Hi Tim, That sounds like your machine might be having some issues connecting via SSL. Are you able to use Curl for any other SSL-based sites?
Taylor On Mon, Jun 21, 2010 at 11:57 AM, Tim Millwood <t...@millwoodonline.co.uk>wrote: > Tried using Curl instead of drupal_http_request and got the following > error. > > "error setting certificate verify locations:\n CAfile: \/etc\/ssl\/ > certs\/ca-certificates.crt\n CApath: none\n" > > Not sure what that means > > On Jun 21, 4:40 pm, Tim Millwood <t...@millwoodonline.co.uk> wrote: > > I have a test air app that posts to Twitpic perfectly fine using oAuth > > Echo, if I change the URL to my web app I get 401. > > > > Here are the headers I am passing to twitter to verify credentials. Am > > I missing some? > > > > [HTTP_X_AUTH_SERVICE_PROVIDER] => > https://api.twitter.com/1/account/verify_credentials.json > > > > [Authorization] => OAuth > > > realm="twitter",oauth_consumer_key="t94eBtc4Pz2zqo4KhABseQ",oauth_token="62 > 66632- > > > e0NRaGReqpzR84Floyg565BMJbBH4lYMxsJD9LNZY",oauth_version="1.0",oauth_timest > amp="1276986312",oauth_nonce="KhWw0N",oauth_signature_method="HMAC- > > SHA1",oauth_signature="ubKN3OQy8xC5Sdkn%2BD%2Bcq9c1ywY%3D" > > > > Tim > > > > On Jun 21, 4:28 pm, Taylor Singletary <taylorsinglet...@twitter.com> > > wrote: > > > > > > > > > Awesome. There's much untapped potential in OAuth Echo beyond just the > > > TwitPic, yFrog, etc. use cases. > > > > > This is an area where you're going to have to be very exacting. Have > you > > > confirmed that the request you are building would actually execute > against > > > Twitter correctly before you've sent it through your process? As in, > have > > > you verified that the HTTP Authorization header you've created will > work > > > against the end point before you've stuffed it into some other header, > > > processed the request, etc. > > > > > Can you share the authorization header you are using and how you've > defined > > > the OAuth Echo headers? Your signature base string for the same? > > > > > Taylor > > > > > On Mon, Jun 21, 2010 at 8:06 AM, Tim Millwood < > t...@millwoodonline.co.uk>wrote: > > > > > > I am trying to do something else. > > > > > > I am not trying post to twitpic, I am trying to post to my own web > app > > > > (similar to twitpic). > > > > > > I am getting the HTTP_X_AUTH_SERVICE_PROVIDER and > > > > HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION headers from the test app, > > > > then my web app is renaming the > > > > HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION header to Authorization and > > > > POSTing both to the URL in HTTP_X_AUTH_SERVICE_PROVIDER. > > > > This returns the 401 error. > > > > > > On Jun 21, 3:11 pm, Taylor Singletary <taylorsinglet...@twitter.com> > > > > wrote: > > > > > Hi Tim, > > > > > > > The call specified in your HTTP_X_* headers is for the OAuth Echo > > > > provider > > > > > to execute against the API. Since they execute the call, it > invalidates > > > > the > > > > > oauth_nonce you provided. Really, it's a different API call that > your > > > > > application should be executing following an OAuth Echo > transaction.. > > > > > > > 1. You've got something to post with TwitPic > > > > > 2. You setup a mock request to Twitter to verify credentials so > that > > > > TwitPic > > > > > can identify your user with Twitter > > > > > 3. You send that mock request in HTTP_X_* headers to Twitpic, along > with > > > > > your API request to Twitpic with the image > > > > > 4. TwitPic executes the Twitter API call specified in the HTTP_X_* > > > > headers, > > > > > verifying the user > > > > > 5. On success, TwitPic sends you in its response information about > the > > > > media > > > > > you just uploaded on behalf of your user > > > > > 6. You take that response and append it to a tweet, or whatever > other API > > > > > operation you're doing, and send a brand new request to Twitter > > > > > > > Is this the flow you're following or are you trying to do something > else? > > > > > > > Taylor > > > > > > > On Sat, Jun 19, 2010 at 12:40 PM, Tim Millwood < > > > > t...@millwoodonline.co.uk>wrote: > > > > > > > > So... I now have a test app which is sending oAuth Echo request > > > > > > successfully to Twitpic. > > > > > > > > If I change the URL to my web app I get a 401 error back from > Twitter, > > > > > > so there is something I am doing wrong. > > > > > > > > I am getting the HTTP_X_AUTH_SERVICE_PROVIDER and > > > > > > HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION headers from the test > app, > > > > > > then my web app is renaming the > > > > > > HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION header to Authorization > and > > > > > > POSTing both to the URL in HTTP_X_AUTH_SERVICE_PROVIDER. > > > > > > > > This returns the 401 error. > > > > > > > > On Jun 17, 2:44 pm, Taylor Singletary < > taylorsinglet...@twitter.com> > > > > > > wrote: > > > > > > > Hi Tim, > > > > > > > > > I'm not familiar with the Drupal OAuth module, but can help you > a > > > > little > > > > > > > bit. > > > > > > > > > Hopefully that module is a bit flexible in the different > approaches > > > > you > > > > > > can > > > > > > > use to perform OAuth with it. Essentially, you need to build a > "mock > > > > > > > request" that you won't actually execute against an endpoint at > > > > Twitter > > > > > > > using your credentials. The canon for OAuth Echo right now is > to > > > > build a > > > > > > GET > > > > > > > request tohttp:// > > > > api.twitter.com/1/account/verify_credentials.json--but > > > > > > > essentially, you can use any resource you want (and the OAuth > Echo > > > > proxy > > > > > > > provider could do something with the response in conjunction > with > > > > your > > > > > > > request -- TwitPic, yFrog, etc. are only just one possibility > of the > > > > > > things > > > > > > > you can do with OAuth Echo. > > > > > > > > > I edited up a good example in simple PHP of using OAuth Echo > against > > > > > > TwitPic > > > > > > > the other day:http://pastie.org/pastes/1005387 > > > > > > > > > Taylor > > > > > > > > > On Thu, Jun 17, 2010 at 1:40 AM, Tim Millwood < > > > > t...@millwoodonline.co.uk > > > > > > >wrote: > > > > > > > > > > I'm trying to get oAuth Echo working withhttp://drippic.com > > > > > > > > > > My API url ishttp://drippic.com/drippic2/uploadifyouwanttogive > > > > > > > > it a try. > > > > > > > > > > Here is my code. > > > > > > > > $sp = $_SERVER['HTTP_X_AUTH_SERVICE_PROVIDER']; > > > > > > > > $auth_cred = > $_SERVER['HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION']; > > > > > > > > $response = drupal_http_request($sp, > > > > > > > > array('HTTP_X_AUTH_SERVICE_PROVIDER'=>$sp,'Authorization'=> > > > > > > > > $auth_cred),'POST'); > > > > > > > > > watchdog('drippic','</pre>'.print_r($response,true).'</pre>'); > > > > > > > > print(json_encode($response)); > > > > > > > > > > I'm not sure what I need to send it, I copied Twitpic's > example and > > > > > > > > used this in terminal > > > > > > > > curl -v -H 'X-Auth-Service-Provider: > > > > > > > >https://api.twitter.com/1/account/verify_credentials.json' > > > > > > > > -H 'X-Verify-Credentials-Authorization: OAuth realm="http:// > > > > > > > > api.twitter.com/", > oauth_consumer_key="GDdmIQH6jhtmLUypg82g", > > > > > > > > oauth_signature_method="HMAC-SHA1", oauth_token="819797- > > > > > > > > Jxq8aYUDRmykzVKrgoLhXSq67TEa5ruc4GJC2rWimw", > > > > > > > > oauth_timestamp="1272325550", > > > > > > > > oauth_nonce="oElnnMTQIZvqvlfXM56aBLAf5noGD0AQR3Fmi7Q6Y", > > > > > > > > oauth_version="1.0", > > > > oauth_signature="U1obTfE7Rs9J1kafTGwufLJdspo%3D"' > > > > > > > >http://drippic.com/drippic2/upload > > > > > > > > > > It returns 401, guess it's because the details are wrong, and > not > > > > sure > > > > > > > > what I should use. > > > > > > > > > > Can anyone help? > > > > > > > > > > (don't really know enough about oAuth, oAuth on the site is > all > > > > > > > > managed by the Drupal oAuth module) >
