73spica/twitter_user_authentication.py

## twitter_user_authentication.py
from urllib.parse import urlencode, quote, quote_plus
import hashlib
import hmac
import base64
from operator import itemgetter
import time
import requests

import os # for nonce

import config # Secret:)

def main():
    consumer_key = config.CONSUMER_KEY
    consumer_secret = config.CONSUMER_SECRET
    access_token = config.ACCESS_TOKEN
    access_token_secret = config.ACCESS_TOKEN_SECRET
    req_method = "GET"

    req_url = "https://api.twitter.com/1.1/statuses/user_timeline.json"

    # For api
    params_a = {
        "screen_name": "@73_spica",
        "count": 10
    }

    # Creating key
    key = "&".join([consumer_secret, access_token_secret])
    key = key.encode("utf-8")
    print("[+] Key:", key)

    # For authentication
    timestamp = time.time()
    nonce = os.urandom(10).hex()

    params_b = {
        "oauth_token": access_token,
        "oauth_consumer_key": consumer_key,
        "oauth_signature_method": 'HMAC-SHA1',
        "oauth_timestamp": timestamp,
        "oauth_nonce": nonce,
        "oauth_version": "1.0",

        # for test
        #"oauth_nonce": "1",
        #"oauth_timestamp": "1533648615.505744",
    }

    # Marge params
    params_c = dict(params_a)
    params_c.update(params_b)

    req_params = sorted(params_c.items(), key=itemgetter(0))
    req_params = urlencode(req_params)
    req_params = quote(req_params, safe="") # By default, quote() do not quote "/".
    print("[+] req_params:", req_params)

    enc_req_method = quote(req_method, safe="")
    enc_req_url = quote(req_url, safe="")
    signature_data = "&".join([enc_req_method, enc_req_url, req_params])
    signature_data = signature_data.encode("utf-8")

    digester = hmac.new(key, signature_data, hashlib.sha1)
    _hash = digester.digest()

    #signature = base64.urlsafe_b64encode(_hash) # Don't use urlsafe.
    signature = base64.b64encode(_hash)
    print("[+] signature:", signature)
    params_c["oauth_signature"] = signature

    # give me idea to rewrite dict into "key=value, key=value,..."
    oauth_params = urlencode(params_c)
    oauth_params = oauth_params.replace("&", ",")
    print("[+] oauth_params:", oauth_params)

    headers = {
        "Authorization": "OAuth " + oauth_params
    }

    req_url += '?' + urlencode(params_a)

    res = requests.get(req_url, headers=headers)
    data = res.json() # API response
    print(data[0]["text"])


if __name__ == "__main__":
    main()
	from urllib.parse import urlencode, quote, quote_plus
	import hashlib
	import hmac
	import base64
	from operator import itemgetter
	import time
	import requests

	import os # for nonce

	import config # Secret:)

	def main():
	consumer_key = config.CONSUMER_KEY
	consumer_secret = config.CONSUMER_SECRET
	access_token = config.ACCESS_TOKEN
	access_token_secret = config.ACCESS_TOKEN_SECRET
	req_method = "GET"

	req_url = "https://api.twitter.com/1.1/statuses/user_timeline.json"

	# For api
	params_a = {
	"screen_name": "@73_spica",
	"count": 10
	}

	# Creating key
	key = "&".join([consumer_secret, access_token_secret])
	key = key.encode("utf-8")
	print("[+] Key:", key)

	# For authentication
	timestamp = time.time()
	nonce = os.urandom(10).hex()

	params_b = {
	"oauth_token": access_token,
	"oauth_consumer_key": consumer_key,
	"oauth_signature_method": 'HMAC-SHA1',
	"oauth_timestamp": timestamp,
	"oauth_nonce": nonce,
	"oauth_version": "1.0",

	# for test
	#"oauth_nonce": "1",
	#"oauth_timestamp": "1533648615.505744",
	}

	# Marge params
	params_c = dict(params_a)
	params_c.update(params_b)

	req_params = sorted(params_c.items(), key=itemgetter(0))
	req_params = urlencode(req_params)
	req_params = quote(req_params, safe="") # By default, quote() do not quote "/".
	print("[+] req_params:", req_params)

	enc_req_method = quote(req_method, safe="")
	enc_req_url = quote(req_url, safe="")
	signature_data = "&".join([enc_req_method, enc_req_url, req_params])
	signature_data = signature_data.encode("utf-8")

	digester = hmac.new(key, signature_data, hashlib.sha1)
	_hash = digester.digest()

	#signature = base64.urlsafe_b64encode(_hash) # Don't use urlsafe.
	signature = base64.b64encode(_hash)
	print("[+] signature:", signature)
	params_c["oauth_signature"] = signature

	# give me idea to rewrite dict into "key=value, key=value,..."
	oauth_params = urlencode(params_c)
	oauth_params = oauth_params.replace("&", ",")
	print("[+] oauth_params:", oauth_params)

	headers = {
	"Authorization": "OAuth " + oauth_params
	}

	req_url += '?' + urlencode(params_a)

	res = requests.get(req_url, headers=headers)
	data = res.json() # API response
	print(data[0]["text"])



	if __name__ == "__main__":
	main()