[twitter-dev] Whitelist Requests from REST API
Hello, I have a question about number of requests, if I signed up with twitter, let's say, to allow visualizing my data, then the app will consume my requests. how does it work if the app got whitelisted, the app will not consume my requests? Many thanks in advance, -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
[twitter-dev] search.twitter.com giving 301 redirect
Hi folks, I'm seeing an issue where requests sent to search.twitter.com get a 301 redirect, but the redirected URL is identical to the original. I think this is the exact same issue reported 3 years ago: http://groups.google.com/group/twitter-development-talk/browse_thread/thread/65e0a0990b120abf In this case, the library I'm using constructs a Host: header that includes the port number: search.twitter.com:80. From testing with other tools, it appears that if the port number is left off, the request succeeds. Any help? Thanks, -Arthur -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
Re: [twitter-dev] Using oauth in a desktop app
Thanks for clarifying ^^ Arthur. 2010/6/2 Taylor Singletary > Hi Arthur, > > Indeed it is a Quest. > > You don't need to do this entire round trip every single time. In Twitter's > OAuth implementation, when we respond with the access token to you in the > access token step, we also include the screen_name and id of the user. You > in turn should store the id, screen_name, oauth_token, and > oauth_token_secret for the user in whatever representation you like. > > Then, you use the access token to perform your resource-based API calls > from that point forward. > > You only need to do the whole OAuth song & dance once for each user (or > until the access token is revoked by the user, or if you otherwise want to > validate identity for some reason). > > Some OAuth libraries make it difficult to consume the additional query > parameters returned to you in the access token step. If this is the case, > you can make your first API call to > http://api.twitter.com/1/account/verify_credentials.json or .xml, which > will return information you need about the user in a format you can easily > consume. > > Taylor > > On Wed, Jun 2, 2010 at 1:19 PM, Arthur Pires wrote: > >> After some work (and some help from the group) my implementation works, >> but... >> >> The QUEST to get an access token >> >>1. app gets a request token from twitter >>2. user clicks a button on the ap >>3. app opens a twitter page, user types username/password >>4. twitter gives user a PIN >>5. user use this PIN in the application >>6. GREAT, finally app exchange the request token for an access token >> >> This token belongs to who? I mean, i don't even know his username! >> The user will have to repeat the steps above *every time*? >> >> I have no idea on how to fit oauth in a real application, i'm probably >> missing something :/ >> >> Thanks in advance. >> >> Arthur. >> > >
[twitter-dev] Using oauth in a desktop app
After some work (and some help from the group) my implementation works, but... The QUEST to get an access token 1. app gets a request token from twitter 2. user clicks a button on the ap 3. app opens a twitter page, user types username/password 4. twitter gives user a PIN 5. user use this PIN in the application 6. GREAT, finally app exchange the request token for an access token This token belongs to who? I mean, i don't even know his username! The user will have to repeat the steps above *every time*? I have no idea on how to fit oauth in a real application, i'm probably missing something :/ Thanks in advance. Arthur.
Re: [twitter-dev] Re: twitter keeps refusing my token request
You are right, the encoded "_" was the problem. Thank you very much, now i can move to the other requests ^^ Arthur. 2010/6/2 Taylor Singletary > Hi Arthur, > > Unrelated: recommend using SSL for all the OAuth dance operations like > request_token, access_token, and authorize > > Is there any chance you are providing the OAuth-related parameters as query > parameters in addition to providing them in the HTTP header? Have you > compared the timestamp you are using to the datetime Twitter sends on each > response in HTTP headers (up to around a 5 minute variance is tolerated). > > Also, and likely the culprit, underscore is not a reserved character in > OAuth -- I notice in your base string your are percent-encoding it in the > "request_token" part of your path -- you should be sending that without any > kind of encoding (instead of %5F). > > Taylor > > On Wed, Jun 2, 2010 at 4:22 AM, Arthur Pires wrote: > >> Thanks for finding that, but twitter still refuses it >> >> basestring: >> >> POST&http%3A%2F%2Fapi.twitter.com >> %2Foauth%2Frequest%5Ftoken&oauth_consumer_key%3DdHbWZ6idD9VEuQ5tNUufA%26oauth_nonce%3D6739551275477403%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1275477403%26oauth_version%3D1.0 >> >> authorization tag: >> >> Authorization: OAuth oauth_consumer_key="dHbWZ6idD9VEuQ5tNUufA", >> oauth_nonce="6739551275477403", oauth_signature_method="HMAC-SHA1", >> oauth_timestamp="1275477403", oauth_version="1.0", >> oauth_signature="jRYBO%2B1Nh88v3YrJgCGl5vHpAh4%3D" >> >> >> >> 2010/6/2 Ramy Daghstani >> >> i double checked the encryption of your base string against your >>> consumer key and your consumer secret and everything seems in order. >>> >>> except >>> >>> your base string has "en&oauth_consumer_key=dHbWZ6id" when it should be >>> "en&oauth_consumer_key%3DdHbWZ6id" >>> >>> byebye >>> >>> r.d. >>> >>> On Tue, 2010-06-01 at 20:30 -0700, arthurprs wrote: >>> > Nevermind, sooner after posting this i found -> "Twitter requires that >>> > all OAuth requests be signed using the HMAC-SHA1 algorithm" >>> > >>> > But i can't get it to work with hmac either :/ >>> > >>> > CONSUMERKEY = 'dHbWZ6idD9VEuQ5tNUufA'; >>> > CONSUMERSECRET = '5ZzUafGDoFcAqOEubv3TAa01xb0Z326NMK6fLLrmk0'; >>> > >>> > basestring: >>> > >>> > POST&http%3A%2F%2Fapi.twitter.com%2Foauth%2Frequest >>> > %5Ftoken&oauth_consumer_key=dHbWZ6idD9VEuQ5tNUufA%26oauth_nonce >>> > %3D248256711275449040%26oauth_signature_method%3DHMAC- >>> > SHA1%26oauth_timestamp%3D1275449040%26oauth_version%3D1.0 >>> > >>> > >>> > authorization tag: >>> > >>> > Authorization: OAuth oauth_consumer_key="dHbWZ6idD9VEuQ5tNUufA", >>> > oauth_nonce="248256711275449040", oauth_signature_method="HMAC-SHA1", >>> > oauth_timestamp="1275449040", oauth_version="1.0", >>> > oauth_signature="SaG5KExe2frRkFMvZjJqHoZEp%2Bk%3D" >>> > >>> > >>> > Someone can spot the problem? >>> > Thanks in advance >>> > Arthur. >>> >>> >>> >> >
Re: [twitter-dev] Re: twitter keeps refusing my token request
Thanks for finding that, but twitter still refuses it basestring: POST&http%3A%2F%2Fapi.twitter.com %2Foauth%2Frequest%5Ftoken&oauth_consumer_key%3DdHbWZ6idD9VEuQ5tNUufA%26oauth_nonce%3D6739551275477403%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1275477403%26oauth_version%3D1.0 authorization tag: Authorization: OAuth oauth_consumer_key="dHbWZ6idD9VEuQ5tNUufA", oauth_nonce="6739551275477403", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1275477403", oauth_version="1.0", oauth_signature="jRYBO%2B1Nh88v3YrJgCGl5vHpAh4%3D" 2010/6/2 Ramy Daghstani > i double checked the encryption of your base string against your > consumer key and your consumer secret and everything seems in order. > > except > > your base string has "en&oauth_consumer_key=dHbWZ6id" when it should be > "en&oauth_consumer_key%3DdHbWZ6id" > > byebye > > r.d. > > On Tue, 2010-06-01 at 20:30 -0700, arthurprs wrote: > > Nevermind, sooner after posting this i found -> "Twitter requires that > > all OAuth requests be signed using the HMAC-SHA1 algorithm" > > > > But i can't get it to work with hmac either :/ > > > > CONSUMERKEY = 'dHbWZ6idD9VEuQ5tNUufA'; > > CONSUMERSECRET = '5ZzUafGDoFcAqOEubv3TAa01xb0Z326NMK6fLLrmk0'; > > > > basestring: > > > > POST&http%3A%2F%2Fapi.twitter.com%2Foauth%2Frequest > > %5Ftoken&oauth_consumer_key=dHbWZ6idD9VEuQ5tNUufA%26oauth_nonce > > %3D248256711275449040%26oauth_signature_method%3DHMAC- > > SHA1%26oauth_timestamp%3D1275449040%26oauth_version%3D1.0 > > > > > > authorization tag: > > > > Authorization: OAuth oauth_consumer_key="dHbWZ6idD9VEuQ5tNUufA", > > oauth_nonce="248256711275449040", oauth_signature_method="HMAC-SHA1", > > oauth_timestamp="1275449040", oauth_version="1.0", > > oauth_signature="SaG5KExe2frRkFMvZjJqHoZEp%2Bk%3D" > > > > > > Someone can spot the problem? > > Thanks in advance > > Arthur. > > >
