Tried using Curl instead of drupal_http_request and got the following error.
"error setting certificate verify locations:\n CAfile: \/etc\/ssl\/ certs\/ca-certificates.crt\n CApath: none\n" Not sure what that means On Jun 21, 4:40 pm, Tim Millwood <t...@millwoodonline.co.uk> wrote: > I have a test air app that posts to Twitpic perfectly fine using oAuth > Echo, if I change the URL to my web app I get 401. > > Here are the headers I am passing to twitter to verify credentials. Am > I missing some? > > [HTTP_X_AUTH_SERVICE_PROVIDER] > =>https://api.twitter.com/1/account/verify_credentials.json > > [Authorization] => OAuth > realm="twitter",oauth_consumer_key="t94eBtc4Pz2zqo4KhABseQ",oauth_token="62 > 66632- > e0NRaGReqpzR84Floyg565BMJbBH4lYMxsJD9LNZY",oauth_version="1.0",oauth_timest > amp="1276986312",oauth_nonce="KhWw0N",oauth_signature_method="HMAC- > SHA1",oauth_signature="ubKN3OQy8xC5Sdkn%2BD%2Bcq9c1ywY%3D" > > Tim > > On Jun 21, 4:28 pm, Taylor Singletary <taylorsinglet...@twitter.com> > wrote: > > > > > Awesome. There's much untapped potential in OAuth Echo beyond just the > > TwitPic, yFrog, etc. use cases. > > > This is an area where you're going to have to be very exacting. Have you > > confirmed that the request you are building would actually execute against > > Twitter correctly before you've sent it through your process? As in, have > > you verified that the HTTP Authorization header you've created will work > > against the end point before you've stuffed it into some other header, > > processed the request, etc. > > > Can you share the authorization header you are using and how you've defined > > the OAuth Echo headers? Your signature base string for the same? > > > Taylor > > > On Mon, Jun 21, 2010 at 8:06 AM, Tim Millwood > > <t...@millwoodonline.co.uk>wrote: > > > > I am trying to do something else. > > > > I am not trying post to twitpic, I am trying to post to my own web app > > > (similar to twitpic). > > > > I am getting the HTTP_X_AUTH_SERVICE_PROVIDER and > > > HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION headers from the test app, > > > then my web app is renaming the > > > HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION header to Authorization and > > > POSTing both to the URL in HTTP_X_AUTH_SERVICE_PROVIDER. > > > This returns the 401 error. > > > > On Jun 21, 3:11 pm, Taylor Singletary <taylorsinglet...@twitter.com> > > > wrote: > > > > Hi Tim, > > > > > The call specified in your HTTP_X_* headers is for the OAuth Echo > > > provider > > > > to execute against the API. Since they execute the call, it invalidates > > > the > > > > oauth_nonce you provided. Really, it's a different API call that your > > > > application should be executing following an OAuth Echo transaction.. > > > > > 1. You've got something to post with TwitPic > > > > 2. You setup a mock request to Twitter to verify credentials so that > > > TwitPic > > > > can identify your user with Twitter > > > > 3. You send that mock request in HTTP_X_* headers to Twitpic, along with > > > > your API request to Twitpic with the image > > > > 4. TwitPic executes the Twitter API call specified in the HTTP_X_* > > > headers, > > > > verifying the user > > > > 5. On success, TwitPic sends you in its response information about the > > > media > > > > you just uploaded on behalf of your user > > > > 6. You take that response and append it to a tweet, or whatever other > > > > API > > > > operation you're doing, and send a brand new request to Twitter > > > > > Is this the flow you're following or are you trying to do something > > > > else? > > > > > Taylor > > > > > On Sat, Jun 19, 2010 at 12:40 PM, Tim Millwood < > > > t...@millwoodonline.co.uk>wrote: > > > > > > So... I now have a test app which is sending oAuth Echo request > > > > > successfully to Twitpic. > > > > > > If I change the URL to my web app I get a 401 error back from Twitter, > > > > > so there is something I am doing wrong. > > > > > > I am getting the HTTP_X_AUTH_SERVICE_PROVIDER and > > > > > HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION headers from the test app, > > > > > then my web app is renaming the > > > > > HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION header to Authorization and > > > > > POSTing both to the URL in HTTP_X_AUTH_SERVICE_PROVIDER. > > > > > > This returns the 401 error. > > > > > > On Jun 17, 2:44 pm, Taylor Singletary <taylorsinglet...@twitter.com> > > > > > wrote: > > > > > > Hi Tim, > > > > > > > I'm not familiar with the Drupal OAuth module, but can help you a > > > little > > > > > > bit. > > > > > > > Hopefully that module is a bit flexible in the different approaches > > > you > > > > > can > > > > > > use to perform OAuth with it. Essentially, you need to build a "mock > > > > > > request" that you won't actually execute against an endpoint at > > > Twitter > > > > > > using your credentials. The canon for OAuth Echo right now is to > > > build a > > > > > GET > > > > > > request tohttp:// > > > api.twitter.com/1/account/verify_credentials.json--but > > > > > > essentially, you can use any resource you want (and the OAuth Echo > > > proxy > > > > > > provider could do something with the response in conjunction with > > > your > > > > > > request -- TwitPic, yFrog, etc. are only just one possibility of the > > > > > things > > > > > > you can do with OAuth Echo. > > > > > > > I edited up a good example in simple PHP of using OAuth Echo against > > > > > TwitPic > > > > > > the other day:http://pastie.org/pastes/1005387 > > > > > > > Taylor > > > > > > > On Thu, Jun 17, 2010 at 1:40 AM, Tim Millwood < > > > t...@millwoodonline.co.uk > > > > > >wrote: > > > > > > > > I'm trying to get oAuth Echo working withhttp://drippic.com > > > > > > > > My API url ishttp://drippic.com/drippic2/uploadifyouwantto give > > > > > > > it a try. > > > > > > > > Here is my code. > > > > > > > $sp = $_SERVER['HTTP_X_AUTH_SERVICE_PROVIDER']; > > > > > > > $auth_cred = $_SERVER['HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION']; > > > > > > > $response = drupal_http_request($sp, > > > > > > > array('HTTP_X_AUTH_SERVICE_PROVIDER'=>$sp,'Authorization'=> > > > > > > > $auth_cred),'POST'); > > > > > > > watchdog('drippic','</pre>'.print_r($response,true).'</pre>'); > > > > > > > print(json_encode($response)); > > > > > > > > I'm not sure what I need to send it, I copied Twitpic's example > > > > > > > and > > > > > > > used this in terminal > > > > > > > curl -v -H 'X-Auth-Service-Provider: > > > > > > >https://api.twitter.com/1/account/verify_credentials.json' > > > > > > > -H 'X-Verify-Credentials-Authorization: OAuth realm="http:// > > > > > > > api.twitter.com/", oauth_consumer_key="GDdmIQH6jhtmLUypg82g", > > > > > > > oauth_signature_method="HMAC-SHA1", oauth_token="819797- > > > > > > > Jxq8aYUDRmykzVKrgoLhXSq67TEa5ruc4GJC2rWimw", > > > > > > > oauth_timestamp="1272325550", > > > > > > > oauth_nonce="oElnnMTQIZvqvlfXM56aBLAf5noGD0AQR3Fmi7Q6Y", > > > > > > > oauth_version="1.0", > > > oauth_signature="U1obTfE7Rs9J1kafTGwufLJdspo%3D"' > > > > > > >http://drippic.com/drippic2/upload > > > > > > > > It returns 401, guess it's because the details are wrong, and not > > > sure > > > > > > > what I should use. > > > > > > > > Can anyone help? > > > > > > > > (don't really know enough about oAuth, oAuth on the site is all > > > > > > > managed by the Drupal oAuth module)