Im having loads of issues with the Twitter API and GET. Hopefully someone can point out my mistake of help me in the correct direction. I got the POST correct for posting statusses, but i want to get the users mentions, but Im receiving "Could not authenticate with OAuth" the whole time.
Below are all my strings and headers as I set / get it. Please help. :)
- Generate Base URL -
base=GET&http%3A%2F%2Fapi.twitter.com%2F1%2Fstatuses%2Fmentions.xml&oauth_consumer_key%3D0RaXE4T4CuMFJHI1jViEQ%26oauth_nonce%3DDGTQVDPXRAYASJJFJLJF%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1309954505%26oauth_token%3D298006718-8yTikfcuvQ3Xq1ZGuykhkxK2wY0ZAOxcI0jesRxd%26oauth_version%3D1.0
----------------------------------
- Build Signature -
SignKey=ey75K0x7bgyI4BwwG5mn7vLVNQiyphJo9MMT8t6bj0&Syk7tpizLGSo2xvJ9Q8Y1G318eKO8QXvPGWoOpdXWw
Signature=Q844NOw7T0oq8tNQkdR/6ez6Z8s=
----------------------------------
- Request twit Start -
postvars=
url=http://api.twitter.com/1/statuses/mentions.xml
----------------------------------
- Socket Before Header Send -
GET /1/statuses/mentions.xml HTTP/1.0
Accept: */*
Referer: http://eden.fm
User-Agent: Mozilla/4.0 (compatible; ICS)
Host: api.twitter.com
Authorization: OAuth oauth_nonce="DGTQVDPXRAYASJJFJLJF", oauth_callback="oob", oauth_token="298006718-8yTikfcuvQ3Xq1ZGuykhkxK2wY0ZAOxcI0jesRxd", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1309954505", oauth_consumer_key="0RaXE4T4CuMFJHI1jViEQ", oauth_signature="Q844NOw7T0oq8tNQkdR%2F6ez6Z8s%3D", oauth_version="1.0"
----------------------------------
- Socket Header End -
HTTP/1.1 401 Unauthorized
Date: Wed, 06 Jul 2011 12:16:11 GMT
Server: hi
Status: 401 Unauthorized
WWW-Authenticate: OAuth realm="http://api.twitter.com"
X-Runtime: 0.00899
Content-Type: application/xml; charset=utf-8
Content-Length: 152
Cache-Control: no-cache, max-age=1800
Set-Cookie: k=41.133.180.120.1309954571265496; path=/; expires=Wed, 13-Jul-11 12:16:11 GMT; domain=.twitter.com
Set-Cookie: guest_id=v1%3A130995457172572573; domain=.twitter.com; path=/; expires=Sat, 06 Jul 2013 00:16:11 GMT
Set-Cookie: original_referer=ojItV1ByhTzWh74Jc1NQEw%3D%3D; path=/
Set-Cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCNR9YP8wAToHaWQiJTQzZGVmMTE3YTI5ZjEz%250AOGYzZWEwYjlmNTRlM2I3MzA2IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--dd24ddb28d1207c2ebf479e57b6f9edb82553bbe; domain=.twitter.com; path=/; HttpOnly
Expires: Wed, 06 Jul 2011 12:46:11 GMT
Vary: Accept-Encoding
Connection: close
----------------------------------
- Request Done Socket DocEnd -
result=
status code=401
headers=HTTP/1.1 401 Unauthorized
Date: Wed, 06 Jul 2011 12:16:11 GMT
Server: hi
Status: 401 Unauthorized
WWW-Authenticate: OAuth realm="http://api.twitter.com"
X-Runtime: 0.00899
Content-Type: application/xml; charset=utf-8
Content-Length: 152
Cache-Control: no-cache, max-age=1800
Set-Cookie: k=41.133.180.120.1309954571265496; path=/; expires=Wed, 13-Jul-11 12:16:11 GMT; domain=.twitter.com
Set-Cookie: guest_id=v1%3A130995457172572573; domain=.twitter.com; path=/; expires=Sat, 06 Jul 2013 00:16:11 GMT
Set-Cookie: original_referer=ojItV1ByhTzWh74Jc1NQEw%3D%3D; path=/
Set-Cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCNR9YP8wAToHaWQiJTQzZGVmMTE3YTI5ZjEz%250AOGYzZWEwYjlmNTRlM2I3MzA2IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--dd24ddb28d1207c2ebf479e57b6f9edb82553bbe; domain=.twitter.com; path=/; HttpOnly
Expires: Wed, 06 Jul 2011 12:46:11 GMT
Vary: Accept-Encoding
Connection: close
----------------------------------
result=<?xml version="1.0" encoding="UTF-8"?>
<hash>
<error>Could not authenticate with OAuth.</error>
<request>/1/statuses/mentions.xml</request>
</hash>
Why not take a look at my open source TTwitter library? Even though this version of the project is now depreciated (I've rolled TTwitter into a larger project to develop more social networking components) it'll still point you in the right direction :)
Related
How do you configure nginx to return a valid Content-Length header when responding to a HTTP HEAD request? Currently my server returns this:
curl --head http://example.com/myfile.xml
HTTP/1.1 200 OK
Date: Tue, 23 Aug 2016 13:49:46 GMT
Content-Type: text/xml
Set-Cookie: __cfduid=da2daeaa59809916192f7ac0645d3a3e91471960186; expires=Wed, 23-Aug-17 13:49:46 GMT; path=/; domain=.example.com; HttpOnly
Last-Modified: Mon, 22 Aug 2016 16:20:26 GMT
Vary: Accept-Encoding
ETag: W/"57bb264a-5442b26a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
Access-Control-Request-Method: *
Cache-Control: public
Server: cloudflare-nginx
CF-RAY: 9dac40-LHR
X-Cache: MISS from Squid
Via: 1.1 Squid (squid/3.2.14)
I must send the Content-Length header with the response to HEAD (if I don't, the service that checks that URL will never see that the file was changed, and will not download the new version). How do you set it up?
I might be wrong, but nginx probably isn't showing the content-length because of nature of dynamic content generated by Rails's application server.
You can ask Rails to send that in response header. In your Rails application's config/application.rb add the following middleware:
config.middleware.use "Rack::ContentLength"
This should return the content-length header in response.
I am working on a project which requires a client to make an api call to
my
rails application and it to return XML without any http header info.
its currently returning:
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Content-Type: application/xml; charset=
X-Ua-Compatible: IE=Edge
X-Request-Id: c5602cd7eb23ca8137bef8bb1f0a4f8a
X-Runtime: 0.027900
Server: WEBrick/1.3.1 (Ruby/1.9.3/2013-11-22)
Date: Wed, 18 Jun 2014 05:27:48 GMT
Content-Length: 529
Connection: Keep-Alive
Set-Cookie: _session_id=a8039d615674feec206e6c55a7a7afc8; path=/;
HttpOnly
<?xml version="1.0" encoding="UTF-8"?>
<cXML>
<Response>
<Status code="200" text="OK"/>
<StartPage>
<URL>http://localhost:3000/foobar/BAh7DDoNYmFza2V0aWRJI...
</StartPage>
</Response>
</cXML>
Can anyone help to remove all the http headers within the controller or any
config? which is below section.
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Content-Type: application/xml; charset=
X-Ua-Compatible: IE=Edge
X-Request-Id: c5602cd7eb23ca8137bef8bb1f0a4f8a
X-Runtime: 0.027900
Server: WEBrick/1.3.1 (Ruby/1.9.3/2013-11-22)
Date: Wed, 18 Jun 2014 05:27:48 GMT
Content-Length: 529
Connection: Keep-Alive
Set-Cookie: _session_id=a8039d615674feec206e6c55a7a7afc8; path=/;
HttpOnly
I am using nginx at the moment.
I have some says that this is kind of a nonsense request, since HTTP servers by
definition uses header to talk to one another. But I have also been informed that W3 think otherwise.
http://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4
I have also googled around for hours attempting other solutions changing my rails controller without any success. Is the last resort possibly changing config in Nginx and wouldn't that effect the whole rails application and not just the api calls or is there a way to single out one call?
Thanks in advance.
T
This is a nonsense request, yeah. You can use the HttpHeadersMore module to remove most of the response headers. Something like this should do it:
location /your/api/path {
more_clear_headers '*';
}
However, you can't remove the Connections header without patching nginx. And even if you could, you can't remove the first line of the response ("HTTP/1.1 200 OK", in this case). Without that line, it isn't an HTTP response. You're going to have a hard time convincing an HTTP server to send non-HTTP responses.
To get what you're describing, I think you'll need a custom server that communicates over bare TCP sockets. This tutorial might help you out. Or maybe you could implement that part of your app in node.js (or another tool)?
I am trying to use fiddler to test the oauth/request_token api but am getting a 'Failed to validate oauth signature and token' 401 error. I copied the authorization header values directly from my application and added an oauth_callback header. I am trying to follow the example in the following documentation:
https://dev.twitter.com/docs/api/1/post/oauth/request_token.
Any help would be greatly appreciated.
REQUEST:
POST https://api.twitter.com/oauth/request_token HTTP/1.1
Authorization: OAuth oauth_callback="http%3A%2F%2Flocalhost%3A61921%2Ftwitter%2Fprocesscallback", oauth_consumer_key="XXXXXXXXXXXXXXXXXXXXX", oauth_nonce="53891723ad7b32501c669d97f56c6d47", oauth_signature="qzN516EVspIA0NWBbpND83YcTr4%3D",
oauth_signature_method="HMAC-SHA1",
oauth_timestamp="1402955245",
oauth_token="2514015781-KqTbOPPag7p0CYQ6xByIibV3WEk8xLsWrhb9U4M",
oauth_version="1.0"
Host: api.twitter.com
Content-Length: 0
RESPONSE:
HTTP/1.1 401 Unauthorized
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 44
content-type: text/html; charset=utf-8
date: Mon, 16 Jun 2014 21:54:56 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Mon, 16 Jun 2014 21:54:56 GMT
pragma: no-cache
server: tfe
set-cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCEIJraZGAToHaWQiJTlmOTQ3Y2MyYWNlMTkx%250AYTMyYzVlZmYyMTA4ZjU4ZTdkIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--3afebfe1105e8a7315baba72651e76a24f53e6d2; domain=.twitter.com; path=/; secure; HttpOnly
set-cookie: guest_id=v1%3A140295569643962216; Domain=.twitter.com; Path=/; Expires=Wed, 15-Jun-2016 21:54:56 UTC
status: 401 Unauthorized
strict-transport-security: max-age=631138519
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-mid: d31abfd0b6cbb0aa6434a6ffc6efdfac089ab0a5
x-runtime: 0.01273
x-transaction: 2dd94ca53f553801
x-ua-compatible: IE=edge,chrome=1
x-xss-protection: 1; mode=block
Failed to validate oauth signature and token
I want to call /search method of Google cloud print from my webServer.
I am using OAuth web server guide obtaining a refresh_token/access_token to use with scopes:
https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile
Then I am calling search Api but I am obtaining a 403 forbidden.
Request DefaultHttpRequest(chunked: false)
POST /cloudprint/search HTTP/1.1
Host: www.google.com
Content-Type: text/plain; charset=utf-8
Authorization: OAuth yb29.1.AADtN_U9PYyVhGpcS-8MpFhfGVbT4KsZKEoIX2HGePwoNXypjrSwVsS0pGzmaqhktfGBAQ
Connection: keep-alive
Accept: */*
User-Agent: NING/1.0
Content-Length: 0
Response DefaultHttpResponse(chunked: true)
HTTP/1.1 403 Forbidden
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Date: Tue, 03 Dec 2013 17:05:09 GMT
Set-Cookie: NID=67=MQJFdl-YkMdz875n1J2yVNmeUeAvsjVtDGlNvGkNLZdNTHX3YbnStNx9Vg_MiRsmht6hj3XrwJcPJEQeFLlnYKqt2Of1xHJ5HDwNJgOB3svOdnN-JRFcPxYt4AU10eSM;Domain=.google.com;Path=/;Expires=Wed, 04-Jun-2014 17:05:09 GMT;HttpOnly
P3P: CP="This is not a P3P policy! See http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alternate-Protocol: 443:quic
Transfer-Encoding: chunked
Is the scope correct?
What am I doing wrong?
Your scopes are wrong. The correct scope is https://www.googleapis.com/auth/cloudprint
I think this related to your HTTP Header 'Authorization'.
When playing at https://developers.google.com/oauthplayground/, I see the generated requests use 'Authorization: Bearer your-token', instead of 'Authorization: OAuth your-token'.
The request below fails and I am not able to figure out why, any insights?
var atom = ["<?xml version='1.0' encoding='UTF-8'?>",
'<entry xmlns="http://www.w3.org/2005/Atom" xmlns:docs="http://schemas.google.com/docs/2007">',
'<category scheme="http://schemas.google.com/g/2005#kind"',
' term="http://schemas.google.com/docs/2007#document"/>',
'<title>', titleDoc, '</title>',
'</entry>'].join('');
xhr.open('POST', URI , true);
xhr.setRequestHeader('Content-type', 'application/atom+xml');
//xhr.setRequestHeader('GData-Version', '3.0');
xhr.setRequestHeader('X-Upload-Content-Length', '0');
xhr.setRequestHeader('Authorization', 'OAuth ' + google.getAccessToken());
xhr.send(atom);
This is the request/response packet from the servers
Request URL:https://docs.google.com/feeds/upload/create-session/default/private/full
Request Method:POST
Status Code:400 Bad Request
Request Payload
<?xml version='1.0' encoding='UTF-8'?><entry xmlns="http://www.w3.org/2005/Atom" xmlns:docs="http://schemas.google.com/docs/2007"><category scheme="http://schemas.google.com/g/2005#kind" term="http://schemas.google.com/docs/2007#document"/><title>test</title></entry>
Response Headersview source
cache-control:no-cache, no-store, must-revalidate
content-length:19
content-type:text/html; charset=UTF-8
date:Sun, 01 Jul 2012 06:46:21 GMT
expires:Fri, 01 Jan 1990 00:00:00 GMT
pragma:no-cache
server:HTTP Upload Server Built on Jun 14 2012 02:12:09 (1339665129)
status:400 Bad Request
version:HTTP/1.1
The repose with gdata Version uncommented, but this still does not create a doc in the google docs
HTTP/1.1 200 OK
status: 200 OK
version: HTTP/1.1
cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 01 Jul 2012 21:02:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://docs.google.com/feeds/upload/create-session/default/private/full?convert=false&upload_id=AEnB2UoaVeHUGhiIgKm9fL-WL_Fd1DdAAh7rdYDx6G6cseLwHgAMBfkdt42kf9YiKFJ8q9tiZ8vLVUb3Sr-KVUZi01m3vY6ZUw
pragma: no-cache
server: HTTP Upload Server Built on Jun 14 2012 02:12:09 (1339665129)
You can use simple upload to create an empty file, just replace your url with https://docs.google.com/feeds/default/private/full and uncomment the GData-Version header.
Another option (recommended) would be to use the files.insert method of the new Google Drive API instead.