POST /oauth/request_token from OAuth Tool Returns HTTP 401


#1

I created a test app and I tried to test the POST /oauth/request_token call using the OAuth Tool to generate a valid request. I copied the curl command generated on the page

https://dev.twitter.com/oauth/tools/signature-generator/<app_id>

and run it on Mac terminal. I got HTP/1.1 401 Authorization Required error.

I’ve seen other forum post having the same issue but not yet resolved.

Can someone from Twitter please help us check?


Also, I notice that in the curl command generated, oauth_callback is present in the signature base string but missing in the authorization header.


#2

I managed to resolve the two issues mentioned.


The HTTP client (twitter gem on Ruby) is using Faraday library which automatically set the Content-Type of the HTTP POST request to application/x-www-form-urlencoded. The Content-Type needs to be set to empty string (not nil) explicitly.


On the “Test OAuth” page, you need to clear both the Access Token and Access Token Secret fields in order to generate a correct oauth signature.