Could not authenticate you, code 32

fuleado · 2013-07-31T17:02:31.000Z

Please help me, what I’m doing wrong?

Endpoint: statuses/update.json

<?php date_default_timezone_set('UTC'); ?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>endpoint: statuses/update</title>
</head>

<body>
<?

$oauth_consumer_key = rawurlencode('CONSUMER_KEY'); //from https://dev.twitter.com/apps/MY_APP/oauth
$oauth_nonce = rawurlencode(md5(time()));

$oauth_signature_method = rawurlencode('HMAC-SHA1');
$oauth_timestamp = rawurlencode(time());

echo '<p>UTC: '. date('H:i:s', time()).'</p>';

$oauth_token = rawurlencode('ACCESS_TOKEN'); //from https://dev.twitter.com/apps/MY_APP/oauth
$oauth_version = rawurlencode('1.0');

$oauth_consumer_secret = rawurlencode('CONSUMER_SECRET'); //from https://dev.twitter.com/apps/MY_APP/oauth
$oauth_token_secret = rawurlencode('ACCESS_TOKEN_SECRET'); //from https://dev.twitter.com/apps/MY_APP/oauth

$http_method = 'POST';
$url = 'https://api.twitter.com/1.1/statuses/update.json';
$status = rawurlencode('helloworld');

//$parameter_str = 'include_entities=true&';
$parameter_str = 'oauth_consumer_key='.$oauth_consumer_key;
$parameter_str.= '&oauth_nonce='.$oauth_nonce;
$parameter_str.= '&oauth_signature_method='.$oauth_signature_method;
$parameter_str.= '&oauth_timestamp='.$oauth_timestamp;
$parameter_str.= '&oauth_token='.$oauth_token;
$parameter_str.= '&oauth_version='.$oauth_version;
$parameter_str.= '&status='.$status;

$base_str = $http_method;
$base_str.= '&';
$base_str.= rawurlencode($url);
$base_str.= '&';
$base_str.= rawurlencode($parameter_str);

$signing_key = $oauth_consumer_secret;
$signing_key.= '&';
$signing_key.= $oauth_token_secret;

$oauth_signature = rawurlencode(base64_encode(hash_hmac('sha1', $base_str, $signing_key, true)));

$header = 'Authorization: OAuth ';
$header.= 'oauth_consumer_key="'.$oauth_consumer_key;
$header.= '", oauth_nonce="'.$oauth_nonce;
$header.= '", oauth_signature="'.$oauth_signature;
$header.= '", oauth_signature_method="'.$oauth_signature_method;
$header.= '", oauth_timestamp="'.$oauth_timestamp;
$header.= '", oauth_token="'.$oauth_token;
$header.= '", oauth_version="'.$oauth_version.'"';

$header = array($header, 'Expect:', 'Content-Type: application/x-www-form-urlencoded');
$data = array('status'=>$status);

function send($url, $status, $header)
{
	$ch = curl_init();

	$f = fopen('request.txt', 'w');
	curl_setopt_array($ch, array(
	CURLOPT_URL            => $url,
	CURLOPT_RETURNTRANSFER => 1,
	CURLOPT_POST           => 1,
	CURLOPT_POSTFIELDS     => $data,
	CURLOPT_HTTPHEADER     => $header,
	CURLOPT_SSL_VERIFYPEER => 0,
	CURLOPT_VERBOSE        => 1,
	CURLOPT_STDERR         => $f));
	
	$response = curl_exec($ch);
    
	fclose($f);
	
	curl_close($ch);
	return $response;
}

echo '<p>response: ';
print_r(send($url, $status, $header));
echo '</p>';

echo '<p>Request / Response:</p>';
echo '<textarea name="textarea" id="textarea" cols="125" rows="34">';
include 'request.txt';
echo '</textarea>';

?>
</body>
</html>

But I’m still getting the message: Could not authenticate you, code 32

Thanks.

episod · 2013-08-02T15:16:42.000Z

From a first glance this looks close to being correct (though a bit inflexible should you want to use any other parameter than status).

Though it’s unrelated, you should be verifying SSL peers – you SSL usage is less secure without it.

Have you tried generating a similar request using the OAuth tool on this site, then working on your signature building algorithm until you can generate the same signature and authorization using the same values?

fuleado · 2013-08-03T06:16:00.000Z

Ok, I’m verifying SSL peers now.

I’ve tried the Oauth tool, that’s the way I build this algorithm (other sources consulted: https://dev.twitter.com/docs/auth/authorizing-request, https://dev.twitter.com/docs/auth/creating-signature, https://dev.twitter.com/docs/api/1.1/post/statuses/update).

I’ve double checked every line of code, obviously I’ve missed something…

Where do you start looking?

Thanks for your time.

episod · 2013-08-05T14:42:54.000Z

First take a look at the signature base string you’re generating for this request – what does it look like? Is it missing any data?

I recommend following these tips to debug: [node:204]

fuleado · 2013-08-05T17:21:47.000Z

This signature works with GET method + statuses/mentions_timeline endpoint.

I’m gonna check (again) your link. Thanks

fuleado · 2013-09-23T06:14:51.000Z

Can’t figure out where my mistake is? I checked again but I can’t see where’s the error.
I really need this feature but I can’t use a whole library.

Please help me.

ShanghaiTimes · 2013-09-23T08:05:22.000Z

It may depend on what library you are using, but I turned off the ServiceHost call, and it worked. Others have found also that if they urlEncode the calls to Twitter, it starts working. Specifically for this error code. Also, try just escaping things like , " ? >< and so on if you have them in the url.

MoreForumcom · 2014-02-19T02:21:24.000Z

i can get same values,But error: Could not authenticate you, code 32.
If there might be a problem oauth_token？
Please help me

MoreForumcom · 2014-02-19T02:25:00.000Z

base sting:
String bss;
bss = “POST” + “&”
+ URLEncoder.encode(“https://api.twitter.com/1/statuses/update.json”, “utf-8”) + “&”;
String bsss =“oauth_consumer_key=” + getTwAppid() +
"&oauth_nonce="+ set_nonce +
"&oauth_signature_method="+ “HMAC-SHA1” +
"&oauth_timestamp="+ oauth_timestamp +
"&oauth_token="+ “1669812324-tMJUZ0w5JTv2ZggLrx5pP10Dzd5oPJOTg9vwJHL” +
"&oauth_version=" + 1.0+
"&include_entities=true"+
"&status="+URLEncoder.encode(“Maybe%20he%27ll%20finally%20find%20his%20keys.%20%23peterfalk”,“UTF-8”);
bsss = HttpUtil.encodeURIComponent(bsss);

date:

params.put(“oauth_consumer_key”, getTwAppid());
params.put(“oauth_nonce”,set_nonce);
params.put(“oauth_signature”, URLEncoder.encode(oauth_signature, “UTF-8”));
params.put(“oauth_token”, “1669812324-tMJUZ0w5JTv2ZggLrx5pP10Dzd5oPJOTg9vwJHL”);
params.put(“oauth_signature_method”, “HMAC-SHA1”);
params.put(“oauth_timestamp”, oauth_timestamp);
params.put(“oauth_consumer secret”, getTwAppkey());
params.put(“oauth_version”, “1.0”);

fuleado · 2014-07-09T21:53:31.000Z

I’m not using any library.

sadiqtahir7 · 2014-07-09T22:59:10.000Z

ok iam hack i cant follow

sadiqtahir7 · 2014-07-09T23:00:47.000Z

32