I’m working on a simple library for work purposes that allows me to post tweets on behalf of users. This codebase is written in Google Dart, so there are no existing libraries to use.
I’ve written a bunch of code that successfully authorizes via Twitter. I followed this guide: https://dev.twitter.com/docs/auth/implementing-sign-twitter with the exception of making a request to “authorize”, not “authentication”. Twitter successfully responds back to me, giving me callback confirmed as true and token + secret. I then redirect the user to Twitter where he accepts the authorization. Then the user is thrown to my site (the callback), and I retrieve access token+secret using the /oauth/access_token. I use these access token+secret for further API requests on behalf of the user.
Now with this access token+secret, I can successfully request e.g. /account/verify_credentials.json but I can’t still post to /statuses/update.json, because I get this {“errors”:[{“message”:“Could not authenticate you”,“code”:32}]}
What’s worse is that even when I place those access token+secret (and consumer codes) to Twitter’s own OAuth Tool page, and I use the data the tool gave me to make a request, I still get this “Could not authenticate you”. And in fact, my app seems to generate exactly the same parameter strings and auth headers.
On my app’s settings, I have “Access” set to " Read and Write" and callback URL is wrong because I read it doesn’t matter(?). I have checked “Allow to be used for signin”.
I tried to revoke access from the user’s control panel for my app, and I let my app re-request access, but the issue still remains.
What kind of issue may I be experiencing here?
