[twitter-dev] Re: Update profile image API using OAuth
Ok people. Finally managed to crack it. Thanks to Raffi for sharing
the raw text of the request. While working this API i figured out
there are very less resources available on Internet with regards to
the usage of multipart with OAuth and there is lot of confusion and
misleading data.
I will share what ever method worked for me with you people in a hope
that others will not have to go searching for the info again.
1. Method POST
2. The paramters which should be considered for the OAuth signature
base
- Request method(.i.e POST in this case)
- Encoded API Url(.i.e http://twitter.com/account/
update_profile_background_image.format in this case)
- OAuth consumer key
- OAuth nonce
- OAuth Signature method
- OAuth timesatmp
- OAuth token
- OAuth version
That is basically all the default OAuth parameters.Please note that
the image parameter should not be included.
3. Where to place the OAuth parameters and the OAuth signature?
It should be placed in the Authorisation header of the request.
Please look at the Authorisation header in the stream data attached by
Raffi in previous post for reference.
Note you may have stuck the OAuth parameters in the request body
for other API requests. But it is absolutely necessary that you stick
them in to the Auth headers for
this API.(Have to check the reason for this, will update this
space once i find something)
4. Other headers which need to be set
ContentType = multipart/form-data; boundary=+boundary (this a
pre generated random alphanumeric value, please google out the way
this needs to be generated)
Example boundary = 645033dcf9bb
ContentLength = [Total length of the string in your request body
(This includes the byte array of the image data)]
5. What should the request body look like?
Let the final Request Body be = requestBody
I shall divide this into 3 parts:
Currently requestBody =
Part 1:
--{0}\r\nContent-Disposition: form-data; name=\{1}\; filename=
\{2}\\r\nContent-Type: {3}\r\n\r\n
{0} = boundary(same as the one you attached in the ContentType
header)
{1} = image(this is essentially the form parameter whose data
you are sending as multipart, which in this case is image)
{2} = [The name of the image which you are sending(including the
extension)]
{3} = image/[extension of the image you are uploading], For
example image/jpeg.
Now your requestBody = Part 1
Part 2:
Get the binary Byte Stream of the image you are uploading, say
this Part 2.
Now your requestBody = Part 1+Part 2.
Part 3:
\r\n+-- + boundary(same as the one generated earlier) + --
Your final requestBody = Part 1+Part 2+Part 3.
This all I feel you need to know to get this API working. If you are
still facing issues. Then somethings which could help you debug the
issue are as follows:
- Please compare the raw text of your request stream with the
request stream which Raffi has shared in the above post.
- The best free tool for sniffing the HTTP requests happening for
your machine is Fiddler. You can download it from here
http://www.fiddlertool.com/dl/Fiddler1Setup.exe
- Please check the headers and OAuth signature.
How set the tile parameter is a question for which even I need find
answer for. Will update this space once something turns up.
Hope this helps all those people who are trying to build twitter API
library using OAuth.
[twitter-dev] Is there anyway get update profile background image to work with OAuth?
Is there anyway get update profile background image to work with OAuth? No one from twitter API team also seem to be trying help people out?
[twitter-dev] Re: Update profile image API using OAuth
Please someone at least share the raw text of a successful request to this API via OAuth. I will compare my request and see what I need to do
[twitter-dev] Update profile image API using OAuth
Hi all, I am trying to use the update profile image API via OAuth. This is how I build my request. Set the method as POST. Set the content type as multipart/form-data; boundary=+boundary; (Boundary is generated) Write the OAuth parameters oauth_consumer_key,oauth_nonce,oauth_signature,oauth_signature_method,oauth_timestamp,oauth_token,oauth_version into the request stream. I follow this up with --+boundary+\r\nContent-Disposition: form-data; name=\image\; filename=\test.JPG}\\r\nContent-Type: image/jpg\r\n\r\n. This is followed by the byte stream of the image. When I send this request to twitter, I receive 500(Internal server error). What am I doing wrong? Please help. I have been struggling since the past week to get this working.
[twitter-dev] Re: OAuth image upload: how does Twitter want to see multi-part post OAuth parts?
Rafi, Can you please share the raw text of a successful image update request for oauth?
[twitter-dev] Re: OAuth image upload: how does Twitter want to see multi-part post OAuth parts?
Raffi, After modifications, this is how my request looks like OAuth signature base: POSThttp%3A%2F%2Ftwitter.com%2Faccount %2Fupdate_profile_background_image.xmloauth_consumer_key %3DgUutCG9HjEOT0N8IxvW9w%26oauth_nonce %3Dt64bID6gIVtpU6t7m3dsTrTUOhubJizM%26oauth_signature_method%3DHMAC- SHA1%26oauth_timestamp%3D1263403749%26oauth_token %3D29191067-7Gl0rjc5KegDdw5p0FJqcBLTmKFF8rCr9Kb3Yt7ZE%26oauth_version %3D1.0a I sign this and then add all the parameters to the request stream, this is how my stream looks like: oauth_consumer_key=gUutCG9HjEOT0N8IxvW9woauth_nonce=t64bID6gIVtpU6t7m3dsTrTUOhubJizMoauth_signature=TE0lfX3WZwYAr1812GNP8uYJGKc %3Doauth_signature_method=HMAC- SHA1oauth_timestamp=1263403749oauth_token=29191067-7Gl0rjc5KegDdw5p0FJqcBLTmKFF8rCr9Kb3Yt7ZEoauth_version=1.0aimage= This is followed by the byte stream of the image. I still get a 401 as response. Can tell me what I need to change?
[twitter-dev] Re: OAuth image upload: how does Twitter want to see multi-part post OAuth parts?
Hey Raffi, I know about the basics of oAuth I already working code for posting tweets with OAuth. I have few doubts with respect to building signature for multi part requests. 1. What all parameters should be part of the signature base string? 2. Where should the parameters and the signature be placed in the request stream? 3. How should the file data be sent? Please help me out.
[twitter-dev] Re: OAuth image upload: how does Twitter want to see multi-part post OAuth parts?
Raffi, If you have ever worked with DotNet then please help me. What I do currently is as follows: - Set the request type to POST. - ContentType to multipart/form-data; boundary= + boundary (generated); - Then I add this to the request stream L--+boundary+L\r\n+LContent-Disposition: form-data; name=\image\; filename=\test.JPG\ + L\r\n+LContent-Type: image/jpg+L\r\n\r\n; - followed by the bytestream of the image. - Then I continue to add the OAuth params/signature to the stream All the above are URL encoded. Twitter responds with a 401 to this request. What do I have to correct.
[twitter-dev] Re: OAuth image upload: how does Twitter want to see multi-part post OAuth parts?
Yusuke, Can you please share with us the raw text of your request? I am not familiar with Java. I am working with C++(.NET)
[twitter-dev] Internal Server Error 500 on using the http://twitter.com/account/update_profile_background_image.format API
Hi All,
I am trying to use this API using OAuth from my C++ .NET client.
How can get additional information about this error so that I can try
to fix it.
this-generateSignature();
WebRequest^ myRequest = WebRequest::Create(http://twitter.com/
account/update_profile_background_image.xml);
myRequest-Method = POST;
String^ boundary = this-CreateBoundary();
myRequest-ContentType = multipart/form-data; boundary= + boundary;
Encoding^ encoding = Encoding::ASCII;
String^ requestString = L--+boundary+L\r\n+LContent-Disposition:
form-data; name=\image\; filename=\test.JPG\ + L\r\n+LContent-
Type: image/jpg+L\r\n\r\n;
Stream^ requestStream = myRequest-GetRequestStream();
requestStream-Write(encoding-GetBytes(requestString),0,encoding-
GetBytes(requestString)-Length);
FileInfo^ file = gcnew FileInfo(LC:/Documents and Settings/vikramp/
My Documents/My Pictures/Picasa Exports/Picasa Export/test.JPG);
FileStream^ myImage = file-OpenRead();
arrayByte^ ByteArray;
if(myImage-CanRead)
{
ByteArray = gcnew arrayByte(safe_castint(myImage-Length));
myImage-Read( ByteArray, 0,safe_castint(myImage-Length));
requestStream-Write(ByteArray,0,safe_castint(myImage-Length));
}
requestStream-Write( encoding-GetBytes(L\r\n-- + boundary +
L--),0,encoding-GetBytes(L-- + boundary + L--)-Length);
requestStream-Close();
myImage-Close();
Stream^ data = myRequest-GetResponse()-GetResponseStream();
Just in case some one needed the code.
All I am doing here signing the request with the default parameters
(image parameter no included).
The I write the multipart data.
Please help me out or direct me to a link which gives a information
about using the API.
[twitter-dev] Please Help !!! How do i build OAuth based request for the update_profile_background_image.format API
Hi All, Please let me know what HTTP parameters need to be included for this API. Should the 'image' parameter considered for the OAuth signature base? How should value for the image parameter be populated? Should be the byte array of the image file or something else? Please help me out. If possible give me an example request.
[twitter-dev] Re: OAuth_Token in OAuth signature
So this parameter need not be part of the signature when requesting for Request Tokens right? On Jan 6, 1:27 pm, Abraham Williams 4bra...@gmail.com wrote: oauth_token form table 6-1 is the public part of the access token. You get it by callinghttp://apiwiki.twitter.com/Twitter-REST-API-Method:-oauth-access_tokenafter the user has authorized your application on Twitter. On Sun, Jan 3, 2010 at 11:27, Vikram vikram.prav...@gmail.com wrote: I am OAuthTwitter Library in C++. It looks like that the OAuth Signature requires OAuth_token(Ref: http://p2p.wrox.com/content/articles/twitter-development-oauth-specif... see table 6-1). What is this token? How do I get this? -- Abraham Williams | #doit |http://hashtagdoit.com Project | Intersect |http://intersect.labs.poseurtech.com Hacker |http://abrah.am|http://twitter.com/abraham This email is: [ ] shareable [x] ask first [ ] private. Sent from Madison, WI, United States
[twitter-dev] Re: Please Help
Thanks Ryan I managed to fix it. The ordering was one issue and my time stamps were getting generated incorrectly. One more question, the Key for HMAC-SHA1 hashing algo required a to be appended to my consumer secret. Why is this required? On Jan 6, 4:08 pm, ryan alford ryanalford...@gmail.com wrote: You are don't have the parameters in the proper order. The signature goes last. The rest of the parameters must be in order. Put the parameters in order, create the signature, then append the signature to the end or the query string. Ryan Sent from my DROID On Jan 6, 2010 2:05 AM, Vikram vikram.prav...@gmail.com wrote: This my query string https://twitter.com/oauth/request_token?oauth_signature=dIjtVqiRK %2BnWo5UYRSSs6WWwKII %3Doauth_callback=ooboauth_consumer_key=gUutCG9HjEOT0N8IxvW9woauth_nonce=hO3CY2tN7OblsYdp0sOoThPRGEMypcWdM1PMoauth_signature_method=HMAC- SHA1oauth_timestamp=1262716897oauth_version=1.0a
[twitter-dev] Please Help
When I try to get the QAuth Request token I get Failed to validate oauth signature and token error message from twitter. What can be the possible reason? If required I can share my entire code with you people.
[twitter-dev] Re: Please Help
This my query string https://twitter.com/oauth/request_token?oauth_signature=dIjtVqiRK %2BnWo5UYRSSs6WWwKII %3Doauth_callback=ooboauth_consumer_key=gUutCG9HjEOT0N8IxvW9woauth_nonce=hO3CY2tN7OblsYdp0sOoThPRGEMypcWdM1PMoauth_signature_method=HMAC- SHA1oauth_timestamp=1262716897oauth_version=1.0a
[twitter-dev] Re: Skipping the PIN based workflow for Desktop clients using OAuth
@Duane Roelands I am working on desktop app,but the fact that I need a PIN for trading my request tokens for OAuth Access tokens made me look at PHP route. My idea was to use PHP get the access tokens and then use them in my desktop app. The rationale behind this was that I didn't want user to be entering PIN every time. With PHP I could use the callback URL for automatically getting the access tokens. @srikanth reddy Srikanth how can I make the PIN entering a one time process. If I save the access tokens will I be able to use them in the next instance of my App??
[twitter-dev] OAuth_Token in OAuth signature
I am OAuthTwitter Library in C++. It looks like that the OAuth Signature requires OAuth_token(Ref: http://p2p.wrox.com/content/articles/twitter-development-oauth-specification see table 6-1). What is this token? How do I get this?
[twitter-dev] Re: Skipping the PIN based workflow for Desktop clients using OAuth
Thanks Ryan. That's a welcome relief I am building a OAuth Library for Twitter in C++, It looks like that the OAuth_signature requires the oauth_token.(Ref: http://p2p.wrox.com/content/articles/twitter-development-oauth-specification See table 6-1).What does this token mean? How do I get this? On Jan 3, 8:39 pm, ryan alford ryanalford...@gmail.com wrote: In the Desktop workflow, you don't have to enter the PIN every time. The user is NOT required to authorize your application every time they want to use it. After the first authorization, YOU store the access token and access token secret either in a database, file, or some other type of storage mechanism. You use those stored values until they expire(which could be never). Ryan On Sun, Jan 3, 2010 at 9:44 AM, Vikram vikram.prav...@gmail.com wrote: @Duane Roelands I am working on desktop app,but the fact that I need a PIN for trading my request tokens for OAuth Access tokens made me look at PHP route. My idea was to use PHP get the access tokens and then use them in my desktop app. The rationale behind this was that I didn't want user to be entering PIN every time. With PHP I could use the callback URL for automatically getting the access tokens. @srikanth reddy Srikanth how can I make the PIN entering a one time process. If I save the access tokens will I be able to use them in the next instance of my App??
[twitter-dev] Skipping the PIN based workflow for Desktop clients using OAuth
Hi All, I am fairly a newbie to OAuth. Currently I am working on desktop client which uses the basic authentication. Would like to switch to OAuth. So I intially tried my hands with Abraham's PHP library. Apparently, I couldn't the callback to work. After googling and going through the latest OAuth changes I realized that I need to register my app as a Webapp for callbacks to work. Digging further I found that twitter actually validates the callback URL and as i don't have a public server I couldn't register myApp as a Web client because twitter says my callback URL is invalid(As Expected). So I am kind of struck. My actual idea was to save the access token and reuse it in future for authentication without having the user go through the entire process. But I found that the PIN is required everytime. So I thought of using of registering my app as web app and use PHP to work till getting the access token and then use the access token for further operations, but I couldn't get the callback to work because of the above mentioned issue. So I am wondering how to solve the problem? Please help me out,if there is no way to skip the PIN based workflow for desktop apps then I will have to continue with BASIC AUTH. But Twitter claims that it will soon drop support for BASIC AUTH and make the API ACCESS OAUTH ONLY. Please help me out. Thanks a Ton in advance.
