[ERROR] Simple request_token PHP Script


#1

Hi, I know you’re going to hate me because I saw this problem all around here, but no one explained [clear] how to solve this.
I made the follow PHP File, it’s supposed to return the “request_token”, but it always give me 401 Unauthorized error.

date_default_timezone_set("UTC"); // Just in case.
$config = array
(
    "requestTokenURL" => "https://api.twitter.com/oauth/request_token",
    "requestTokenMethod" => "POST",
    "signatureMethod" => "HMAC-SHA1",
    "consumerKey" => "[COMPLETE HERE!]",
    "consumerSecret" => "[COMPLETE HERE!]",
    "oauth_callback" => "[COMPLETE HERE!]" // "http://example.com/callback.php"
);

$requestParameters = array
(
	"oauth_callback" => $config['oauth_callback'],
    "oauth_consumer_key" => $config['consumerKey'],
    "oauth_nonce" => md5(time()),
    "oauth_signature_method" => $config['signatureMethod'],
    "oauth_timestamp" => time(),
	"oauth_version" => "1.0"
);

$signatureParameters = array();
foreach ($requestParameters as $parameter => $value)
{
	$signatureParameters[] = rfc3986_encode($parameter) . '=' . rfc3986_encode($value);
}

$signatureParameters = rfc3986_encode(implode('&', $signatureParameters));

function rfc3986_encode($string)
{
	$result = rawurlencode($string);
	$result = str_replace('%7E', '~', $result);
	$result = str_replace('=', '%3D', $result);
	$result = str_replace('+', '%2B', $result);

	return $result;
}

$baseString = rfc3986_encode($config['requestTokenMethod'])
			 ."&".rfc3986_encode($config['requestTokenURL'])
			 ."&".$signatureParameters;
			 
$tokenSecret = ""; // This is blank because we will get the token.
$key = rfc3986_encode($config['consumerSecret']) ."&". rfc3986_encode($tokenSecret);

$signature = base64_encode(hash_hmac('sha1', $baseString, $key, true));
$RFC3986signature = rfc3986_encode($signature);


$authorizationHeader = 'Authorization: OAuth oauth_callback="'.rfc3986_encode($requestParameters['oauth_callback']).'",
							oauth_consumer_key="'.$requestParameters["oauth_consumer_key"].'",
							oauth_nonce="'.$requestParameters["oauth_nonce"].'",
							oauth_signature_method="'.$requestParameters["oauth_signature_method"].'",
							oauth_timestamp="'.$requestParameters["oauth_timestamp"].'",
							oauth_version="1.0",
							oauth_signature="'.$RFC3986signature.'"';

$ch = curl_init();
curl_setopt($ch, CURLOPT_USERAGENT, "myAgent");
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_POST, FALSE);
curl_setopt($ch, CURLOPT_HTTPHEADER, array($authorizationHeader, "Expect:"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_URL, $config['requestTokenURL']);
$result = curl_exec($ch);
$response_info=curl_getinfo($ch);
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);  
curl_close($ch);

// Some debug here..
$today = getdate();
echo "BASE STRING: " . $baseString . '<br /><br />';
echo "SIGNATURE: " . $signature . '<br /><br />';
echo "KEY: " . $key . '<br /><br />';
echo "AUTH HEADER: " . $authorizationHeader . '<br /><br />';
echo "DATE: " . print_r($today) . '<br /><br />';
echo "RESULT: " . $result . '<br /><br />';
echo "CODE: " . $httpcode . '<br /><br />';
echo "INFO: " . print_r($response_info) . '<br /><br />';

You can try it by yourself, I obviously omitted the tokens.
I can’t find the problem here D:
Can you give me some help please? I’ll appreciate this (:
[I promisse edit/post/REpost the final code working!]
Btw, I’m sorry for my english.