DMfll DMfll - 6 months ago 110
Ruby Question

401 unauthorized from Twitter API with oauth gem in Ruby

This is my first experience working with Twitter API's.
I am using the following tools:


  • ruby 2.2.0p0 (2014-12-25 revision 49005) [x86_64-linux]

  • gem 'oauth'


    • oauth (0.5.1)

    • oauth2 (1.1.0)

    • omniauth-oauth2 (1.4.0)




I obtained a key and secret from Twitter.

I copied and pasted from the example on Twitter for Ruby.

=begin
code taken directly from the example at
https://dev.twitter.com/oauth/overview/single-user
=end

require 'oauth'
consumer_key, \
consumer_secret = [
'CONSUMER_KEY',
'CONSUMER_SECRET'
].map { |key| ENV[key] }
raise "Some key undefined." unless [consumer_key, consumer_secret].all?

# Exchange your oauth_token and oauth_token_secret for an AccessToken instance.
def prepare_access_token(oauth_token, oauth_token_secret)
consumer = OAuth::Consumer.new("APIKey", "APISecret", { :site => "https://api.twitter.com", :scheme => :header })

# now create the access token object from passed values
token_hash = { :oauth_token => oauth_token, :oauth_token_secret => oauth_token_secret }
access_token = OAuth::AccessToken.from_hash(consumer, token_hash )

return access_token
end

# Exchange our oauth_token and oauth_token secret for the AccessToken instance.
access_token = prepare_access_token(consumer_key, consumer_secret)
p access_token

# use the access token as an agent to get the home timeline
response = access_token.request(:get, "https://api.twitter.com/1.1/statuses/home_timeline.json")
p response

=begin

|| #<OAuth::AccessToken:0x000000021ed938
@token="redacted", @secret="redacted",
@consumer=#<OAuth::Consumer:0x000000021edb68
@key="APIKey",
@secret="APISecret", @options={:signature_method=>"HMAC-SHA1",
:request_token_path=>"/oauth/request_token",
:authorize_path=>"/oauth/authorize",
:access_token_path=>"/oauth/access_token",
:proxy=>nil, :scheme=>:header,
:http_method=>:post, :oauth_version=>"1.0",
:site=>"https://api.twitter.com"}>,
@params={:oauth_token=>"redacted", :oauth_token_secret=>"redacted"}>
|| #<Net::HTTPUnauthorized 401 Authorization Required readbody=true>
=end


What I tried:



Suggestions of where to go from here appreciated.

UPDATE OAuth Tool on Twitter Developer returns the expected result with a curl execution:

curl --get 'https://api.twitter.com/1.1/statuses/home_timeline.json' --header 'Authorization: OAuth oauth_consumer_key="redacted", oauth_nonce="redacted", oauth_signature="redacted", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1463742270", oauth_token="redacted", oauth_version="1.0"' --verbose


Expected data is returned.


[{"created_at":"Fri May 20 11:05:21 +0000
2016","id":733614584754515968,"id_str":

"733614584754515968","text":"Three Skills Every New Programmer Should
Learn https://t. co/1p9AxO5JPg via
@sitepointdotcom","truncated":false,"entities":{"hashtags":[],"symbols"
(truncated)…

Answer

On this line, you should replace "APIKey" and "APISecret" with what you pulled from the CONSUMER_* environment variables.

consumer = OAuth::Consumer.new("APIKey", "APISecret", { :site => "https://api.twitter.com", :scheme => :header })

The example code from Twitter works fine for me. The wrong consumer keys will give you 401 for sure.

Comments