I am using django-rest-framework-social-oauth2 (which uses django-oauth-toolkit and python-social-auth) and I can convert a Token on Facebook using the command:
curl -H “Authorization: Bearer facebook XXXX1ytxqju8BALCzmm7jmjYdPWZBOWYWV7358ZAHEnduDi8epMkvaMyzM8cB83uTKsLWVnS84hzuAgzQ2D1CVXBxjBh0u0BD4ZAF9pGxhMBnA9E97DYfOkx5VKlBFqtQT81fpJk7nZClAOxGwq1XlS12ZCVD70Tvi0B7LhMxuZCZCMzIwwxy4NWwONzQaPUZBgGNG5g5Od6ZAuWGP68jprjPm” http://localhost:8000/auth/convert-token
Which returns:
{“token_type”:“Bearer”,“expires_in”:86399,“refresh_token”:“XXXXDq5kkHXZoBgTIPLNs
Kymc2z9XN”,“access_token”:“XXXXZfZByQVSJVjanx9TBCRQqqBOPQ”,“scope”:“read write”}
When I try the same thing on Twitter I run into a problem:
curl -H “Authorization: Bearer twitter 999978065-xxxxi7HcBibp4pEDV1ISTAJkZIgeAb6GIIfLJs66” http://localhost:8000/auth/convert-token
Which returns:
{“detail”:"{“errors”:[{“message”:“Your credentials do not allow access to this resource”,“code”:220}]}"}
For the Twitter request I am using the “Access Token” under “Your Access Token” on the page for my Twitter application (https://apps.twitter.com/app/…)
I am not using “Access Token Secret”, should I? If so how?
I have set SOCIAL_AUTH_TWITTER_KEY and SOCIAL_AUTH_TWITTER_SECRET in settings.py. Also:
SOCIAL_AUTH_TWITTER_SCOPE = [‘email’]
(I have changed the tokens on this question to protect my privacy.)
