Twitter API - Failed to validate oauth signature and token PHP / CURL

I have spent the past couple of hours trying all types of variations but according to the Twitter API this should have worked from step 1!

1 addition I have made to the script below is that I have added in: $header = array("Expect:");

This I found helped in another question on stackover开发者_开发技巧flow from getting a denied issue / 100-continue.

Issue: Failed to validate oauth signature and token is the response EVERY time!!!

Example of my post data:

Array ( [oauth_callback] => http://www.mysite.com//index.php [oauth_consumer_key] => hidden [oauth_nonce] => hidden [oauth_signature_method] => HMAC-SHA1 [oauth_timestamp] => 1301270847 [oauth_version] => 1.0 )

And my header data:

Array ( [0] => Expect: )

Script:

$consumer_key = "hidden";
$consumer_secret = "hidden";
function Post_Data($url,$data,$header){
    $ch = curl_init();  
    curl_setopt($ch, CURLOPT_URL, $url); 
    curl_setopt($ch, CURLOPT_POST, 1);  
    curl_setopt($ch, CURLOPT_POSTFIELDS,$data);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
    $result = curl_exec($ch);  
    curl_close($ch);
    return $result;
    }
$data['oauth_callback'] = "http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];
$data['oauth_consumer_key'] = $consumer_key;
$data['oauth_nonce'] = md5(time());
$data['oauth_signature_method'] = "HMAC-SHA1";
$data['oauth_timestamp'] = time();
$data['oauth_version'] = "1.0";
$header = array("Expect:");
$content = Post_Data("http://api.twitter.com/oauth/request_token",$data,$header);
print_r($content);

Can anybody see an obvious mistake that I may be making here? Preferably I would not like to go with somebody elses code as most examples have full classes & massive functions, I am looking for the most simple approach!

---

Your problem is that you did not include the OAuth signature in your request.
You can read about the concept on this page.
A working implementation can be found here.

---

I faced same issue, what I was missing is passing header in to the curl request. As shown in this question, I was also sending the $header = array('Expect:'), which was the problem in my case. I started sending signature in header with other data as below and it solved the case for me.

$header = calculateHeader($parameters, 'https://api.twitter.com/oauth/request_token');

function calculateHeader(array $parameters, $url)
    {
        // redefine
        $url = (string) $url;

        // divide into parts
        $parts = parse_url($url);

        // init var
        $chunks = array();

        // process queries
        foreach($parameters as $key => $value) $chunks[] = str_replace('%25', '%', urlencode_rfc3986($key) . '="' . urlencode_rfc3986($value) . '"');

        // build return
        $return = 'Authorization: OAuth realm="' . $parts['scheme'] . '://' . $parts['host'] . $parts['path'] . '", ';
        $return .= implode(',', $chunks);

        // prepend name and OAuth part
        return $return;
    }

function urlencode_rfc3986($value)
    {
        if(is_array($value)) return array_map('urlencode_rfc3986', $value);
        else
        {
            $search = array('+', ' ', '%7E', '%');
            $replace = array('%20', '%20', '~', '%25');

            return str_replace($search, $replace, urlencode($value));
        }
    }