/tmhOAuth

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Twitter API V1.0 Error Code 411 Length Required #94

Closed
oosswwaalldd opened this Issue Oct 27, 2012 · 12 comments

Comments

Assignees

@themattharris themattharris

Labels
bug
Projects
None yet
Milestone
  0.7.1
7 participants
@oosswwaalldd @pavemen @neave @MattFyot @rasa @tommoor @themattharris
@oosswwaalldd

oosswwaalldd commented Oct 27, 2012

Hi Matt,

I am getting error code 411 "Length Required" when calling this API to start the Auth Dance:

$callback = isset($_REQUEST['oob']) ? 'oob' : $here; ($here is the current URL)
$params = array('oauth_callback' => $callback);
$code = $tmhOAuth->request('POST', $tmhOAuth->url('oauth/request_token', ''), $params);

This worked for me until today, what should I fix here? I 100% sure is a change in Twitter platform I dont know. I am using the latest version of thematharris lib (0.7.0) and still on API V1.0

Here the response array(there are some ***** for sec reasons):

tmhOAuth Object
(
    [response] => Array
        (
        [raw] => HTTP/1.1 411 Length Required
Content-Length: 0
Connection: close


        [headers] => Array
            (
                [content_length] => 0
                [connection] => close
            )

        [code] => 411
        [response] => 
        [info] => Array
            (
                [url] => https://api.twitter.com/oauth/request_token
                [content_type] => 
                [http_code] => 411
                [header_size] => 70
                [request_size] => 518
                [filetime] => -1
                [ssl_verify_result] => 0
                [redirect_count] => 0
                [total_time] => 0.360223
                [namelookup_time] => 0.023239
                [connect_time] => 0.102982
                [pretransfer_time] => 0.280307
                [size_upload] => 0
                [size_download] => 0
                [speed_download] => 0
                [speed_upload] => 0
                [download_content_length] => 0
                [upload_content_length] => -1
                [starttransfer_time] => 0.360082
                [redirect_time] => 0
                [request_header] => POST /oauth/request_token HTTP/1.1
User-Agent: tmhOAuth 0.7.0+SSL - //github.com/themattharris/tmhOAuth
Host: api.twitter.com
Accept: */*
Accept-Encoding: deflate, gzip
Authorization: OAuth  oauth_callback="http%3A%2F%2Fautotuits.com%2Fresources%2Ftwitter_oauth_popup%2Fauth.php", oauth_consumer_key="**********************", oauth_nonce="0ab26ef3052e1d7feafbf323968ce10a", oauth_signature="zQr9MaNgWv4YZADOK2L8%2BCU%3D", oauth_signature_method="HMAC-    SHA1", oauth_timestamp="1351298703", oauth_version="1.0"


            )

        [error] => 
        [errno] => 0
    )

[params] => Array
    (
    )

[headers] => Array
    (
        [Authorization] => OAuth oauth_callback="http%3A%2F%2Fautotuits.com%2Fresources%2Ftwitter_oauth_popup%2Fauth.php", oauth_consumer_key="********************", oauth_nonce="0ab26ef3052e1d7feafbf323968ce10a", oauth_signature="zQr9MaNgWv4YZADOKUohhP2L8%2BCU%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1351298703", oauth_version="1.0"
        [Content-Type] => 
        [Content-Length] => 
        [Expect] => 
    )

[auto_fixed_time] => 
[buffer] => 
[config] => Array
    (
        [user_agent] => tmhOAuth 0.7.0+SSL - //github.com/themattharris/tmhOAuth
        [timezone] => America/Caracas
        [use_ssl] => 1
        [host] => api.twitter.com
        [consumer_key] => **************************************
        [consumer_secret] => **************************************
        [user_token] => 
        [user_secret] => 
        [force_nonce] => 
        [nonce] => 0ab26ef3052e1d7feafbf323968ce10a
        [force_timestamp] => 
        [timestamp] => 1351298703
        [oauth_version] => 1.0
        [oauth_signature_method] => HMAC-SHA1
        [curl_connecttimeout] => 30
        [curl_timeout] => 10
        [curl_ssl_verifyhost] => 2
        [curl_ssl_verifypeer] => 1
        [curl_cainfo] => /home/*****/public_html/libs/twitter/cacert.pem
        [curl_capath] => /home/******/public_html/libs/twitter
        [curl_followlocation] => 
        [curl_proxy] => 
        [curl_proxyuserpwd] => 
        [curl_encoding] => 
        [is_streaming] => 
        [streaming_eol] => 

        [streaming_metrics_interval] => 60
        [as_header] => 1
        [debug] => 
        [multipart] => 
    )

[method] => POST
[url] => https://api.twitter.com/oauth/request_token
[signing_params] => oauth_callback=http%3A%2F%2Fautotuits.com%2Fresources%2Ftwitter_oauth_popup%2Fauth.php&oauth_consumer_key=***************&oauth_nonce=0ab26ef3052e1d7feafbf323968ce10a&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1351298703&oauth_version=1.0
[auth_params] => Array
    (
        [oauth_callback] => http%3A%2F%2Fautotuits.com%2Fresources%2Ftwitter_oauth_popup%2Fauth.php
        [oauth_consumer_key] => **************************************
        [oauth_nonce] => 0ab26ef3052e1d7feafbf323968ce10a
        [oauth_signature] => zQr9MaNgWv4YZOKUoNP2L8%2BCU%3D
        [oauth_signature_method] => HMAC-SHA1
        [oauth_timestamp] => 1351298703
        [oauth_version] => 1.0
    )

[request_params] => Array
    (
    )

[base_string] => POST&https%3A%2F%2Fapi.twitter.com%2Foauth%2Frequest_token&oauth_callback%3Dhttp%253A%252F%252Fautotuits.com%252Fresources%252Ftwitter_oauth_popup%252Fauth.php%26oauth_consumer_key%*********************%26oauth_nonce%3D0ab26ef3052e1d7feafbf323968ce10a%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1351298703%26oauth_version%3D1.0
[signing_key] => O1tj0OsXKPLyGWRrT8clrSb144ieUeLSL3gMRrM&
[auth_header] => OAuth oauth_callback="http%3A%2F%2Fautotuits.com%2Fresources%2Ftwitter_oauth_popup%2Fauth.php", oauth_consumer_key="**************************************", oauth_nonce="0ab26ef3052e1d7feafbf323968ce10a", oauth_signature="zQr9MaNgWv4YDOKUoNP2L8%2BCU%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1351298703", oauth_version="1.0"
@oosswwaalldd

This comment has been minimized.

Sign in to view

oosswwaalldd commented Oct 27, 2012

Ok, I just fixed the issue by adding a second "dummy" parameter to the API call

$params = array('oauth_callback' => $callback); to $params = array('oauth_callback' => $callback, 'a' => 'a');

Is there anything that need to be fixed in the lib besides this?

Thanks!
@pavemen

This comment has been minimized.

Sign in to view

pavemen commented Oct 27, 2012

i think the Twitter API updated and has a bug. Obviously your API call had content in the parameter list and adding a minor bit of data made it work. Just like my issue I posted earlier, add enough data to get past whatever bug they introduced. Their byte count is off by one when taking in the inputs I bet.

edit: not sure if this is actually true since my status updated work fine via 1.1/statuses/update with the POST parameters I pass. No missing content that I have seen.
@oosswwaalldd

This comment has been minimized.

Sign in to view

oosswwaalldd commented Oct 27, 2012

Yes Pavement i added the second dummy param after reading your post. Thanks!
@neave

This comment has been minimized.

Sign in to view

neave commented Oct 27, 2012

Confirmed. I have this error 411 reported using v1.1 API too. The fix from @oosswwaalldd does this trick, thanks! Does anyone know if this bug has been filed on Twitter's API site? https://dev.twitter.com/issues I'd like to up-vote.
@MattFyot

This comment has been minimized.

Sign in to view

MattFyot commented Oct 27, 2012

Thanks a lot guys, that fixed the issue for me too!
Obviously some breaking changes were implemented about 12 hours ago by Twitter as it was running smoothly prior to that.
It seems to affect only the Auth Dance though as we did not have to implement that fix to other API calls.
@rasa

This comment has been minimized.

Sign in to view

rasa commented Oct 27, 2012

When I changed line 625 of tmhOAuth.php from

  $this->headers['Content-Length'] = '';

to

  $this->headers['Content-Length'] = '0';

the problem went away.
@rasa

This comment has been minimized.

Sign in to view

rasa commented Oct 27, 2012

I filed a bug here: https://dev.twitter.com/issues/643
@pavemen

This comment has been minimized.

Sign in to view

pavemen commented Oct 27, 2012

@MattFyot this effected my statuses/destroy call in API v1.1
@oosswwaalldd

This comment has been minimized.

Sign in to view

oosswwaalldd commented Oct 27, 2012

I think @rasa solution is way more elegant than mine!, is there any way to involve @themattharris in this conversation so he can give the final and proper solution?

Thanks!
@tommoor

This comment has been minimized.

Sign in to view

tommoor commented Oct 27, 2012

We found the same issue last night, around 14hours ago and implemented the same fix as @rasa - this seems to have completely resolved the problem.

@themattharris themattharris referenced this issue Oct 27, 2012

Closed

Twitter REST API v1.1 appears to require non-empty Content-Length on POST #93

@themattharris

This comment has been minimized.

Sign in to view
Owner

themattharris commented Oct 27, 2012

hey guys,
looking into this now. as you suggest this looks like a change on Twitter's side that's caused problems.
while i agree your changes fix the immediate issue i'd prefer we know why we have to make that change before doing it.

themattharris pushed a commit that referenced this issue Oct 27, 2012

themattharris
Version 0.7.1 
- set content-length to 0 explictly to avoid a bug between libcurl and Twitter (Issue #94)
- allow initialization without a configuration array (default config to array())
- prevent ->url allowing double slashes in paths
84a84fd
@themattharris

This comment has been minimized.

Sign in to view
Owner

themattharris commented Oct 27, 2012

implemented the same '0' fix as discussed by you guys above. so v 0.7.1 should fix the issue.
this still makes me uneasy as the issue is evident in curl itself:

curl -vvv https://api.twitter.com/1/help/test.json -X POST
* About to connect() to api.twitter.com port 443 (#0)
*   Trying 199.59.149.232...
* connected
* Connected to api.twitter.com (199.59.149.232) port 443 (#0)
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using RC4-SHA
* Server certificate:
*    subject: C=US; ST=California; L=San Francisco; O=Twitter, Inc.; OU=Twitter Security; CN=api.twitter.com
*    start date: 2012-05-02 00:00:00 GMT
*    expire date: 2013-05-03 23:59:59 GMT
*    subjectAltName: api.twitter.com matched
*    issuer: C=US; O=VeriSign, Inc.; OU=VeriSign Trust Network; OU=Terms of use at https://www.verisign.com/rpa (c)09; CN=VeriSign Class 3 Secure Server CA - G2
*    SSL certificate verify ok.
> POST /1/help/test.json HTTP/1.1
> User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5
> Host: api.twitter.com
> Accept: */*
> 
< HTTP/1.1 411 Length Required
< Content-Length: 0
< Connection: close
< 
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):

and requires this to fix:

curl -vvv https://api.twitter.com/1/help/test.json -X POST -H 'Content-Length: 0'
* About to connect() to api.twitter.com port 443 (#0)
*   Trying 199.59.150.41...
* connected
* Connected to api.twitter.com (199.59.150.41) port 443 (#0)
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using RC4-SHA
* Server certificate:
*    subject: C=US; ST=California; L=San Francisco; O=Twitter, Inc.; OU=Twitter Security; CN=api.twitter.com
*    start date: 2012-05-02 00:00:00 GMT
*    expire date: 2013-05-03 23:59:59 GMT
*    subjectAltName: api.twitter.com matched
*    issuer: C=US; O=VeriSign, Inc.; OU=VeriSign Trust Network; OU=Terms of use at https://www.verisign.com/rpa (c)09; CN=VeriSign Class 3 Secure Server CA - G2
*    SSL certificate verify ok.
> POST /1/help/test.json HTTP/1.1
> User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5
> Host: api.twitter.com
> Accept: */*
> Content-Length: 0
> 
< HTTP/1.1 200 OK
< Date: Sat, 27 Oct 2012 18:18:14 GMT
< Status: 200 OK
< X-Transaction-Mask: a6183ffa5f8ca943ff1b53b5644ef114be33ae34
< Pragma: no-cache
< X-Transaction: 1b033cdce89bddb2
< Content-Type: application/json; charset=utf-8
< Expires: Tue, 31 Mar 1981 05:00:00 GMT
< X-Runtime: 0.01461
< X-Frame-Options: SAMEORIGIN
< Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
< X-MID: fcd0057ccbee514d07367c8efdfac673a506ddcf
< Last-Modified: Sat, 27 Oct 2012 18:18:14 GMT
< ETag: "72054d9a6fbdcc7df012e19f32345b65"
< Content-Length: 4
< Vary: Accept-Encoding
< Server: tfe
< 
* Connection #0 to host api.twitter.com left intact
"ok"* Closing connection #0
* SSLv3, TLS alert, Client hello (1):

but i'll close this out from tmhOAuth and instead follow up on https://dev.twitter.com/issues/643
thank everyone

@themattharris themattharris closed this Oct 27, 2012

@oosswwaalldd oosswwaalldd referenced this issue Oct 28, 2012

Closed

411 error after some months #95

@ghost ghost assigned themattharris Oct 28, 2012

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment