Twitter API V1.0 Error Code 411 Length Required #94

Closed
oosswwaalldd opened this Issue Oct 27, 2012 · 12 comments

Comments

Projects
None yet
7 participants
@oosswwaalldd

Hi Matt,

I am getting error code 411 "Length Required" when calling this API to start the Auth Dance:

$callback = isset($_REQUEST['oob']) ? 'oob' : $here; ($here is the current URL)
$params = array('oauth_callback' => $callback);
$code = $tmhOAuth->request('POST', $tmhOAuth->url('oauth/request_token', ''), $params);

This worked for me until today, what should I fix here? I 100% sure is a change in Twitter platform I dont know. I am using the latest version of thematharris lib (0.7.0) and still on API V1.0

Here the response array(there are some ***** for sec reasons):

tmhOAuth Object
(
    [response] => Array
        (
        [raw] => HTTP/1.1 411 Length Required
Content-Length: 0
Connection: close


        [headers] => Array
            (
                [content_length] => 0
                [connection] => close
            )

        [code] => 411
        [response] => 
        [info] => Array
            (
                [url] => https://api.twitter.com/oauth/request_token
                [content_type] => 
                [http_code] => 411
                [header_size] => 70
                [request_size] => 518
                [filetime] => -1
                [ssl_verify_result] => 0
                [redirect_count] => 0
                [total_time] => 0.360223
                [namelookup_time] => 0.023239
                [connect_time] => 0.102982
                [pretransfer_time] => 0.280307
                [size_upload] => 0
                [size_download] => 0
                [speed_download] => 0
                [speed_upload] => 0
                [download_content_length] => 0
                [upload_content_length] => -1
                [starttransfer_time] => 0.360082
                [redirect_time] => 0
                [request_header] => POST /oauth/request_token HTTP/1.1
User-Agent: tmhOAuth 0.7.0+SSL - //github.com/themattharris/tmhOAuth
Host: api.twitter.com
Accept: */*
Accept-Encoding: deflate, gzip
Authorization: OAuth  oauth_callback="http%3A%2F%2Fautotuits.com%2Fresources%2Ftwitter_oauth_popup%2Fauth.php", oauth_consumer_key="**********************", oauth_nonce="0ab26ef3052e1d7feafbf323968ce10a", oauth_signature="zQr9MaNgWv4YZADOK2L8%2BCU%3D", oauth_signature_method="HMAC-    SHA1", oauth_timestamp="1351298703", oauth_version="1.0"


            )

        [error] => 
        [errno] => 0
    )

[params] => Array
    (
    )

[headers] => Array
    (
        [Authorization] => OAuth oauth_callback="http%3A%2F%2Fautotuits.com%2Fresources%2Ftwitter_oauth_popup%2Fauth.php", oauth_consumer_key="********************", oauth_nonce="0ab26ef3052e1d7feafbf323968ce10a", oauth_signature="zQr9MaNgWv4YZADOKUohhP2L8%2BCU%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1351298703", oauth_version="1.0"
        [Content-Type] => 
        [Content-Length] => 
        [Expect] => 
    )

[auto_fixed_time] => 
[buffer] => 
[config] => Array
    (
        [user_agent] => tmhOAuth 0.7.0+SSL - //github.com/themattharris/tmhOAuth
        [timezone] => America/Caracas
        [use_ssl] => 1
        [host] => api.twitter.com
        [consumer_key] => **************************************
        [consumer_secret] => **************************************
        [user_token] => 
        [user_secret] => 
        [force_nonce] => 
        [nonce] => 0ab26ef3052e1d7feafbf323968ce10a
        [force_timestamp] => 
        [timestamp] => 1351298703
        [oauth_version] => 1.0
        [oauth_signature_method] => HMAC-SHA1
        [curl_connecttimeout] => 30
        [curl_timeout] => 10
        [curl_ssl_verifyhost] => 2
        [curl_ssl_verifypeer] => 1
        [curl_cainfo] => /home/*****/public_html/libs/twitter/cacert.pem
        [curl_capath] => /home/******/public_html/libs/twitter
        [curl_followlocation] => 
        [curl_proxy] => 
        [curl_proxyuserpwd] => 
        [curl_encoding] => 
        [is_streaming] => 
        [streaming_eol] => 

        [streaming_metrics_interval] => 60
        [as_header] => 1
        [debug] => 
        [multipart] => 
    )

[method] => POST
[url] => https://api.twitter.com/oauth/request_token
[signing_params] => oauth_callback=http%3A%2F%2Fautotuits.com%2Fresources%2Ftwitter_oauth_popup%2Fauth.php&oauth_consumer_key=***************&oauth_nonce=0ab26ef3052e1d7feafbf323968ce10a&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1351298703&oauth_version=1.0
[auth_params] => Array
    (
        [oauth_callback] => http%3A%2F%2Fautotuits.com%2Fresources%2Ftwitter_oauth_popup%2Fauth.php
        [oauth_consumer_key] => **************************************
        [oauth_nonce] => 0ab26ef3052e1d7feafbf323968ce10a
        [oauth_signature] => zQr9MaNgWv4YZOKUoNP2L8%2BCU%3D
        [oauth_signature_method] => HMAC-SHA1
        [oauth_timestamp] => 1351298703
        [oauth_version] => 1.0
    )

[request_params] => Array
    (
    )

[base_string] => POST&https%3A%2F%2Fapi.twitter.com%2Foauth%2Frequest_token&oauth_callback%3Dhttp%253A%252F%252Fautotuits.com%252Fresources%252Ftwitter_oauth_popup%252Fauth.php%26oauth_consumer_key%*********************%26oauth_nonce%3D0ab26ef3052e1d7feafbf323968ce10a%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1351298703%26oauth_version%3D1.0
[signing_key] => O1tj0OsXKPLyGWRrT8clrSb144ieUeLSL3gMRrM&
[auth_header] => OAuth oauth_callback="http%3A%2F%2Fautotuits.com%2Fresources%2Ftwitter_oauth_popup%2Fauth.php", oauth_consumer_key="**************************************", oauth_nonce="0ab26ef3052e1d7feafbf323968ce10a", oauth_signature="zQr9MaNgWv4YDOKUoNP2L8%2BCU%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1351298703", oauth_version="1.0"
@oosswwaalldd

This comment has been minimized.

Show comment
Hide comment
@oosswwaalldd

oosswwaalldd Oct 27, 2012

Ok, I just fixed the issue by adding a second "dummy" parameter to the API call

$params = array('oauth_callback' => $callback); to $params = array('oauth_callback' => $callback, 'a' => 'a');

Is there anything that need to be fixed in the lib besides this?

Thanks!

Ok, I just fixed the issue by adding a second "dummy" parameter to the API call

$params = array('oauth_callback' => $callback); to $params = array('oauth_callback' => $callback, 'a' => 'a');

Is there anything that need to be fixed in the lib besides this?

Thanks!

@pavemen

This comment has been minimized.

Show comment
Hide comment
@pavemen

pavemen Oct 27, 2012

i think the Twitter API updated and has a bug. Obviously your API call had content in the parameter list and adding a minor bit of data made it work. Just like my issue I posted earlier, add enough data to get past whatever bug they introduced. Their byte count is off by one when taking in the inputs I bet.

edit: not sure if this is actually true since my status updated work fine via 1.1/statuses/update with the POST parameters I pass. No missing content that I have seen.

pavemen commented Oct 27, 2012

i think the Twitter API updated and has a bug. Obviously your API call had content in the parameter list and adding a minor bit of data made it work. Just like my issue I posted earlier, add enough data to get past whatever bug they introduced. Their byte count is off by one when taking in the inputs I bet.

edit: not sure if this is actually true since my status updated work fine via 1.1/statuses/update with the POST parameters I pass. No missing content that I have seen.

@oosswwaalldd

This comment has been minimized.

Show comment
Hide comment
@oosswwaalldd

oosswwaalldd Oct 27, 2012

Yes Pavement i added the second dummy param after reading your post. Thanks!

Yes Pavement i added the second dummy param after reading your post. Thanks!

@neave

This comment has been minimized.

Show comment
Hide comment
@neave

neave Oct 27, 2012

Confirmed. I have this error 411 reported using v1.1 API too. The fix from @oosswwaalldd does this trick, thanks! Does anyone know if this bug has been filed on Twitter's API site? https://dev.twitter.com/issues I'd like to up-vote.

neave commented Oct 27, 2012

Confirmed. I have this error 411 reported using v1.1 API too. The fix from @oosswwaalldd does this trick, thanks! Does anyone know if this bug has been filed on Twitter's API site? https://dev.twitter.com/issues I'd like to up-vote.

@MattFyot

This comment has been minimized.

Show comment
Hide comment
@MattFyot

MattFyot Oct 27, 2012

Thanks a lot guys, that fixed the issue for me too!
Obviously some breaking changes were implemented about 12 hours ago by Twitter as it was running smoothly prior to that.
It seems to affect only the Auth Dance though as we did not have to implement that fix to other API calls.

Thanks a lot guys, that fixed the issue for me too!
Obviously some breaking changes were implemented about 12 hours ago by Twitter as it was running smoothly prior to that.
It seems to affect only the Auth Dance though as we did not have to implement that fix to other API calls.

@rasa

This comment has been minimized.

Show comment
Hide comment
@rasa

rasa Oct 27, 2012

When I changed line 625 of tmhOAuth.php from

  $this->headers['Content-Length'] = '';

to

  $this->headers['Content-Length'] = '0';

the problem went away.

rasa commented Oct 27, 2012

When I changed line 625 of tmhOAuth.php from

  $this->headers['Content-Length'] = '';

to

  $this->headers['Content-Length'] = '0';

the problem went away.

@rasa

This comment has been minimized.

Show comment
Hide comment

rasa commented Oct 27, 2012

@pavemen

This comment has been minimized.

Show comment
Hide comment
@pavemen

pavemen Oct 27, 2012

@MattFyot this effected my statuses/destroy call in API v1.1

pavemen commented Oct 27, 2012

@MattFyot this effected my statuses/destroy call in API v1.1

@oosswwaalldd

This comment has been minimized.

Show comment
Hide comment
@oosswwaalldd

oosswwaalldd Oct 27, 2012

I think @rasa solution is way more elegant than mine!, is there any way to involve @themattharris in this conversation so he can give the final and proper solution?

Thanks!

I think @rasa solution is way more elegant than mine!, is there any way to involve @themattharris in this conversation so he can give the final and proper solution?

Thanks!

@tommoor

This comment has been minimized.

Show comment
Hide comment
@tommoor

tommoor Oct 27, 2012

We found the same issue last night, around 14hours ago and implemented the same fix as @rasa - this seems to have completely resolved the problem.

tommoor commented Oct 27, 2012

We found the same issue last night, around 14hours ago and implemented the same fix as @rasa - this seems to have completely resolved the problem.

@themattharris

This comment has been minimized.

Show comment
Hide comment
@themattharris

themattharris Oct 27, 2012

Owner

hey guys,
looking into this now. as you suggest this looks like a change on Twitter's side that's caused problems.
while i agree your changes fix the immediate issue i'd prefer we know why we have to make that change before doing it.

Owner

themattharris commented Oct 27, 2012

hey guys,
looking into this now. as you suggest this looks like a change on Twitter's side that's caused problems.
while i agree your changes fix the immediate issue i'd prefer we know why we have to make that change before doing it.

themattharris pushed a commit that referenced this issue Oct 27, 2012

themattharris
Version 0.7.1
- set content-length to 0 explictly to avoid a bug between libcurl and Twitter (Issue #94)
- allow initialization without a configuration array (default config to array())
- prevent ->url allowing double slashes in paths
@themattharris

This comment has been minimized.

Show comment
Hide comment
@themattharris

themattharris Oct 27, 2012

Owner

implemented the same '0' fix as discussed by you guys above. so v 0.7.1 should fix the issue.
this still makes me uneasy as the issue is evident in curl itself:

curl -vvv https://api.twitter.com/1/help/test.json -X POST
* About to connect() to api.twitter.com port 443 (#0)
*   Trying 199.59.149.232...
* connected
* Connected to api.twitter.com (199.59.149.232) port 443 (#0)
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using RC4-SHA
* Server certificate:
*    subject: C=US; ST=California; L=San Francisco; O=Twitter, Inc.; OU=Twitter Security; CN=api.twitter.com
*    start date: 2012-05-02 00:00:00 GMT
*    expire date: 2013-05-03 23:59:59 GMT
*    subjectAltName: api.twitter.com matched
*    issuer: C=US; O=VeriSign, Inc.; OU=VeriSign Trust Network; OU=Terms of use at https://www.verisign.com/rpa (c)09; CN=VeriSign Class 3 Secure Server CA - G2
*    SSL certificate verify ok.
> POST /1/help/test.json HTTP/1.1
> User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5
> Host: api.twitter.com
> Accept: */*
> 
< HTTP/1.1 411 Length Required
< Content-Length: 0
< Connection: close
< 
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):

and requires this to fix:

curl -vvv https://api.twitter.com/1/help/test.json -X POST -H 'Content-Length: 0'
* About to connect() to api.twitter.com port 443 (#0)
*   Trying 199.59.150.41...
* connected
* Connected to api.twitter.com (199.59.150.41) port 443 (#0)
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using RC4-SHA
* Server certificate:
*    subject: C=US; ST=California; L=San Francisco; O=Twitter, Inc.; OU=Twitter Security; CN=api.twitter.com
*    start date: 2012-05-02 00:00:00 GMT
*    expire date: 2013-05-03 23:59:59 GMT
*    subjectAltName: api.twitter.com matched
*    issuer: C=US; O=VeriSign, Inc.; OU=VeriSign Trust Network; OU=Terms of use at https://www.verisign.com/rpa (c)09; CN=VeriSign Class 3 Secure Server CA - G2
*    SSL certificate verify ok.
> POST /1/help/test.json HTTP/1.1
> User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5
> Host: api.twitter.com
> Accept: */*
> Content-Length: 0
> 
< HTTP/1.1 200 OK
< Date: Sat, 27 Oct 2012 18:18:14 GMT
< Status: 200 OK
< X-Transaction-Mask: a6183ffa5f8ca943ff1b53b5644ef114be33ae34
< Pragma: no-cache
< X-Transaction: 1b033cdce89bddb2
< Content-Type: application/json; charset=utf-8
< Expires: Tue, 31 Mar 1981 05:00:00 GMT
< X-Runtime: 0.01461
< X-Frame-Options: SAMEORIGIN
< Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
< X-MID: fcd0057ccbee514d07367c8efdfac673a506ddcf
< Last-Modified: Sat, 27 Oct 2012 18:18:14 GMT
< ETag: "72054d9a6fbdcc7df012e19f32345b65"
< Content-Length: 4
< Vary: Accept-Encoding
< Server: tfe
< 
* Connection #0 to host api.twitter.com left intact
"ok"* Closing connection #0
* SSLv3, TLS alert, Client hello (1):

but i'll close this out from tmhOAuth and instead follow up on https://dev.twitter.com/issues/643
thank everyone

Owner

themattharris commented Oct 27, 2012

implemented the same '0' fix as discussed by you guys above. so v 0.7.1 should fix the issue.
this still makes me uneasy as the issue is evident in curl itself:

curl -vvv https://api.twitter.com/1/help/test.json -X POST
* About to connect() to api.twitter.com port 443 (#0)
*   Trying 199.59.149.232...
* connected
* Connected to api.twitter.com (199.59.149.232) port 443 (#0)
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using RC4-SHA
* Server certificate:
*    subject: C=US; ST=California; L=San Francisco; O=Twitter, Inc.; OU=Twitter Security; CN=api.twitter.com
*    start date: 2012-05-02 00:00:00 GMT
*    expire date: 2013-05-03 23:59:59 GMT
*    subjectAltName: api.twitter.com matched
*    issuer: C=US; O=VeriSign, Inc.; OU=VeriSign Trust Network; OU=Terms of use at https://www.verisign.com/rpa (c)09; CN=VeriSign Class 3 Secure Server CA - G2
*    SSL certificate verify ok.
> POST /1/help/test.json HTTP/1.1
> User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5
> Host: api.twitter.com
> Accept: */*
> 
< HTTP/1.1 411 Length Required
< Content-Length: 0
< Connection: close
< 
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):

and requires this to fix:

curl -vvv https://api.twitter.com/1/help/test.json -X POST -H 'Content-Length: 0'
* About to connect() to api.twitter.com port 443 (#0)
*   Trying 199.59.150.41...
* connected
* Connected to api.twitter.com (199.59.150.41) port 443 (#0)
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using RC4-SHA
* Server certificate:
*    subject: C=US; ST=California; L=San Francisco; O=Twitter, Inc.; OU=Twitter Security; CN=api.twitter.com
*    start date: 2012-05-02 00:00:00 GMT
*    expire date: 2013-05-03 23:59:59 GMT
*    subjectAltName: api.twitter.com matched
*    issuer: C=US; O=VeriSign, Inc.; OU=VeriSign Trust Network; OU=Terms of use at https://www.verisign.com/rpa (c)09; CN=VeriSign Class 3 Secure Server CA - G2
*    SSL certificate verify ok.
> POST /1/help/test.json HTTP/1.1
> User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5
> Host: api.twitter.com
> Accept: */*
> Content-Length: 0
> 
< HTTP/1.1 200 OK
< Date: Sat, 27 Oct 2012 18:18:14 GMT
< Status: 200 OK
< X-Transaction-Mask: a6183ffa5f8ca943ff1b53b5644ef114be33ae34
< Pragma: no-cache
< X-Transaction: 1b033cdce89bddb2
< Content-Type: application/json; charset=utf-8
< Expires: Tue, 31 Mar 1981 05:00:00 GMT
< X-Runtime: 0.01461
< X-Frame-Options: SAMEORIGIN
< Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
< X-MID: fcd0057ccbee514d07367c8efdfac673a506ddcf
< Last-Modified: Sat, 27 Oct 2012 18:18:14 GMT
< ETag: "72054d9a6fbdcc7df012e19f32345b65"
< Content-Length: 4
< Vary: Accept-Encoding
< Server: tfe
< 
* Connection #0 to host api.twitter.com left intact
"ok"* Closing connection #0
* SSLv3, TLS alert, Client hello (1):

but i'll close this out from tmhOAuth and instead follow up on https://dev.twitter.com/issues/643
thank everyone

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment