Twitter API returns error 215, Bad Authentication Data

A very concise code without any other php file include of oauth etc.Please note to obtain following keys you need to sign up with https://dev.twitter.com and create application.

<?php$token = 'YOUR_TOKEN';$token_secret = 'YOUR_TOKEN_SECRET';$consumer_key = 'CONSUMER_KEY';$consumer_secret = 'CONSUMER_SECRET';$host = 'api.twitter.com';$method = 'GET';$path = '/1.1/statuses/user_timeline.json'; // api call path$query = array( // query parameters    'screen_name' => 'twitterapi',    'count' => '5');$oauth = array(    'oauth_consumer_key' => $consumer_key,    'oauth_token' => $token,    'oauth_nonce' => (string)mt_rand(), // a stronger nonce is recommended    'oauth_timestamp' => time(),    'oauth_signature_method' => 'HMAC-SHA1',    'oauth_version' => '1.0');$oauth = array_map("rawurlencode", $oauth); // must be encoded before sorting$query = array_map("rawurlencode", $query);$arr = array_merge($oauth, $query); // combine the values THEN sortasort($arr); // secondary sort (value)ksort($arr); // primary sort (key)// http_build_query automatically encodes, but our parameters// are already encoded, and must be by this point, so we undo// the encoding step$querystring = urldecode(http_build_query($arr, '', '&'));$url = "https://$host$path";// mash everything together for the text to hash$base_string = $method."&".rawurlencode($url)."&".rawurlencode($querystring);// same with the key$key = rawurlencode($consumer_secret)."&".rawurlencode($token_secret);// generate the hash$signature = rawurlencode(base64_encode(hash_hmac('sha1', $base_string, $key, true)));// this time we're using a normal GET query, and we're only encoding the query params// (without the oauth params)$url .= "?".http_build_query($query);$url=str_replace("&","&",$url); //Patch by @Frewuill$oauth['oauth_signature'] = $signature; // don't want to abandon all that work!ksort($oauth); // probably not necessary, but twitter's demo does it// also not necessary, but twitter's demo does this toofunction add_quotes($str) { return '"'.$str.'"'; }$oauth = array_map("add_quotes", $oauth);// this is the full value of the Authorization line$auth = "OAuth " . urldecode(http_build_query($oauth, '', ', '));// if you're doing post, you need to skip the GET building above// and instead supply query parameters to CURLOPT_POSTFIELDS$options = array( CURLOPT_HTTPHEADER => array("Authorization: $auth"),                  //CURLOPT_POSTFIELDS => $postfields,                  CURLOPT_HEADER => false,                  CURLOPT_URL => $url,                  CURLOPT_RETURNTRANSFER => true,                  CURLOPT_SSL_VERIFYPEER => false);// do our business$feed = curl_init();curl_setopt_array($feed, $options);$json = curl_exec($feed);curl_close($feed);$twitter_data = json_decode($json);foreach ($twitter_data as &$value) {   $tweetout .= preg_replace("/(http:\/\/|(www\.))(([^\s<]{4,68})[^\s<]*)/", '<a href="http://$2$3" target="_blank">$1$2$4</a>', $value->text);   $tweetout = preg_replace("/@(\w+)/", "<a href=\"http://www.twitter.com/\\1\" target=\"_blank\">@\\1</a>", $tweetout);   $tweetout = preg_replace("/#(\w+)/", "<a href=\"http://search.twitter.com/search?q=\\1\" target=\"_blank\">#\\1</a>", $tweetout);}echo $tweetout;?>

Regards

The only solution I've found so far is:

• Create application in twitter developer panel
• Authorize user with your application (or your application in user account) and save "oauth_token" and "oauth_token_secret" which Twitter gives you. Use TwitterOAuth library for this, it's pretty easy, see examples coming with library.

• Using this tokens you can make authenticated requests on behalf of user. You can do it with the same library.

  // Arguments 1 and 2 - your application static tokens, 2 and 3 - user tokens, received from Twitter during authentification  $connection = new TwitterOAuth(TWITTER_CONSUMER_KEY, TWITTER_CONSUMER_SECRET, $tokens['oauth_token'], $tokens['oauth_token_secret']);  $connection->host = 'https://api.twitter.com/1.1/'; // By default library uses API version 1.  $friendsJson = $connection->get('/friends/ids.json?cursor=-1&user_id=34342323');  

This will return you list of user's friends.

FOUND A SOLUTION - using the Abraham TwitterOAuth library. If you are using an older implementation, the following lines should be added after the new TwitterOAuth object is instantiated:

$connection->host = "https://api.twitter.com/1.1/";$connection->ssl_verifypeer = TRUE;$connection->content_type = 'application/x-www-form-urlencoded';

The first 2 lines are now documented in Abraham library Readme file, but the 3rd one is not. Also make sure that your oauth_version is still 1.0.

Here is my code for getting all user data from 'users/show' with a newly authenticated user and returning the user full name and user icon with 1.1 - the following code is implemented in the authentication callback file:

session_start();require ('twitteroauth/twitteroauth.php');require ('twitteroauth/config.php');$consumer_key = '****************';$consumer_secret = '**********************************';$to = new TwitterOAuth($consumer_key, $consumer_secret);$tok = $to->getRequestToken('http://exampleredirect.com?twitoa=1');$token = $tok['oauth_token'];$secret = $tok['oauth_token_secret'];//save tokens to session$_SESSION['ttok'] = $token;$_SESSION['tsec'] = $secret;$request_link = $to->getAuthorizeURL($token,TRUE);header('Location: ' . $request_link);

The following code then is in the redirect after authentication and token request

if($_REQUEST['twitoa']==1){    require ('twitteroauth/twitteroauth.php');    require_once('twitteroauth/config.php');    //Twitter Creds    $consumer_key = '*****************';    $consumer_secret = '************************************';    $oauth_token = $_GET['oauth_token']; //ex Request vals->http://domain.com/twitter_callback.php?oauth_token=MQZFhVRAP6jjsJdTunRYPXoPFzsXXKK0mQS3SxhNXZI&oauth_verifier=A5tYHnAsbxf3DBinZ1dZEj0hPgVdQ6vvjBJYg5UdJI    $ttok = $_SESSION['ttok'];    $tsec = $_SESSION['tsec'];    $to = new TwitterOAuth($consumer_key, $consumer_secret, $ttok, $tsec);    $tok = $to->getAccessToken();    $btok = $tok['oauth_token'];    $bsec = $tok['oauth_token_secret'];    $twit_u_id = $tok['user_id'];    $twit_screen_name = $tok['screen_name'];    //Twitter 1.1 DEBUG    //print_r($tok);    //echo '<br/><br/>';    //print_r($to);    //echo '<br/><br/>';    //echo $btok . '<br/><br/>';    //echo $bsec . '<br/><br/>';    //echo $twit_u_id . '<br/><br/>';    //echo $twit_screen_name . '<br/><br/>';    $twit_screen_name=urlencode($twit_screen_name);    $connection = new TwitterOAuth($consumer_key, $consumer_secret, $btok, $bsec);    $connection->host = "https://api.twitter.com/1.1/";    $connection->ssl_verifypeer = TRUE;    $connection->content_type = 'application/x-www-form-urlencoded';    $ucontent = $connection->get('users/show', array('screen_name' => $twit_screen_name));    //echo 'connection:<br/><br/>';    //print_r($connection);    //echo '<br/><br/>';    //print_r($ucontent);    $t_user_name = $ucontent->name;    $t_user_icon = $ucontent->profile_image_url;    //echo $t_user_name.'<br/><br/>';    //echo $t_user_icon.'<br/><br/>';}

It took me way too long to figure this one out. Hope this helps someone!!