开发者

Error getting twitter request token using OAuth and PEAR Services_Twitter

I am moving from the basic authentication method using username and password to the OAuth based authentication.

I was using an old version of the pear package Services_Twitter, that did not support OAuth. The latest version of this package supports OAuth authentications, it has a few dependencies (HTTP_Request2, HTTP_OAuth).

It was very simple to install them and upgrade the package. I did all this my local machine and had no trouble getting the authentication up and running.开发者_运维问答

I committed this code to the test site, but every time the code request a "request token" I get the following error message "Unable to connect to ssl://api.twitter.com:443. Error #0"

I have spend 6 hours making sure that all the pear packages where up to date, checking the customer token and token secret, making sure port 443 is not closed... in addition to various other test.

I have exhausted my resources and I come to you in hope to find some answers.

Thank you

PD: One of the things I do not understand is why does the message says that the url is ssl://api.twitter.com:443 rather than https://api.twitter.com/request_token? the former one is the one I am using to get the request token.


"Unable to connect to ssl://_______:443. Error #0" generally means that there is a ssl_verify_peer or certificate match issue - and the twitter API doesn't require you to provide a certificate!

HTTP_Request2 sets the ssl_verify_peer option to true by default - which is fine if you are specifying a certificate for establishing a connection so perhaps you need to check that setting is switched off?

This is checked for you in Services_Twitter if the use_ssl config setting is enabled so at a guess you may need to check that is set?

e.g.:

$twitter = Services_Twitter_factory('statuses/update', true, array('use_ssl' => true));


Here is the implementation of the code for kguest answer.


$httpRequest = new HTTP_Request2(  null,
                                   HTTP_Request2::METHOD_GET , 
                                   array ('ssl_verify_peer'   => false, 
                                          'ssl_verify_host'   => false) 
                                         );
$httpRequest->setHeader('Accept-Encoding', '.*');
$request = new HTTP_OAuth_Consumer_Request;
$request->accept($httpRequest);


$oauth = new HTTP_OAuth_Consumer('twitterConsumerKey','twitterConsumerSecret');
$oauth->accept($request);

$oauth->getRequestToken('https://api.twitter.com/oauth/request_token',
                        "path/to/call/back/file.php"); 

$_SESSION['token']        = $oauth->getToken();
$_SESSION['token_secret'] = $oauth->getTokenSecret();

$authorize_link_twitter = $oauth->getAuthorizeUrl('https://api.twitter.com/oauth/authorize');

and something very similar was done to get the access token once you get back from twitter.


        $httpRequest = new HTTP_Request2( null,
                                          HTTP_Request2::METHOD_GET , 
                                          array ('ssl_verify_peer'   => false, 
                                                 'ssl_verify_host'   => false) 
                                         );
        $httpRequest->setHeader('Accept-Encoding', '.*');
        $request = new HTTP_OAuth_Consumer_Request;
        $request->accept($httpRequest);

        $oauth = new HTTP_OAuth_Consumer('twitterConsumerKey', 
                                                 'twitterConsumerSecret', 
                                                 $_SESSION['token'], 
                                                 $_SESSION['token_secret']);
        $oauth->accept($request);

        $oauth->getAccessToken('https://api.twitter.com/oauth/access_token', 
                                       $_GET['oauth_verifier']);

        // you can get the final tokens like this.
        $oauth->getToken());
        $oauth->getTokenSecret();

All the credit goes to kguest for the idea that lead to the solution of this problem. this is just the code.


Checkout this bug report http://pear.php.net/bugs/bug.php?id=18061 I have added resources to solve the issues of SSL and the Services_Twitter package.

But basically you should follow the instructions at http://curl.haxx.se/docs/sslcerts.html

Disabling ssl_verify_peer and ssl_verify_host makes you vulnerable to the security attacks that SSL tries to solve ( Verifying peer in SSL using python ). So don't ;)

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜