Support for TwitterAds OAuth1.0a flow , oauth_callback Authheader param

Question

Support for TwitterAds OAuth1.0a flow , oauth_callback Authheader param

hen42 opened this issue 4 years ago · 8 comments

Hi Alex,
I am looking at your nice library for OAuth1.0 a

When doing an integration againt TwitterAds , we need a oauth_callback param in the Authorization header.
(see description here: https://developer.twitter.com/en/docs/authentication/api-reference/request_token )

Example request:
Request URL: POST https://api.twitter.com/oauth/request_token

Request POST Body: N/A

Authorization Header: OAuth oauth_nonce="K7ny27JTpKVsTgdyLdDfmQQWVLERj2zAK5BslRsqyw", oauth_callback="http%3A%2F%2Fmyapp.com%3A3005%2Ftwitter%2Fprocess_callback", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1300228849", oauth_consumer_key="OqEqJeafRSF11jBMStrZz", oauth_signature="Pc%2BMLdv028fxCErFyi8KXFM%2BddU%3D", oauth_version="1.0"

How can we add the oauth_callback Auth header param using your library ?

Best Regards

Answer 1 · 2021-01-22T21:09:49.000Z

Hey @hen42

Thanks for the kind words! Let me take a look -- I will get back to you later today!

Answer 2 · 2021-01-23T01:15:48.000Z

Hey

I looked into this and I think you should be able to do this already. You need to use the OAuthAuthenticator class to create the requests and do the token exchange and then you can create the message handler that will handle the auth.

The link above points to the method that takes a callback and creates the right request.

Let me know if that doesn't work!

Answer 3 · 2021-01-25T09:41:02.000Z

Thanks for the answer. I tried using the OAuthAuthenticator to create message, but it did not work.
CreateGetRequestToken address appends the oauth params as query string parameters to the url, however the TwitterAds api doesnt like like. It wants these params in the Authorization Header.

The code I tried was:

        var authenticator = new OAuth.OAuthAuthenticator(apiKey, apiKeySecret);
        var authAddress = authenticator.CreateGetRequestTokenAddress("https://api.twitter.com/oauth/request_token", "POST",CALLBACKURL);

        HttpClient client = new HttpClient(_handler);
        var result  = await  client.PostAsync(authAddress, null);

status was unauthorized.

Answer 4 · 2021-01-25T18:03:51.000Z

Ah -- I see -- you would like to send the data via auth headers instead of query params?

Answer 5 · 2021-01-25T18:29:46.000Z

I looked at the code and it looks like what the code does is create a string for the URL. I wonder if the simplest thing to do is create an Uri object from the string returned by authenticator.CreateGetRequestTokenAddress and then strip the parameters from the query parameter when creating the request?

Answer 6 · 2021-01-27T13:17:41.000Z

Yes , via AuthHeaders.
I tried to make a request to https://api.twitter.com/oauth/request_token?oauth_callback=xxx (twitter-ads is fine with this query param) via the MessageHandler . It actually sets a oauth_callback value in the Authorization header.
However I get a status 403 back.
I am not sure what goes wrong here, the request goes through if I do in Post man, but not here.

Answer 7 · 2021-01-29T09:23:10.000Z

This code actually works:
The httpHandler will append the Outh_call back to the Auth header.

var authAddress = "https://api.twitter.com/oauth/request_token"  + "?oauth_callback=" + HttpUtility.UrlEncode("XXX");
HttpClient client = new HttpClient(_handler);
var result  = await  client.GetAsync(authAddress);

Thanks for the help.

Answer 8 · 2021-01-30T03:52:57.000Z

@hen42 glad to hear it worked!!!