search

jublo / codebird-php

Easy access to the Twitter REST API, Direct Messages API, Account Activity API, TON (Object Nest) API and Twitter Ads API — all from one PHP library.
https://www.jublo.net/projects/codebird/php
GNU General Public License v3.0
777 stars 235 forks source link

Twitter TON API - Multipart Invalid requests #175

Open Blackburn29 opened 8 years ago

Blackburn29 commented 8 years ago

I followed the README exactly as it explains sending off multi-part uploads to the TON API. However I am always getting a 403 error response with no error messages.

        $resp = $conn->__call(
            'ton/bucket/BUCKET?resumable=true',
            [[
                'bucket'               => 'ta_partner,
                'X-Ton-Content-Type'   => 'text/plain',
                'X-Ton-Content-Length' => 1023654789,
                'X-Ton-Expires'        => 'Sat, 31 Jun 2016 23:01:50 GMT',
                'Content-Length'       => 0,
                'Content-Type'         => 'text/plain',
            ]]
        );

However if I mock this EXACT call with twurl the operation is successful...

twurl -t -H ton.twitter.com /1.1/ton/bucket/ta_partner?resumable=true -X POST \
 -A "X-TON-Content-Type: text/plain" \
 -A "X-TON-Content-Length: 1023654789" \
 -A "X-TON-Expires: Sat, 31 Jun 2016 23:01:50 GMT"\
 -A "Content-Length: 0" \
 -A "Content-Type: text/plain"

the request is successful.

Any ideas here?

kojoduncan commented 8 years ago

Did you find a solution to this problem?

On Thu, Jun 30, 2016 at 8:02 PM, Blake LaFleur notifications@github.com wrote:

I followed the README exactly as it explains sending off multi-part uploads to the TON API. However I am always getting a 403 error response with no error messages.

    $resp = $conn->__call(            'ton/bucket/BUCKET?resumable=true',            [[                'bucket'               => 'ta_partner,                'X-Ton-Content-Type'   => 'text/plain',                'X-Ton-Content-Length' => 1023654789,                'X-Ton-Expires'        => 'Sat, 31 Jun 2016 23:01:50 GMT',                'Content-Length'       => 0,                'Content-Type'         => 'text/plain',            ]]        );

However if I mock this EXACT call with twurl the operation is successful...

twurl -t -H ton.twitter.com /1.1/ton/bucket/ta_partner?resumable=true -X POST \ -A "X-TON-Content-Type: text/plain" \ -A "X-TON-Content-Length: 1023654789" \ -A "X-TON-Expires: Sat, 31 Jun 2016 23:01:50 GMT"\ -A "Content-Length: 0" \ -A "Content-Type: text/plain"

the request is successful.

Any ideas here?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/jublonet/codebird-php/issues/175, or mute the thread https://github.com/notifications/unsubscribe/ACDXVQ-vtDQaEWApj8hMuPJ5ddFjat0Vks5qRFkogaJpZM4JCtAQ .

Blackburn29 commented 8 years ago

Yes I did. I ended up writing my own TA SDK https://github.com/AgencyPMG/TwitterAds-PHP

The issue here is that oauth_body_signature is missing from the requests, but is required by Twitter. (Undocumented)

kojoduncan commented 8 years ago

Omg. You're an angel. Thank you for sharing.

On Wed, Jul 20, 2016 at 7:23 PM, Blake LaFleur notifications@github.com wrote:

Yes I did. I ended up writing my own TA SDK https://github.com/AgencyPMG/TwitterAds-PHP

The issue here is that oauth_body_signature is missing from the requests, but is required by Twitter. (Undocumented)

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/jublonet/codebird-php/issues/175#issuecomment-234113967, or mute the thread https://github.com/notifications/unsubscribe-auth/ACDXVUxSqHFHaiHtwCwQiYPqZhA_uN9Jks5qXq4BgaJpZM4JCtAQ .

mynetx commented 8 years ago

@Blackburn29 I will take a look at your library.

mynetx commented 8 years ago

@Blackburn29 In your code base, I can't seem to find oauth_body_signature?

Blackburn29 commented 8 years ago

I used the Guzzle O-Auth Subscriber middleware to handle this for me.

mynetx commented 8 years ago

Can you tell me details of what I'd need to amend in Codebird to fix it?

Blackburn29 commented 8 years ago

Refer to this discussion between Hector, Myself, and some of the Twitter devs and what we did to resolve the issue.

https://twittercommunity.com/t/uploading-data-to-ton-api-fails-using-php-curl/69758/20

That will give you a better understanding of what is wrong. If you still need help, ping me.

mynetx commented 8 years ago

From what I read, a body signature is missing. I just need to know how to calculate it.

Blackburn29 commented 8 years ago

It's just a base64 encoded SHA1 hash of the body content.

Here is a method that Hector used.

https://github.com/hborras/twitter-php-ads-sdk/blob/master/src/Request.php#L58-L64

However I cant guarantee its success since I havent tested his code :(

mynetx commented 8 years ago

So it's a way to include the raw body into the signature, since raw bodies don't contain any parameters that could be sorted for the OAuth signature base string. So instead, we use the hash and include it as part of the OAuth headers that are signed.