Sending message events cause 401 error

DevelopmentZq · 2022-03-25T13:55:17.977Z

Hi there!

Can you please help us to understand why we receive error status 401 code 32 whenever we initialize POST direct_messages/events/new (message_create). Thanks.

gauloics · 2022-03-25T18:33:31.962Z

Have you set your permissions correctly? To use direct messaging endpoints you must set permissions for direct messages on the developer portal

DevelopmentZq · 2022-03-29T12:20:25.705Z

We’ll check. Thanks.

matteomosca · 2022-03-29T15:40:11.448Z

Same error here!

I’m correctly getting the OAuth token (with user context)
I set permissions to use direct messaging endpoints (see pic)
I’m generating a correct OAuth 1.1 header signature (I tested the algorithm to generate the signed header with other APIs that don’t require user context, and it works…)

Screenshot 2022-03-29 at 17.35.011088×482 37.4 KB

Any idea on why we get this error?

IgorBrigadir · 2022-03-29T16:58:29.903Z

was the access token reset after changing the permissions? (Access tokens keep their permissions)

matteomosca · 2022-03-29T19:32:17.195Z

Yes @IgorBrigadir, I regenerated the tokens multiple times after updating the permissions

Screenshot 2022-03-29 at 21.32.511578×242 28.9 KB

gauloics · 2022-03-29T19:50:49.135Z

Do you have more than one application? If so, make sure the application credentials are not confused with other applications.
Sometimes this small issue is missed from checking when we are working on some apps

matteomosca · 2022-03-29T20:00:27.826Z

Thanks, @gauloics. I have only one application!
With the same OAuth tokens I can post tweets on behalf of the user, but when it comes to sending a direct message I get 401 code 32…

gauloics · 2022-03-29T20:05:21.928Z

matteomosca:

With the same OAuth tokens I can post tweets on behalf of the user,

Just to make sure, Is the message you’re trying to attach a media or text message to?

matteomosca · 2022-03-29T20:05:52.009Z

@gauloics just a text message

gauloics · 2022-03-29T20:16:41.276Z

I tried and direct message endpoint no problem.
maybe you can give an example of the code you are using along with the error code

matteomosca · 2022-03-30T06:33:52.966Z

Thanks, @gauloics!
Maybe @DevelopmentZq can provide the snippet of code to facilitate the debug here?
(I’m using their plugin/library to get the token with user context)

DevelopmentZq · 2022-04-05T07:48:03.337Z

Hey there!

We did exactly as suggested, but no luck, still getting a 401 error. We use the “OAuth-1.0a” library to generate tokens, and “request” to send the request.

Here is the Snippet:

function(properties, context) {
const request = require(‘request’);
const OAuth = require(‘oauth-1.0a’);
const crypto = require(‘crypto’);
const consumer_public = context.keys.ConsumerPublic;
const consumer_secret = context.keys.ConsumerSecret;
// Initialize
const oauth = OAuth({
consumer: {
key: consumer_public,
secret: consumer_secret,
},
signature_method: ‘HMAC-SHA1’,
hash_function(base_string, key) {
return crypto
.createHmac(‘sha1’, key)
.update(base_string)
.digest(‘base64’)
},
})
let text = “Test message”;
let recipientID = “1196817277234089985”;
const dataString = {"event": {"type": "message_create", "message_create": {"target": { "recipient_id": "${recipientID}"},"message_data": {"text": "${text}"}}}};
const request_data = {
url: ‘https ://api.twitter.com/1.1/direct_messages/events/new.json’,
method: ‘POST’,
data: dataString
}
const token = {
key: properties.oauth,
secret: properties.oauth_secret,
}
let oauthData = oauth.authorize(request_data, token);
return context.async(function (cb) {
request(
{
url: request_data.url,
method: request_data.method,
headers: oauth.toHeader(oauthData),
json: request_data.data
},
(error, response, body) => {
// const cd = response.statusCode == 200;
const resobj = JSON.stringify(response);
if (!error) {
cb(undefined, {
“resobj”: resobj
})
} else {
cb(undefined, {
“error”: error
})
}
}
)
})
}

Here are our settings:

image1129×547 72.3 KB

gauloics · 2022-04-05T11:02:30.026Z

DevelopmentZq:

const request = require(‘request’);

i’m not sure if this is the case, but first step try to use a library other than request, since the request has been deprecated

Reference: request

gauloics · 2022-04-05T12:43:40.465Z

DevelopmentZq:

const token = {
key: properties.oauth,
secret: properties.oauth_secret,

This should be

key: "yourAccessToken",
secret: "yourAccessTokenSecret"

if you use token as another user(Not a developer account) you have to implement 3-legged OAuth flow To get access token and access token secret
CMIIW…

DevelopmentZq · 2022-04-05T13:06:49.460Z

The request library didn’t affect sending the request, unfortunately. What helped is the right parameters included in the header. Anyway thanks for the collaboration.

Have a great day!
ZQ Dev

gauloics · 2022-04-05T13:11:53.457Z

DevelopmentZq:

https ://api.twitter.com/1.1/direct_messages/events/new.json

when i copy paste this uri contains spaces after https, double check your code

matteomosca · 2022-04-06T16:10:47.402Z

ah yes @DevelopmentZq, that space could be the problem actually thanks @gauloics

DevelopmentZq · 2022-04-11T10:01:12.088Z

Hey, @gauloics!

gauloics:

when i copy paste this uri contains spaces after https, double check your code

Yes, we know this, and we specifically created this space to send a message through the forum. The fact is that your forum does not allow you to send messages with links

In our plugin, we obviously don’t make this space.

Returning to our problem, we provided the correct parameters in the header and the private messages were successfully sent, but this only happens with the old account created a year ago. The new accounts that were currently created cannot even be authorized. We don’t get the Authorization Token.

Can you please help to figure out what’s going wrong? Thanks.

gauloics · 2022-04-11T16:41:49.461Z

maybe you missed this

https://www.npmjs.com/package/request#oauth-signing