http post and authorization header for twitter

[boo boo]

I am trying to send an authorization header to the twitter api
(https://api.twitter.com/oauth/request_token). What is a good way to
make a post request with a header in this case?

 

[7stud --]

See if you can get something like this to work:

require 'net/http'
require 'net/https'

http = Net::HTTP.new('profil.wp.pl', 443) #(host, port)
http.use_ssl = true
path = '/login.html'

# POST request -> logging in
data =
'serwis=wp.pl&url=profil.html&tryLogin=1&countTest=1&logowaniessl=1&login_username=blah&login_password=blah'

headers = {
'Cookie' => cookie,
'Referer' => 'http://profil.wp.pl/login.html',
'Content-Type' => 'application/x-www-form-urlencoded'
}

resp, data = http.post(path, data, headers)

http://snippets.dzone.com/posts/show/788

 

[boo boo]

Thanks for the reply! So i tried that code and got this error: "Failed
to validate oauth signature and token". Here is my code:

url = URI.parse("https://api.twitter.com/oauth/request_token")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

resp = http.post(url.path, nil, @headers)


Any ideas? Am I putting the headers in the right place?

 

[boo boo]

Thanks for the reply! So i tried that code and got this error: "Failed
to validate oauth signature and token". Here is my code:

url = URI.parse("https://api.twitter.com/oauth/request_token")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

resp = http.post(url.path, nil, @headers)


Any ideas??

 

[boo boo]

here are my headers. am i doing this correctly?

@headers = { 'oauth_nonce' => @current_nonce,
'oauth_callback' => @encoded_callback,
'oauth_signature_method' => "HMAC-SHA1",
'oauth_timestamp' => @current_timestamp,
'oauth_consumer_key' => @oauth_consumer_key,
'oauth_signature' => @encoded_oauth_sig,
'oauth_version' => "1.0"}

 

[7stud --]

boo boo wrote in post #986241:

Thanks for the reply! So i tried that code and got this error: "Failed
to validate oauth signature and token". Here is my code:

url = URI.parse("https://api.twitter.com/oauth/request_token")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

resp = http.post(url.path, nil, @headers)


Any ideas??

No requires?

 

[boo boo]

7stud -- wrote in post #986255:

boo boo wrote in post #986241:

No requires?

Sorry here is full source in my class:

require "oauth"

require "oauth/client"

require "cgi"

require "addressable/uri"

require 'base64'
require 'cgi'
require 'openssl'

require "net/http"
require "uri

class ProxyController

def initialize

@request_token_url = "https://api.twitter.com/oauth/request_token"
@authorize_url = "https://api.twitter/oauth/authorize_token"
@oauth_consumer_key = "MY KEY"
@oauth_consumer_secret = "MY SECRET"

@params = Addressable::URI.new

@current_nonce = self.nonce
@current_timestamp = self.timestamp.to_s

@params.query_values = {"oauth_callback"=> "my callback url",
"oauth_consumer_key" => @oauth_consumer_key,
"oauth_nonce" => @current_nonce ,
"oauth_signature_method" => "HMAC-SHA1",
"oauth_timestamp" => @current_timestamp,
"oauth_version" => "1.0"}

@params_string = @params.to_s
@params_string[0] = ""

@encoded_params = CGI::escape(@params_string)

@concatenated_body = "POST&" + CGI::escape(@request_token_url) + "&"
+ @encoded_params

@oauth_signature =
Base64.encode64("#{OpenSSL::HMAC.digest('sha1',@oauth_consumer_key+"&",
@concatenated_body)}")

@encoded_oauth_sig = CGI::escape(@oauth_signature)

@encoded_callback = CGI::escape("My Callback url")


@headers = { 'oauth_nonce' => @current_nonce,
'oauth_callback' => @encoded_callback,
'oauth_signature_method' => "HMAC-SHA1",
'oauth_timestamp' => @current_timestamp,
'oauth_consumer_key' => @oauth_consumer_key,
'oauth_signature' => @encoded_oauth_sig,
'oauth_version' => "1.0"}

url = URI.parse("https://api.twitter.com/oauth/request_token")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

@resp = http.post(url.path, nil, @headers)

end

def nonce
(0...43).map{ ('a'..'z').to_a[rand(26)] }.join
#rand(10 ** 43).to_s.rjust(43,'0')
end

def timestamp
t = Time.now
t.to_i
end

end

 

[7stud --]

...and what requires did the code I posted use?

 

[7stud --]

boo boo wrote in post #986243:

here are my headers. am i doing this correctly?

@headers = { 'oauth_nonce' => @current_nonce,
'oauth_callback' => @encoded_callback,
'oauth_signature_method' => "HMAC-SHA1",
'oauth_timestamp' => @current_timestamp,
'oauth_consumer_key' => @oauth_consumer_key,
'oauth_signature' => @encoded_oauth_sig,
'oauth_version' => "1.0"}

Those don't look like http headers. Http headers look like
"Content-Type", "Cookie", etc. You said you need to POST the request.
Is that data you are supposed to send in the body of the request?

 

[boo boo]

7stud -- wrote in post #986264:

...and what requires did the code I posted use? Now point to each one
in your code.

I had required net/http but just added net/https as well and I still get
same error

 

[boo boo]

7stud -- wrote in post #986265:

boo boo wrote in post #986243:

Those don't look like http headers. Http headers look like
"Content-Type", "Cookie", etc. In addition, headers are strings--in
fact everything you send in a request is a string, so I don't know what
those arrays are.

You said you need to POST the request. Is that data you are supposed to
send in the body of the request? Once again, it has to be a string, not
a ruby array.

On the twitter doc it says:

Now that we have our signature, we have everything we need to make the
request to the endpoint https://api.twitter.com/oauth/request_token. Now
we just generate an HTTP header called "Authorization" with the relevant
OAuth parameters for the request:

OAuth oauth_nonce="QP70eNmVz8jvdPevU3oJD2AfF7R7odC2XJcn4XlZJqk",
oauth_callback="http%3A%2F%2Flocalhost%3A3005%2Fthe_dance%2Fprocess_callback%3Fservice_provider_id%3D11",
oauth_signature_method="HMAC-SHA1", oauth_timestamp="1272323042",
oauth_consumer_key="GDdmIQH6jhtmLUypg82g",
oauth_signature="8wUi7m5HFQy76nowoCThusfgB%2BQ%3D", oauth_version="1.0"

Ok ill try passing as string...

 

[7stud --]

The http header name is "Authorization", so you have to write something
like:

headers = {'Authorization' => ???}

 

[boo boo]

7stud -- wrote in post #986269:

The http header name is "Authorization", so you have to write something
like:

headers = {'Authorization' => ???}

Should it be like this (I made the value one giant string)?

I still get the failed to validate error

@headers = {"Authorization" => "oauth_nonce = #{@current_nonce},
oauth_callback = #{@encoded_callback}, oauth_signature_method =
HMAC-SHA1, oauth_timestamp = #{@current_timestamp}, oauth_consumer_key =
#{@oauth_consumer_key}, oauth_signature = #{@encoded_oauth_sig},
oauth_version = 1.0"}

 

[Mike Moore]

The http header name is "Authorization", so you have to write something
like:

headers = {'Authorization' => ???}

FWIW, the headers are the third parameter to Net::HTTP#post and should
be a hash like 7stud shows.

http://ruby-doc.org/stdlib/libdoc/net/http/rdoc/classes/Net/HTTP.html#M001391

boo boo, you seem to be having a difficult time generating a proper
OAuth request, which is why you are getting that error. You are
already requiring the oauth library, I'm curious why you don't just
use that to calculate the signature and set the Authorization header
for you?

# WARNING: Untested code follows
@consumer_key = 'MY KEY'
@consumer_secret = 'MY SECRET'
@callback = 'SITE or oob'

consumer = OAuth::Consumer.new(
@consumer_key, @consumer_secret,
:site => 'https://api.twitter.com',
:request_token_path => '/oauth/request_token',
:authorize_path => '/oauth/authorize',
:access_token_path => '/oauth/access_token',
:http_method => ost)

request_token = consumer.get_request_token(
auth_callback => @callback)

#request token is request_token.params[auth_token]
#request token secret is request_token.params[auth_token_secret]

puts request_token.authorize_url

 

[boo boo]

Thanks Mike,

This worked great.

 

[7stud --]

Thanks for the save Mike.

boo boo,

Here is an example of the syntax required for the Authorization header:

http://oauth.net/core/1.0/#auth_header

As an exercise, you might want to see if you can get it to work by hand.