Application-only authentication oauth2/token endpoint returning 500


#1

I’m trying to get a bearer token, but am getting a 500 error. Below is the request; can you see what I’m doing wrong?
_request => bless({
_content => “grant_type=client_credentials”,
_headers => bless({
“authorization” => “Basic [credential created per https://dev.twitter.com/docs/auth/application-only-auth]”,
“content-type” => “application/x-www-form-urlencoded;charset=UTF-8”,
“user-agent” => “bfi”,
}, “HTTP::Headers”),
_method => “POST”,
_uri => bless(do{(my $o = “https://api.twitter.com/oauth2/token”)}, “URI::https”),
_uri_canonical => ‘fix’,
}, “HTTP::Request”),


#2

Same thing here, in a .NET application. Also, when mimicking the request using SOAPUI, the same error. The response body isn’t off much help either (Something is technically wrong.Thanks for noticing…)
@marcoslinde: did you manage to solve this issue? Thanks.


#3

even I am getting the same error…I ma using java :frowning:
I am getting 500 Internal Server Error: Forbidden


#4

In perl I fixed it by specifying no delimiter when encoding the key and secret (the empty string argument below); not sure what the equivalent in other languages would be:
my $credentials = encode_base64( join( ‘:’, map { uri_escape($_) } @terms ), “” );


#5

Sorry, should have said I specified an empty char as the end-of-line sequence. Not sure what the default for that in other languages is; here’s info on Perl’s implementation if that helps: http://perldoc.perl.org/MIME/Base64.html


#6

same here using c#, I also tried with what marcoslinde suggested (Base64FormattingOptions.None and Base64FormattingOptions.InsertLineBreaks) same issue!


#7

I solved my problem in c# (I was using Convert.ToBase64String(Encoding.Unicode.GetBytes instead of Convert.ToBase64String(Encoding.ASCII.GetBytes ).
If you use another language then just make sure that base64encoding this xvz1evFS4wEEPTGEFPHBog:L8qq9PZyRg6ieKGEKhZolGC0vJWLw8iEJ88DRdyOg generate this eHZ6MWV2RlM0d0VFUFRHRUZQSEJvZzpMOHFxOVBaeVJnNmllS0dFS2hab2xHQzB2SldMdzhpRUo4OERSZHlPZw==
(https://dev.twitter.com/docs/auth/application-only-auth)