OAuth Request Token not working


#1

I’m trying to request a token now i’m using a Custom Framework on a PHP server to generate these i dont have CURL so i’m using Sockets and a my own Methods to build the Signature and other stuff.

Signature Base String:
HEAD&https%3A%2F%2Fapi.twitter.com%2Foauth%2Frequest_token&oauth_nonce%3D0639a435cad9b5675b590bb6a291d2cf9cb2306d%26oauth_callback%3Dhttp%3A%2F%2Fbeacon.martin.650h.co.uk%2Foauth%2Fdefault%2Fcallback%2FTwitter%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1373383633%26oauth_consumer_key%3DXBrRLqwWeF8nfki0hqVTIA%26oauth_version%3D1.0

Data sent though Socket:
POST /oauth/request_token HTTP/1.1
Host: api.twitter.com
Content-Type: application/x-www-form-urlencoded
Authorization: OAuth oauth_nonce=“0639a435cad9b5675b590bb6a291d2cf9cb2306d”, oauth_callback=“http://beacon.martin.650h.co.uk/oauth/default/callback/Twitter”, oauth_signature_method=“HMAC-SHA1”, oauth_timestamp=“1373383633”, oauth_consumer_key=“XBrRLqwWeF8nfki0hqVTIA”, oauth_version=“1.0”, oauth_signature="61cbed08e880859aade85282544340299b77b3e9"
Connection: Close

Raw Data Response:
HTTP/1.1 401 Unauthorized
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 44
content-type: text/html; charset=utf-8
date: Tue, 09 Jul 2013 15:26:32 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Tue, 09 Jul 2013 15:26:32 GMT
pragma: no-cache
server: tfe
set-cookie: _twitter_sess=BAh7CCIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo%250ASGFzaHsABjoKQHVzZWR7ADoHaWQiJTJjMzlhZmQ5OTVkNDhlYmUxNWE5YWM4%250ANTg3ZTBmMWJhOg9jcmVhdGVkX2F0bCsIw4gKxD8B–da48b21f91fd29d41ad0ad6dc14f3e3144bdf1d9; domain=.twitter.com; path=/; HttpOnly
set-cookie: guest_id=v1%3A137338359202592186; Domain=.twitter.com; Path=/; Expires=Thu, 09-Jul-2015 15:26:32 UTC
status: 401 Unauthorized
strict-transport-security: max-age=631138519
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-mid: 979afa41abe3191f4ff5f6ae7695f2b650737f5d
x-runtime: 0.01142
x-transaction: af03e8cd177cbde6
x-ua-compatible: IE=10,chrome=1
x-xss-protection: 1; mode=block
Connection: close

Failed to validate oauth signature and token

Generate Request

        $time = time();
        $nonce = sha1($time);
        $headers = array(
            "Authorization" => 'OAuth oauth_nonce="'.$nonce.'", oauth_callback="http://'.$_SERVER['SERVER_NAME'].'/oauth/default/callback/Twitter", oauth_signature_method="HMAC-SHA1", oauth_timestamp="'.$time.'", oauth_consumer_key="'.$this->getSettingValue("oauth_consumer_key").'", oauth_version="1.0"'    
        );
        $this->generateOAuthSig(
            "HEAD",
            true, 
            "api.twitter.com", 
            "oauth/request_token", 
            $headers['Authorization'],
            $this->getSettingValue("oauth_consumer_secret"),
            $this->getSettingValue("oauth_token_secret"),
            true
        );
        $this->request->method("POST")
                      ->port(443)
                      ->url("api.twitter.com", "oauth/request_token")
                      ->addHeaders($headers)
                      //->data($payload)
                      ->enableSSL()
                      ->showDataSent()
                      ->execute();
       
        $response = $this->request->getResponse();
        if($this->debug){
            echo "Raw Data Response:\r\n";
            echo $response->getRaw();
        }
        return $response;

generateOAuthSig

protected function generateOAuthSig($method, $ssl, $host, $path, &$authHeader, $consumer_secret, $token_secret, $show = false){
        $url = ($ssl)? 
                    $this->oauthEscape("https://".ltrim($host, '/').'/'.rtrim($path, '/')).'&' 
                :
                    $this->oauthEscape("http://".ltrim($host, '/').'/'.rtrim($path, '/')).'&';
        
        $header = str_replace(array("OAuth ", '"', ','), "", $authHeader);
        $header = str_replace(" ", "&", $header);
        
        $out = $method."&".$url.$this->oauthEscape($header);
        if($show){
            echo "Signature Base String:\r\n";
            echo $out."\r\n\r\n";
        }
        $signature = \hash_hmac('sha1', $out, $consumer_secret."&".$token_secret);
        $authHeader .= ', oauth_signature="'.$signature.'"';
    }

And getResponse just returns an object that handle all the response be it,

getRaw() - returns the raw resonse
getHeader($name) get a specific Header
getHeaders() - gets all headers
getBody() - return the body