Removed curl_setopt($curl, CURLOPT_POST, 1); and it worked. Yay! http://drippic.com will be oAuth echo compatible within the next 24 hours.
On Jun 21, 8:24 pm, Tim Millwood <t...@millwoodonline.co.uk> wrote: > curl_setopt($link, CURLOPT_SSL_VERIFYPEER, FALSE); This worked! > > Now I get the error "Failed to open\/read local data from file\/ > application". > > On Jun 21, 8:20 pm, themattharris <thematthar...@twitter.com> wrote: > > > > > Hi Tim, > > > That error you are getting is often thrown when curl tries to verify > > the remote host. You can bypass this check in PHP using: > > curl_setopt($link, CURLOPT_SSL_VERIFYPEER, FALSE); > > BUT this isn't ideal as it only hides the problem on your server. > > > Instead, what you need to do is check the permissions on your server > > in the certificates folder. Reading the error message you get it > > implies your certificate folder is: > > /etc/ssl/certs/ca-certificates.crt > > > We can't help specifically on how to do this for your environment but > > your hosting provider should be able to help you. > > > Hope that helps, > > Matt > > > On Jun 21, 11:59 am, Taylor Singletary <taylorsinglet...@twitter.com> > > wrote: > > > > Hi Tim, > > > > That sounds like your machine might be having some issues connecting via > > > SSL. Are you able to use Curl for any other SSL-based sites? > > > > Taylor > > > > On Mon, Jun 21, 2010 at 11:57 AM, Tim Millwood > > > <t...@millwoodonline.co.uk>wrote: > > > > > Tried using Curl instead of drupal_http_request and got the following > > > > error. > > > > > "error setting certificate verify locations:\n CAfile: \/etc\/ssl\/ > > > > certs\/ca-certificates.crt\n CApath: none\n" > > > > > Not sure what that means > > > > > On Jun 21, 4:40 pm, Tim Millwood <t...@millwoodonline.co.uk> wrote: > > > > > I have a test air app that posts to Twitpic perfectly fine using oAuth > > > > > Echo, if I change the URL to my web app I get 401. > > > > > > Here are the headers I am passing to twitter to verify credentials. Am > > > > > I missing some? > > > > > > [HTTP_X_AUTH_SERVICE_PROVIDER] => > > > >https://api.twitter.com/1/account/verify_credentials.json > > > > > > [Authorization] => OAuth > > > > > realm="twitter",oauth_consumer_key="t94eBtc4Pz2zqo4KhABseQ",oauth_token="62 > > > > 66632- > > > > > e0NRaGReqpzR84Floyg565BMJbBH4lYMxsJD9LNZY",oauth_version="1.0",oauth_timest > > > > amp="1276986312",oauth_nonce="KhWw0N",oauth_signature_method="HMAC- > > > > > SHA1",oauth_signature="ubKN3OQy8xC5Sdkn%2BD%2Bcq9c1ywY%3D" > > > > > > Tim > > > > > > On Jun 21, 4:28 pm, Taylor Singletary <taylorsinglet...@twitter.com> > > > > > wrote: > > > > > > > Awesome. There's much untapped potential in OAuth Echo beyond just > > > > > > the > > > > > > TwitPic, yFrog, etc. use cases. > > > > > > > This is an area where you're going to have to be very exacting. Have > > > > you > > > > > > confirmed that the request you are building would actually execute > > > > against > > > > > > Twitter correctly before you've sent it through your process? As in, > > > > have > > > > > > you verified that the HTTP Authorization header you've created will > > > > work > > > > > > against the end point before you've stuffed it into some other > > > > > > header, > > > > > > processed the request, etc. > > > > > > > Can you share the authorization header you are using and how you've > > > > defined > > > > > > the OAuth Echo headers? Your signature base string for the same? > > > > > > > Taylor > > > > > > > On Mon, Jun 21, 2010 at 8:06 AM, Tim Millwood < > > > > t...@millwoodonline.co.uk>wrote: > > > > > > > > I am trying to do something else. > > > > > > > > I am not trying post to twitpic, I am trying to post to my own web > > > > app > > > > > > > (similar to twitpic). > > > > > > > > I am getting the HTTP_X_AUTH_SERVICE_PROVIDER and > > > > > > > HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION headers from the test app, > > > > > > > then my web app is renaming the > > > > > > > HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION header to Authorization > > > > > > > and > > > > > > > POSTing both to the URL in HTTP_X_AUTH_SERVICE_PROVIDER. > > > > > > > This returns the 401 error. > > > > > > > > On Jun 21, 3:11 pm, Taylor Singletary > > > > > > > <taylorsinglet...@twitter.com> > > > > > > > wrote: > > > > > > > > Hi Tim, > > > > > > > > > The call specified in your HTTP_X_* headers is for the OAuth > > > > > > > > Echo > > > > > > > provider > > > > > > > > to execute against the API. Since they execute the call, it > > > > invalidates > > > > > > > the > > > > > > > > oauth_nonce you provided. Really, it's a different API call that > > > > your > > > > > > > > application should be executing following an OAuth Echo > > > > transaction.. > > > > > > > > > 1. You've got something to post with TwitPic > > > > > > > > 2. You setup a mock request to Twitter to verify credentials so > > > > that > > > > > > > TwitPic > > > > > > > > can identify your user with Twitter > > > > > > > > 3. You send that mock request in HTTP_X_* headers to Twitpic, > > > > > > > > along > > > > with > > > > > > > > your API request to Twitpic with the image > > > > > > > > 4. TwitPic executes the Twitter API call specified in the > > > > > > > > HTTP_X_* > > > > > > > headers, > > > > > > > > verifying the user > > > > > > > > 5. On success, TwitPic sends you in its response information > > > > > > > > about > > > > the > > > > > > > media > > > > > > > > you just uploaded on behalf of your user > > > > > > > > 6. You take that response and append it to a tweet, or whatever > > > > other API > > > > > > > > operation you're doing, and send a brand new request to Twitter > > > > > > > > > Is this the flow you're following or are you trying to do > > > > > > > > something > > > > else? > > > > > > > > > Taylor > > > > > > > > > On Sat, Jun 19, 2010 at 12:40 PM, Tim Millwood < > > > > > > > t...@millwoodonline.co.uk>wrote: > > > > > > > > > > So... I now have a test app which is sending oAuth Echo > > > > > > > > > request > > > > > > > > > successfully to Twitpic. > > > > > > > > > > If I change the URL to my web app I get a 401 error back from > > > > Twitter, > > > > > > > > > so there is something I am doing wrong. > > > > > > > > > > I am getting the HTTP_X_AUTH_SERVICE_PROVIDER and > > > > > > > > > HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION headers from the test > > > > app, > > > > > > > > > then my web app is renaming the > > > > > > > > > HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION header to > > > > > > > > > Authorization > > > > and > > > > > > > > > POSTing both to the URL in HTTP_X_AUTH_SERVICE_PROVIDER. > > > > > > > > > > This returns the 401 error. > > > > > > > > > > On Jun 17, 2:44 pm, Taylor Singletary < > > > > taylorsinglet...@twitter.com> > > > > > > > > > wrote: > > > > > > > > > > Hi Tim, > > > > > > > > > > > I'm not familiar with the Drupal OAuth module, but can help > > > > > > > > > > you > > > > a > > > > > > > little > > > > > > > > > > bit. > > > > > > > > > > > Hopefully that module is a bit flexible in the different > > > > approaches > > > > > > > you > > > > > > > > > can > > > > > > > > > > use to perform OAuth with it. Essentially, you need to > > > > > > > > > > build a > > > > "mock > > > > > > > > > > request" that you won't actually execute against an > > > > > > > > > > endpoint at > > > > > > > Twitter > > > > > > > > > > using your credentials. The canon for OAuth Echo right now > > > > > > > > > > is > > > > to > > > > > > > build a > > > > > > > > > GET > > > > > > > > > > request tohttp:// > > > > > > > api.twitter.com/1/account/verify_credentials.json--but > > > > > > > > > > essentially, you can use any resource you want (and the > > > > > > > > > > OAuth > > > > Echo > > > > > > > proxy > > > > > > > > > > provider could do something with the response in conjunction > > > > with > > > > > > > your > > > > > > > > > > request -- TwitPic, yFrog, etc. are only just one > > > > > > > > > > possibility > > > > of the > > > > > > > > > things > > > > > > > > > > you can do with OAuth Echo. > > > > > > > > > > > I edited up a good example in simple PHP of using OAuth Echo > > > > against > > > > > > > > > TwitPic > > > > > > > > > > the other day:http://pastie.org/pastes/1005387 > > > > > > > > > > > Taylor > > > > > > > > > > > On Thu, Jun 17, 2010 at 1:40 AM, Tim Millwood < > > > > > > > t...@millwoodonline.co.uk > > > > > > > > > >wrote: > > > > > > > > > > > > I'm trying to get oAuth Echo working > > > > > > > > > > > withhttp://drippic.com > > > > > > > > > > > > My API url > > > > > > > > > > > ishttp://drippic.com/drippic2/uploadifyouwanttogive > > > > > > > > > > > it a try. > > > > > > > > > > > > Here is my code. > > > > > > > > > > > $sp = $_SERVER['HTTP_X_AUTH_SERVICE_PROVIDER']; > > > > > > > > > > > $auth_cred = > > > > $_SERVER['HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION']; > > > > > > > > > > > $response = drupal_http_request($sp, > > > > > > > > > > > array('HTTP_X_AUTH_SERVICE_PROVIDER'=>$sp,'Authorization'=> > > > > > > > > > > > $auth_cred),'POST'); > > > > > watchdog('drippic','</pre>'.print_r($response,true).'</pre>'); > > > > > > > > > > > print(json_encode($response)); > > > > > > > > > > > > I'm not sure what I need to send it, I copied Twitpic's > > > > example and > > > > > > > > > > > used this in terminal > > > > > > > > > > > curl -v -H 'X-Auth-Service-Provider: > > > > > > > > > > >https://api.twitter.com/1/account/verify_credentials.json' > > > > > > > > > > > -H 'X-Verify-Credentials-Authorization: OAuth > > > > > > > > > > > realm="http:// > > > > > > > > > > > api.twitter.com/", > > > > oauth_consumer_key="GDdmIQH6jhtmLUypg82g", > > > > > > > > > > > oauth_signature_method="HMAC-SHA1", oauth_token="819797- > > > > > > > > > > > Jxq8aYUDRmykzVKrgoLhXSq67TEa5ruc4GJC2rWimw", > > > > > > > > > > > oauth_timestamp="1272325550", > > > > > > > > > > > oauth_nonce="oElnnMTQIZvqvlfXM56aBLAf5noGD0AQR3Fmi7Q6Y", > > > > > > > > > > > oauth_version="1.0", > > > > > > > oauth_signature="U1obTfE7Rs9J1kafTGwufLJdspo%3D"' > > > > > > > > > > >http://drippic.com/drippic2/upload > > > > > > > > > > > > It returns 401, guess it's because the details are wrong, > > > > > > > > > > > and > > > > not > > > > > > > sure > > > > > > > > > > > what I should use. > > > > > > > > > > > > Can anyone help? > > > > > > > > > > > > (don't really know enough about oAuth, oAuth on the site > > > > > > > > > > > is > > > > all > > > > > > > > > > > managed by the Drupal oAuth module)
