Twitter OAuth not working with custom script


#1

Hello,
I am trying to create an Add-on for XenForo and I am using Zend’s Client framework to make the calls instead of cURL.
When I try, I keep getting this error:
Could not authenticate with OAuth.
This is part of the code that deals with twitter:
class xenCODE_Socialize_Helper_Twitter
{
private static $url = ‘https://api.twitter.com/1/statuses/update.json’;
public static function tweet($message)
{
$options = XenForo_Application::get(‘options’);
try
{
$client = XenForo_Helper_Http::getClient(self::$url);
foreach(self::getParams($message) as $key => $value)
{
$client->setParameterPost($key, $value);
}
$client->setParameterPost(‘oauth_signature’, self::getSig($message));

        $response = $client->request('POST');
        return $response->getBody().self::getSig($message);
    }
    catch (Zend_Http_Client_Exception $e)
    {
        return false;
    }
}

private static function getSig($message)
{
    $options = XenForo_Application::get('options');
    $keyParts = array(
        $options->xenCODE_XS_TCS,
        $options->xenCODE_XS_TAS
    );
    $keyParts = self::urlencode_rfc3986($keyParts);
    $key = implode('&', $keyParts);
return self::urlencode_rfc3986(base64_encode(hash_hmac('sha1', self::getBaseString($message), $key, true)));
}

private static function getParams($message)
{
    $options = XenForo_Application::get('options');
    return array(
        'oauth_consumer_key' => $options->xenCODE_XS_TCK,
        'oauth_nonce' => md5(time().mt_rand()),
        'oauth_timestamp' => time(),
        'oauth_token' => $options->xenCODE_XS_TAT,
        'oauth_signature_method' => 'HMAC-SHA1',
        'oauth_version' => '1.0',
        'status' => $message
    );
}

public static function urlencode_rfc3986($input)
{
    if(is_array($input))
    {
        return array_map(array('xenCODE_Socialize_Helper_Twitter', 'urlencode_rfc3986'), $input);
    }elseif(is_scalar($input))
    {
        return str_replace(
            '+',
            ' ',
            str_replace('%7E', '~', rawurlencode($input))
        );
    }else{
        return '';
    }
}

private static function getBaseString($message)
{
    $parts = array(
        'POST',
        self::$url,
        self::buildQuery(self::getParams($message))
    );
    return self::urlencode_rfc3986(implode('&', $parts));
}

private static function buildQuery(array $input)
{
    $parts = array();
    foreach($input as $key => $value)
    {
        $parts[] = $key.'='.$value;
    }
    return implode('&', $parts);
}

}


#2

I’m not familiar enough with the framework you’re using to offer much in the way of material help with it – have you tried using the OAuth tool on this site to generate a similar command-line request with curl and then use the exact same values (keys, timestamps, and so on) within your own code until you can duplicate the signature. It is often useful to remove the connection cycle when debugging this kind of thing and get back to basics.


#3

Is there any kind of specific header(s) that needs to be sent?