Need to get a list of friends on Twitter.

I executed the authorization, I received the tokens.

The official documentation https://dev.twitter.com/rest/reference/get/friends/list lists only the basic parameters of the request. How to stick tokens there, I don't know :(

  • one
    Just like with authorization in the header, like: "Authorization: Bearer / Basic token". - alexis031182
  • @ alexis031182 do i just add 1 header with oauth_token? - Artyom Prokudin
  • @ alexis031182 I did the authorization on Twitter with the entrance. Those. As a result, I have 2 tokens: oauth_token and oauth_token_secret. - Artem Prokudin
  • I did not do this authorization option, only the application token was sufficient for me, but if we assume a similarity, then you need to add a header to your requests: "Authorization: OAuth oauth_token" Accordingly, instead of "oauth_token" substitute your key. It may also make sense to try and add "oauth_token_secret" separated by commas. In the help of Twitter, something is not rich, this topic is disclosed. - alexis031182

1 answer 1

I figured it out. The way to sign requests is as fuzzy as the login authorization.

  1. You need to generate oauth_signature on the following parameters

    • oauth_consumer_key

    • oauth_token

    • oauth_nonce

    • oauth_timestamp

    • oauth_signature_method

    • oauth_version

    • + all parameters of your request

  2. Next, prepare the header body.

<тело> = "oauth_nonce=" + oauth_nonce + "," +

"oauth_signature_method=" + oauth_signature_method + "," +

"oauth_token=" + urlencode(oauth_token) + "," +

"oauth_timestamp=" + oauth_timestamp + "," +

"oauth_consumer_key=" + oauth_consumer_key + "," +

"oauth_signature=" + urlencode(oauth_signature) + "," +

"oauth_version=" + oauth_version

Attention! It's kind of not necessary, but I framed each value with quotes.

  1. Add the header "Authorization: <body>" and send the request

If you have questions - ask

`

  • It is strange that all this haulm with keys must be sent with each request. In theory, there are only two keys in the last step. They do not receive requests if you form a heading on the same principle as described in the answer? - alexis031182
  • @ alexis031182 I found 2 sites where stackoverflow.com/questions/12684765/… ruseller.com/lessons.php?id=2021 was done exactly like this - by Artem Prokudin
  • Well, for example, only 4 keys are used here : 2 application keys and 2 user keys. What is there inside this called class, we must understand and look, but in theory it should be so. Otherwise, it turns out some sort of brute force with the body of the authorization header. However, I may be mistaken. - alexis031182
  • @ alexis031182 nuuu, twitter at least handles my request: D - Artyom Prokudin
  • Here is the official documentation for creating authorized requests - Artem Prokudin