Twitter keeps giving me a 401! Please help

niomaster · 2012-09-04T16:16:30.000Z

I’m trying to authorizing a request POSTing to /oauth/request_token, but I can’t get it to work. I’ve tried it with the example values and it generated the correct signature. I’ve been staring at it for hours and hours now. What am I doing wrong?

<?php
	//Calculate the final authorization http header for the token request
	$consumer_key_secret = '(omitted)';
	$token_secret = '(omitted)';

	$params['oauth_callback'] = '(omitted)';
	$params['oauth_consumer_key'] = '(omitted)';
	$params['oauth_nonce'] = md5(microtime() . '');
	$params['oauth_signature_method'] = 'HMAC-SHA1';
	$params['oauth_timestamp'] = time();
	$params['oauth_version'] = '1.0';

	$base_url = 'http://api.twitter.com/oauth/request_token';
	$base_method = 'POST';
	
	$parameters = array();
	foreach($params as $key => $value)
	{ 
		$parameters[] = rawurlencode($key) . '=' . rawurlencode($value);
	}
	
	$parameter_string = implode('&', $parameters);
	
	$base_string = $base_method	. '&' . rawurlencode($base_url) . '&' . rawurlencode($parameter_string);
	$signing_key = rawurlencode($consumer_key_secret) . '&' . rawurlencode($token_secret);
	
	$params['oauth_signature'] = base64_encode(hash_hmac('sha1', $base_string, $signing_key, true));
	
	$authParameters = array();
	foreach($params as $parameter => $value)
	{
	    if(substr($parameter, 0, 5) != 'oauth')
	        continue;
	    $authParameters[] = rawurlencode($parameter) . '="' . rawurlencode($value) . '"';
	}
	
	$authorization = 'OAuth ' . implode(', ', $authParameters);
	
	//Retrieve the token
	$request = curl_init($base_url);
	curl_setopt($request, CURLOPT_CUSTOMREQUEST, 'POST');
	curl_setopt($request, CURLOPT_VERBOSE, 1);
	curl_setopt($request, CURLOPT_HEADER, true);
	curl_setopt($request, CURLOPT_HTTPHEADER, array('User-Agent: (omitted)', 'Accept: */*', 
		'Authorization: ' . $authorization));
	curl_setopt($request, CURLOPT_RETURNTRANSFER, 1);
	
	$output = curl_exec($request);
	echo($output . '<br />');
    var_dump(curl_getinfo($request));
	curl_close($request);
?>