "xxxxxx";
$notweets = 3;
$consumerkey = "xxxxxxx";
$consumersecret = "xxxxxx";
$accesstoken = "xxxxxxxx";
$accesstokensecret = "xxxxxx";
// start connection
$connection = new TwitterOAuth($consumerkey, $consumersecret, $accesstoken, $accesstokensecret);
//message
$message = "Hi how are you";
//send message
$status = $connection->post('https://api.twitter.com/1.1/statuses/update.json', array('status' => $message));
?>
I was using twitteroauth.php to post tweets myself when the new API broke it. You are using the $connection->post correctly, but it appears that function does not work anymore. The easiest solution I found was to swap out the twitteroauth.php with J7mbo's twitter-api-php file for the new 1.1 API:
https://github.com/J7mbo/twitter-api-php
Here's his step-by-step instructions for using it. I think you'll be pleasantly surprised to find you can leave most of your code the same, just switch the twitteroauth calls with his function calls at the appropriate places:
Simplest PHP example for retrieving user_timeline with Twitter API version 1.1
He doesn't provide the specific example of posting a tweet, but here's what what you need for that function:
$url = 'https://api.twitter.com/1.1/statuses/update.json';
$requestMethod = 'POST';
$postfields = array(
'status' => 'Hi how are you' );
echo $twitter->buildOauth($url, $requestMethod)
->setPostfields($postfields)
->performRequest();
With the new twitter API, you won't need to provide your username/password. The authentication token will handle everything.
Just use the example:
$connection->post('statuses/update', array('status' =>$message));
Try it
you won't need to username/password you can post via API key read the tutorial here.
http://designspicy.com/learn-how-to-post-on-twitter-using-php-and-oauth/
The issue is about enconding the value need to be enconde :
Example
$status = $connection->post('https://api.twitter.com/1.1/statuses/update.json', array('status' => rawurlencode($message)));
If you check in the library recomended https://github.com/J7mbo/twitter-api-php
That the way they encode the params