Getting 401 on Twitter OAuth POST requests
Solution 1
Make sure your app access type is read & write. On your app settings page (ex. http://twitter.com/apps/edit/12345) there's a radio button field like this:
Default Access type: Read & Write / Read-only
If you check 'Read-only' then status update API will return 401.
Solution 2
I second the answer by Jrgns. I has exactly the same issue. When reading the example Twitter provides, it's actually clear. However their pseudo code is misleading. In Python this worked for me :
def encodekeyval(key, val):
key = urllib.quote(key, '')
val = urllib.quote(val, '')
return urllib.quote(key + '=' + val, '')
def signature_base_string(urlstr, oauthdata):
sigstr = 'POST&' + urllib.quote(urlstr,'') + '&'
# retrieve "post" data as dictionary of name value pairs
pdata = oauthdata.getpdata()
# need to sort parameters
pstr = '%26'.join([encodekeyval(key, pdata[key]) for key in sorted(pdata.keys())])
return sigstr + pstr
Solution 3
I had the same issues, until I realised that the parameters need to be encoded twice for the base string. My GET requests all worked fine, but my POSTs, particularly status updates, failed. On a hunch I tried a POST without spaces in the status
parameter, and it worked.
In PHP:
function encode($input) {
return str_replace('+', ' ', str_replace('%7E', '~', rawurlencode($input)));
}
$query = array();
foreach($parameters as $name => $value) {
$query[] = encode($name) . '=' .encode($value);
}
$base = encode(strtoupper($method)) . '&' .encode($norm_url) . '&' .
encode(implode('&', $query));
Notice the encode
function around the names and values of the parameters, and then around the whole query string. A Space should end up as %2520
, not just %20
.
Related videos on Youtube
Baishampayan Ghose
Humble Jedi Master from the Galactic Programmers' Empire. Co-founder/CTO @ Helpshift Blog: freegeek.in/blog Code: github.com/ghoseb Twitter: twitter.com/ghoseb Flickr: flickr.com/photos/ghoseb Work: Helpshift
Updated on June 04, 2022Comments
-
Baishampayan Ghose almost 2 years
I am trying to use Twitter OAuth and my
POST
requests are failing with a401
(Invalid OAuth Request
) error.For example, if I want to post a new status update, I am sending a HTTP
POST
request tohttps://twitter.com/statuses/update.json
with the following parameters -status=Testing&oauth_version=1.0&oauth_token=xxx& oauth_nonce=xxx&oauth_timestamp=xxx&oauth_signature=xxx& oauth_consumer_key=xxx&in_reply_to=xxx&oauth_signature_method=HMAC-SHA1`
My
GET
requests are all working fine. I can see on the mailing lists that a lot of people have had identical problems but I could not find a solution anywhere.I am using the
oauth.py
Python library.-
Jeff Standen almost 13 yearsI had the same issue and it turned out that the 'Callback URL' section of my app's configuration on Twitter was blanked out somehow. When it's empty it goes into desktop mode and blocks the ability to use dynamic callbacks. You can put any placeholder text in the setting you want, as long as it's not blank.
-
-
selfawaresoup about 14 yearsMaybe this just saved my day. I'm having the exact same problem, only in JavaScript. GET works, POST not so much ...