Problem converting token with curl / Django

python

#1

I am using django-rest-framework-social-oauth2 (which uses django-oauth-toolkit and python-social-auth) and I can convert a Token on Facebook using the command:
curl -H “Authorization: Bearer facebook XXXX1ytxqju8BALCzmm7jmjYdPWZBOWYWV7358ZAHEnduDi8epMkvaMyzM8cB83uTKsLWVnS84hzuAgzQ2D1CVXBxjBh0u0BD4ZAF9pGxhMBnA9E97DYfOkx5VKlBFqtQT81fpJk7nZClAOxGwq1XlS12ZCVD70Tvi0B7LhMxuZCZCMzIwwxy4NWwONzQaPUZBgGNG5g5Od6ZAuWGP68jprjPm” http://localhost:8000/auth/convert-token
Which returns:
{“token_type”:“Bearer”,“expires_in”:86399,“refresh_token”:“XXXXDq5kkHXZoBgTIPLNs
Kymc2z9XN”,“access_token”:“XXXXZfZByQVSJVjanx9TBCRQqqBOPQ”,“scope”:“read write”}

When I try the same thing on Twitter I run into a problem:
curl -H “Authorization: Bearer twitter 999978065-xxxxi7HcBibp4pEDV1ISTAJkZIgeAb6GIIfLJs66” http://localhost:8000/auth/convert-token
Which returns:
{“detail”:"{“errors”:[{“message”:“Your credentials do not allow access to this resource”,“code”:220}]}"}

For the Twitter request I am using the “Access Token” under “Your Access Token” on the page for my Twitter application (https://apps.twitter.com/app/…)
I am not using “Access Token Secret”, should I? If so how?

I have set SOCIAL_AUTH_TWITTER_KEY and SOCIAL_AUTH_TWITTER_SECRET in settings.py. Also:
SOCIAL_AUTH_TWITTER_SCOPE = [‘email’]

(I have changed the tokens on this question to protect my privacy.)


#2

I had a similar problem when trying to authenticate with Twitter, and I
solved the issue combining the two tokens in the following way:

curl -H “Authorization: Bearer twitter oauth_token=AbCDe12345&oauth_token_secret=FghIJLl6789mnOPqRSTuvw” http://mysite.com/auth/social/convert-token