It may not help fix your problem but I would recommend upgrading to the python-oauth2 library. (Don't be confused by the name; it's not an oauth 2.0 library, but just the next generation of the original oauth 1.0a library that Leah Culver wrote). There are bunch of little issues with the original one that don't follow the spec exactly that are fixed and it's not a difficult upgrade (as long as your are not hosting an OAuth server of your own because those interfaces changed considerably).
http://github.com/zbowling/python-oauth2 (the fork I maintain with bunch of twitter related fixes and workarounds) or: http://github.com/simplegeo/python-oauth2 (the official upstream) Zac Bowling @zbowling On Jun 3, 2010, at 3:15 PM, Steve C wrote: > I just looked at your code briefly, but I believe the problem is this > line: > > oauth_request = TwitpicOAuthRequest(http_method="POST", > http_url=settings.TWITPIC_API_URL, > > The OAuth Request needs to be signed using the Twitter Endpoint > (https://api.twitter.com/1/account/verify_credentials.json), not the > Twitpic API URL. > > Try something like this: > > oauth_request = TwitpicOAuthRequest(http_method="GET", > http_url="https://api.twitter.com/1/account/verify_credentials.json";, > > > On Jun 3, 2:38 pm, yml <yann.ma...@gmail.com> wrote: >> I would greatly appreciate any help. >> Here it is the latest evolution of this piece of code : >> >> """ >> class TwitpicOAuthRequest(OAuthRequest): >> def to_header(self, realm='http://api.twitter.com/'): >> headers = super(TwitpicOAuthRequest, >> self).to_header(realm=realm) >> return {'X-Verify-Credentials-Authorization': >> headers['Authorization']} >> >> def post_photo(request): >> if request.method == 'POST': >> form = PhotoForm(request.POST, request.FILES) >> if not request.session.get('twitter_access_token'): >> return HttpResponse("Not authenticated") >> if form.is_valid(): >> access_token = request.session['twitter_access_token'] >> >> params = { >> 'oauth_consumer_key': settings.TWITTER_CONSUMER_KEY, >> 'oauth_signature_method':"HMAC-SHA1", >> 'oauth_token':access_token.key, >> 'oauth_timestamp':oauth.generate_timestamp(), >> 'oauth_nonce':oauth.generate_nonce(), >> 'oauth_version':'1.0' >> } >> >> consumer = >> oauth.OAuthConsumer(key=settings.TWITTER_CONSUMER_KEY, >> >> secret=settings.TWITTER_CONSUMER_SECRET) >> token = oauth.OAuthToken(key=access_token.key, >> secret=access_token.secret) >> oauth_request = TwitpicOAuthRequest(http_method="GET", >> >> #http_url=settings.TWITPIC_API_URL, >> >> http_url=settings.TWITTER_VERIFY_CREDENTIALS, >> parameters=params) >> >> signature=oauth_request.sign_request(OAuthSignatureMethod_HMAC_SHA1(), >> consumer, >> access_token) >> >> headers = oauth_request.to_header() >> headers['X-Auth-Service-Provider'] = >> settings.TWITTER_VERIFY_CREDENTIALS >> >> #with multipart_encode >> values = [ >> MultipartParam('key',value=settings.TWITPIC_API_KEY), >> >> MultipartParam('message',value=form.cleaned_data['message']), >> MultipartParam('media', >> filename='copine_moi.jpg', >> filetype='image/jpeg', >> fileobj=open("/home/yml/Desktop/ >> copine_moi.jpg","rb")) >> ] >> >> register_openers() >> datagen, heads = multipart_encode(values) >> headers.update(heads) >> req = urllib2.Request(settings.TWITPIC_API_URL, datagen, >> headers) >> # Post to netcat -l -p 9000 >> #req = urllib2.Request("http://127.0.0.1:9000";, datagen, >> headers) >> >> #with urlencode >> #values = {} >> #values['key'] = MultipartParam(settings.TWITPIC_API_KEY) >> #values['message'] = >> MultipartParam(form.cleaned_data['message']) >> #values['media'] = open("/home/yml/Desktop/ >> copine_moi.jpg", "rb").read() >> #data = urllib.urlencode(values) >> #req = urllib2.Request(settings.TWITPIC_API_URL, data, >> headers) >> >> response = urllib2.urlopen(req) >> return HttpResponse("the photo is posted") >> else: >> form = PhotoForm(initial={"created_at":datetime.now()}) >> >> return render_to_response("twitter_integration/photo_form.html", >> {"form":form,}, >> >> context_instance=RequestContext(request)) >> """ >> >> On Jun 3, 11:20 am, yml <yann.ma...@gmail.com> wrote: >> >> >> >>> Hello, >>> I am in the process of writing a python web app that should enable the >>> user to post picture to twitpic using the Oauth Echo authorization >>> mechanism. >> >>> The application is already able to post tweet using the Oauth >>> authentication so the access_token is available to us in the session. >> >>> So my question to you guys is that it would be great if someone could >>> point what is the issue in the code below or paste some sample code >>> that upload a picture in python to twitpic. >> >>> """" >>> # OauthRequest is from the python-oauth lib >>> # I overide the to_header method to return a dict with the right key. >> >>> class TwitpicOAuthRequest(OAuthRequest): >>> def to_header(self, realm='http://api.twitter.com/'): >>> headers = super(TwitpicOAuthRequest, >>> self).to_header(realm=realm) >>> return {'X-Verify-Credentials-Authorization': >>> headers['Authorization']} >> >>> def post_photo(request): >>> if request.method == 'POST': >>> form = PhotoForm(request.POST, request.FILES) >>> if not request.session.get('twitter_access_token'): >>> return HttpResponse("Not authenticated") >>> if form.is_valid(): >>> access_token = request.session['twitter_access_token'] >> >>> params = { >>> 'oauth_consumer_key': settings.TWITTER_CONSUMER_KEY, >>> 'oauth_signature_method':"HMAC-SHA1", >>> 'oauth_token':access_token.key, >>> 'oauth_timestamp':oauth.generate_timestamp(), >>> 'oauth_nonce':oauth.generate_nonce(), >>> 'oauth_version':'1.0' >>> } >> >>> consumer = >>> oauth.OAuthConsumer(key=settings.TWITTER_CONSUMER_KEY, >> >>> secret=settings.TWITTER_CONSUMER_SECRET) >>> token = oauth.OAuthToken(key=access_token.key, >>> secret=access_token.secret) >>> oauth_request = TwitpicOAuthRequest(http_method="POST", >> >>> http_url=settings.TWITPIC_API_URL, >>> parameters=params) >> >>> signature=oauth_request.build_signature(OAuthSignatureMethod_HMAC_SHA1(), >>> consumer, >>> access_token) >> >>> headers = oauth_request.to_header() >>> headers['X-Auth-Service-Provider'] = 'https:// >>> api.twitter.com/1/account/verify_credentials.json' >>> headers['X-Verify-Credentials-Authorization'] += ', >>> oauth_signature="%s"' %signature >> >>> values = {} >>> values['key'] = settings.TWITPIC_API_KEY >>> values['message'] = form.cleaned_data['message'] >>> # the path to the file is hardcoded here in the future it >>> will be taken from the from >>> values['media'] = open("/home/yml/Desktop/copine_moi.jpg", >>> "rb") >>> register_openers() >>> datagen, heads = multipart_encode(values) >>> headers.update(heads) >> >>> req = urllib2.Request(settings.TWITPIC_API_URL, datagen, >>> headers) >>> response = urllib2.urlopen(req) >> >>> return HttpResponse("the photo is posted") >>> else: >>> form = PhotoForm(initial={"created_at":datetime.now()}) >> >>> return render_to_response("twitter_integration/photo_form.html", >>> {"form":form,}, >> >>> context_instance=RequestContext(request)) >>> """"
