From 4703dde9b27cbc33e18a41dfefe86c54ee1ec321 Mon Sep 17 00:00:00 2001
From: Alexandr Viniychuk <a@viniychuk.com>
Date: Tue, 2 May 2017 12:26:08 -0400
Subject: [PATCH] exclude oauth_verifier from the body

---
 src/TwitterOAuth.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/TwitterOAuth.php b/src/TwitterOAuth.php
index 31f78fa3..3bacf28c 100644
--- a/src/TwitterOAuth.php
+++ b/src/TwitterOAuth.php
@@ -347,6 +347,11 @@ private function oAuthRequest($url, $method, array $parameters)
         if ($this->bearer === null) {
             $request->signRequest($this->signatureMethod, $this->consumer, $this->token);
             $authorization = $request->toHeader();
+            if (array_key_exists('oauth_verifier', $parameters)) {
+                // Twitter doesn't always work with oauth in the body and in the header
+                // and it's already included in the $authorization header
+                unset($parameters['oauth_verifier']);
+            }
         } else {
             $authorization = 'Authorization: Bearer ' . $this->bearer;
         }