[twitter-dev] Re: OAuth Echo problem in python
If you were seeing a 400 Bad Req, you were most likely sending a bad upload to the API. We only return a 400 Bad Req if the image is not found, the multipart form-data is malformed, or if the image is 5MB. If Twitpic is having a service outage you will always get a 50x error (502 or 500). If Twitter is having an OAuth Echo outage, you will get a 401 Unauthorized from the Twitpic API. Steve Corona Twitpic On Jun 4, 3:48 pm, yml yann.ma...@gmail.com wrote: At that point both services yfrog and twipic work fine. I hate to say this but I am almost convince that the pain in the development process comes from some outage in either twitpic or Twitter Oauth Echo authentication. for the sake of completeness of this thread here it is my 2 working views :http://dpaste.com/203292/ Regards, --yml On Jun 4, 9:59 am, Yann Malet yann.ma...@gmail.com wrote: I have just uploaded the same image using the web interface :http://twitpic.com/1ttrlu http://twitpic.com/1ttrludo you have any recommendation ? On how to solve this issue. http://twitpic.com/1ttrluRegards, --yml On Fri, Jun 4, 2010 at 9:56 AM, Yann Malet yann.ma...@gmail.com wrote: Steve, The image is only 33.7kb and it is a jpg. Do you have any python sample code for the ? Regards, --yml On Fri, Jun 4, 2010 at 9:38 AM, Steve C st...@twitpic.com wrote: Twitpic will only 400 Bad Request you if it can't find the image in your multipart/form- data or if the image is invalid (not jpg/png/gif or 5MB in size). Thanks, Steve C Twitpic On Jun 4, 9:20 am, Yann Malet yann.ma...@gmail.com wrote: If I send this request to 127.0.0.1:9000 without the file here it is the string I can observe : (ve)y...@yml-laptop:jess3$ netcat -l -p 9000 POST / HTTP/1.1 Accept-Encoding: identity Content-Length: 377 X-Auth-Service-Provider: https://api.twitter.com/1/account/verify_credentials.json Host: 127.0.0.1:9000 User-Agent: Python-urllib/2.6 Connection: close Content-Type: multipart/form-data; boundary=a45bd25da2844dac81003987b3c19e18 X-Verify-Credentials-Authorization: OAuth realm= http://api.twitter.com/;, oauth_signature_method=HMAC-SHA1, oauth_consumer_key=y2hEqGNEmyjU2De3hNcg, oauth_token=90476798-5VZeNLpXUCaJ06UaWve2c4JVfdcJj5D4r21JxUFM, oauth_signature=NMPlU4cRYl0b6jbQJ1xGXaZ5%2FpM%3D --a45bd25da2844dac81003987b3c19e18 Content-Disposition: form-data; name=key Content-Type: text/plain; charset=utf-8 Content-Length: 32 4bb040d1ec65427f8038cdd60a12cde2 --a45bd25da2844dac81003987b3c19e18 Content-Disposition: form-data; name=message Content-Type: text/plain; charset=utf-8 Content-Length: 13 copine et moi --a45bd25da2844dac81003987b3c19e18-- ^C (ve)y...@yml-laptop:jess3$ Does any one can spot the issue ? Regards, --yml On Fri, Jun 4, 2010 at 9:14 AM, Yann Malet yann.ma...@gmail.com wrote: Hello Zac, I rewrote everything in my app based on python-oauth2 : http://dpaste.com/203168/ The file is still hardcoded to ease the comprehension. I hope this will help you to spot my issue. The error message I get from twitpic is 400 bad request. Regards, --yml class OAuthEchoRequest(oauth.Request): def to_header(self, realm='http://api.twitter.com/'): headers = super(OAuthEchoRequest, self).to_header(realm=realm) return {'X-Verify-Credentials-Authorization': headers['Authorization']} @login_required def twitpic_upload_photo(request): if request.method == 'POST': form = PhotoForm(request.POST, request.FILES) if form.is_valid(): profile = Profile.objects.get(user=request.user) token = oauth.Token(profile.oauth_token, profile.oauth_secret) params = { 'oauth_consumer_key': settings.TWITTER_CONSUMER_KEY, 'oauth_signature_method':HMAC-SHA1, 'oauth_token':token.key, 'oauth_timestamp':oauth.generate_timestamp(), 'oauth_nonce':oauth.generate_nonce(), 'oauth_version':'1.0' } oauth_echo_request = OAuthEchoRequest(method=GET, url=settings.TWITTER_VERIFY_CREDENTIALS, #parameters=params ) signature=oauth_echo_request.sign_request(oauth.SignatureMethod_HMAC_SHA1() , consumer, token) headers = oauth_echo_request.to_header() headers['X-Auth-Service-Provider'] = settings.TWITTER_VERIFY_CREDENTIALS #with multipart_encode values = [ MultipartParam
[twitter-dev] Re: OAuth Echo problem in python
Twitpic will only 400 Bad Request you if it can't find the image in your multipart/form- data or if the image is invalid (not jpg/png/gif or 5MB in size). Thanks, Steve C Twitpic On Jun 4, 9:20 am, Yann Malet yann.ma...@gmail.com wrote: If I send this request to 127.0.0.1:9000 without the file here it is the string I can observe : (ve)y...@yml-laptop:jess3$ netcat -l -p 9000 POST / HTTP/1.1 Accept-Encoding: identity Content-Length: 377 X-Auth-Service-Provider:https://api.twitter.com/1/account/verify_credentials.json Host: 127.0.0.1:9000 User-Agent: Python-urllib/2.6 Connection: close Content-Type: multipart/form-data; boundary=a45bd25da2844dac81003987b3c19e18 X-Verify-Credentials-Authorization: OAuth realm=http://api.twitter.com/;, oauth_signature_method=HMAC-SHA1, oauth_consumer_key=y2hEqGNEmyjU2De3hNcg, oauth_token=90476798-5VZeNLpXUCaJ06UaWve2c4JVfdcJj5D4r21JxUFM, oauth_signature=NMPlU4cRYl0b6jbQJ1xGXaZ5%2FpM%3D --a45bd25da2844dac81003987b3c19e18 Content-Disposition: form-data; name=key Content-Type: text/plain; charset=utf-8 Content-Length: 32 4bb040d1ec65427f8038cdd60a12cde2 --a45bd25da2844dac81003987b3c19e18 Content-Disposition: form-data; name=message Content-Type: text/plain; charset=utf-8 Content-Length: 13 copine et moi --a45bd25da2844dac81003987b3c19e18-- ^C (ve)y...@yml-laptop:jess3$ Does any one can spot the issue ? Regards, --yml On Fri, Jun 4, 2010 at 9:14 AM, Yann Malet yann.ma...@gmail.com wrote: Hello Zac, I rewrote everything in my app based on python-oauth2 : http://dpaste.com/203168/ The file is still hardcoded to ease the comprehension. I hope this will help you to spot my issue. The error message I get from twitpic is 400 bad request. Regards, --yml class OAuthEchoRequest(oauth.Request): def to_header(self, realm='http://api.twitter.com/'): headers = super(OAuthEchoRequest, self).to_header(realm=realm) return {'X-Verify-Credentials-Authorization': headers['Authorization']} @login_required def twitpic_upload_photo(request): if request.method == 'POST': form = PhotoForm(request.POST, request.FILES) if form.is_valid(): profile = Profile.objects.get(user=request.user) token = oauth.Token(profile.oauth_token, profile.oauth_secret) params = { 'oauth_consumer_key': settings.TWITTER_CONSUMER_KEY, 'oauth_signature_method':HMAC-SHA1, 'oauth_token':token.key, 'oauth_timestamp':oauth.generate_timestamp(), 'oauth_nonce':oauth.generate_nonce(), 'oauth_version':'1.0' } oauth_echo_request = OAuthEchoRequest(method=GET, url=settings.TWITTER_VERIFY_CREDENTIALS, #parameters=params ) signature=oauth_echo_request.sign_request(oauth.SignatureMethod_HMAC_SHA1() , consumer, token) headers = oauth_echo_request.to_header() headers['X-Auth-Service-Provider'] = settings.TWITTER_VERIFY_CREDENTIALS #with multipart_encode values = [ MultipartParam('key',value=settings.TWITPIC_API_KEY), MultipartParam('message',value=form.cleaned_data['message']), MultipartParam('media', filename='copine_moi.jpg', filetype='image/jpeg', fileobj=open(/home/yml/Desktop/copine_moi.jpg,rb)) ] register_openers() datagen, heads = multipart_encode(values) headers.update(heads) req = urllib2.Request(settings.TWITPIC_API_URL, datagen, headers) # Post to netcat #req = urllib2.Request(http://127.0.0.1:9000;, datagen, headers) #with urlencode #values = {} #values['key'] = MultipartParam(settings.TWITPIC_API_KEY) #values['message'] = MultipartParam(form.cleaned_data['message']) #values['media'] = open(/home/yml/Desktop/copine_moi.jpg, rb).read() #data = urllib.urlencode(values) #req = urllib2.Request(settings.TWITPIC_API_URL, data, headers) response = urllib2.urlopen(req) return HttpResponse(the photo is posted) else: form = PhotoForm() return direct_to_template(request, twitter_integration/photo_form.html, {form:form,}) On Thu, Jun 3, 2010 at 10:48 PM, Zac Bowling zbowl...@gmail.com wrote: Hi Yann, I don't see anything obvious that stands out as wrong to me in your implementation from just looking at it, but I'm not sure. I do have OAuth Echo code working for Twitpic
[twitter-dev] Re: OAuth Echo problem in python
I just looked at your code briefly, but I believe the problem is this line: oauth_request = TwitpicOAuthRequest(http_method=POST, http_url=settings.TWITPIC_API_URL, The OAuth Request needs to be signed using the Twitter Endpoint (https://api.twitter.com/1/account/verify_credentials.json), not the Twitpic API URL. Try something like this: oauth_request = TwitpicOAuthRequest(http_method=GET, http_url=https://api.twitter.com/1/account/verify_credentials.json;, On Jun 3, 2:38 pm, yml yann.ma...@gmail.com wrote: I would greatly appreciate any help. Here it is the latest evolution of this piece of code : class TwitpicOAuthRequest(OAuthRequest): def to_header(self, realm='http://api.twitter.com/'): headers = super(TwitpicOAuthRequest, self).to_header(realm=realm) return {'X-Verify-Credentials-Authorization': headers['Authorization']} def post_photo(request): if request.method == 'POST': form = PhotoForm(request.POST, request.FILES) if not request.session.get('twitter_access_token'): return HttpResponse(Not authenticated) if form.is_valid(): access_token = request.session['twitter_access_token'] params = { 'oauth_consumer_key': settings.TWITTER_CONSUMER_KEY, 'oauth_signature_method':HMAC-SHA1, 'oauth_token':access_token.key, 'oauth_timestamp':oauth.generate_timestamp(), 'oauth_nonce':oauth.generate_nonce(), 'oauth_version':'1.0' } consumer = oauth.OAuthConsumer(key=settings.TWITTER_CONSUMER_KEY, secret=settings.TWITTER_CONSUMER_SECRET) token = oauth.OAuthToken(key=access_token.key, secret=access_token.secret) oauth_request = TwitpicOAuthRequest(http_method=GET, #http_url=settings.TWITPIC_API_URL, http_url=settings.TWITTER_VERIFY_CREDENTIALS, parameters=params) signature=oauth_request.sign_request(OAuthSignatureMethod_HMAC_SHA1(), consumer, access_token) headers = oauth_request.to_header() headers['X-Auth-Service-Provider'] = settings.TWITTER_VERIFY_CREDENTIALS #with multipart_encode values = [ MultipartParam('key',value=settings.TWITPIC_API_KEY), MultipartParam('message',value=form.cleaned_data['message']), MultipartParam('media', filename='copine_moi.jpg', filetype='image/jpeg', fileobj=open(/home/yml/Desktop/ copine_moi.jpg,rb)) ] register_openers() datagen, heads = multipart_encode(values) headers.update(heads) req = urllib2.Request(settings.TWITPIC_API_URL, datagen, headers) # Post to netcat -l -p 9000 #req = urllib2.Request(http://127.0.0.1:9000;, datagen, headers) #with urlencode #values = {} #values['key'] = MultipartParam(settings.TWITPIC_API_KEY) #values['message'] = MultipartParam(form.cleaned_data['message']) #values['media'] = open(/home/yml/Desktop/ copine_moi.jpg, rb).read() #data = urllib.urlencode(values) #req = urllib2.Request(settings.TWITPIC_API_URL, data, headers) response = urllib2.urlopen(req) return HttpResponse(the photo is posted) else: form = PhotoForm(initial={created_at:datetime.now()}) return render_to_response(twitter_integration/photo_form.html, {form:form,}, context_instance=RequestContext(request)) On Jun 3, 11:20 am, yml yann.ma...@gmail.com wrote: Hello, I am in the process of writing a python web app that should enable the user to post picture to twitpic using the Oauth Echo authorization mechanism. The application is already able to post tweet using the Oauth authentication so the access_token is available to us in the session. So my question to you guys is that it would be great if someone could point what is the issue in the code below or paste some sample code that upload a picture in python to twitpic. # OauthRequest is from the python-oauth lib # I overide the to_header method to return a dict with the right key. class TwitpicOAuthRequest(OAuthRequest): def to_header(self, realm='http://api.twitter.com/'): headers = super(TwitpicOAuthRequest, self).to_header(realm=realm) return {'X-Verify-Credentials-Authorization': headers['Authorization']} def post_photo(request): if request.method == 'POST': form = PhotoForm(request.POST, request.FILES) if not request.session.get('twitter_access_token'): return HttpResponse(Not authenticated)
[twitter-dev] @Anywhere auto-redirecting users to twitter.com/undefined
We had some reports over the weekend of users using older browsers (Firefox 2.0 was mentioned) being auto-redirected to twitter.com/ undefined due to @anywhere. Anyone else having the same issue?
[twitter-dev] Re: @Anywhere auto-redirecting users to twitter.com/undefined
Right, I understand that it's not supported on older browsers but I think that it's unacceptable behavior for @anywhere to redirect a user from our site to a broken page on twitter.com. It seems like a defect, even if the browser is not supported (it should just do nothing- not cause issues). Is there anyway that @anywhere can do some browser sniffing and cleanly exit out if the features you need are not supported? Thanks, Steve Corona Twitpic On Jun 1, 9:57 am, Taylor Singletary taylorsinglet...@twitter.com wrote: Hi Steve, Sorry about the issues. @Anywhere supports the following browsers (fromhttp://dev.twitter.com/anywhere/begin): Version 1 of @Anywhere supports the following browsers: - Firefox 3.x - Chrome 4 - Safari 4 - Opera 10 - Internet Explorer 6, 7, and 8 Taylor Singletary Developer Advocate, Twitterhttp://twitter.com/episod On Tue, Jun 1, 2010 at 6:50 AM, Steve C st...@twitpic.com wrote: We had some reports over the weekend of users using older browsers (Firefox 2.0 was mentioned) being auto-redirected to twitter.com/ undefined due to @anywhere. Anyone else having the same issue?
[twitter-dev] Re: Serious @Anywhere Uncommanded redirect
Thanks for posting this, I'm glad someone else is seeing the same issue as us. Similarly, I was disappointed with the response from Twitter- maybe I didn't explain the problem well enough. Unfortunately, we had to pull @anywhere from Twitpic until they get the issue resolved. Steve Corona On Jun 1, 11:11 pm, BevHoward bevhow...@gmail.com wrote: My users (none of them twitter users) are experiencing uncommanded redirects to (undefined) twitter pages when they go to sites such as washington post which, based on the limited information I have been able to glean, is running @anywhere I found one post at http://www.devcomments.com/Anywhere-auto-redirecting-users-to-twitter... where a twitter response indicates that the problem is due to the users' browser This seems to be a totally unethical response to a twitter process that hijacks non twitter users browsers and prevents them from accessing content they are attempting to access. Anyone at twitter care to comment on how _not twitter_ users are supposed to deal with these problems? Beverly Howard
[twitter-dev] Re: oAuth Echo Enabled Providers
Hi Rich- Nice catch! During one of our deployments today, we mistakingly switched the OAuth Echo API to use Twitter's Non-SSL Endpoint. I just pushed a fix for it- can you let me know if everything works correctly for you again? (Coincidently, the deployment that turned off SSL for the API was turning SSL on for another part of the website. :P) Thanks! Steve Corona Twitpic On May 20, 6:44 pm, Rich rhyl...@gmail.com wrote: A bit more debugging and oAuth Echo only seems to be broken over SSL, change the realm, provider and signing request tohttp://api.twitter.com/1/account/verify_credentials.jsoninstead ofhttps://api.twitter.com/1/account/verify_credentials.jsonand it'll go through On May 20, 11:23 pm, Rich rhyl...@gmail.com wrote: Scrap that, looks like oAuth echo is almost totally broken right now, only Twitgoo seems to be working, both MobyPicture and TwitPic constantly return a 401, and on the very odd occasion one does make it through Twitter itself returns a 500 status error (even though it actually posts the message) On May 20, 11:00 pm, Rich rhyl...@gmail.com wrote: Look's like TwitPic's oAuth Echo has broken again, can anyone else confirm? On May 20, 9:49 pm, Justin Hart onyxra...@gmail.com wrote: This is now active on Twitgoo. You can see the documentation here:http://twitgoo.com/docs/Content/Developer/upload.htm On May 19, 9:05 am, Justin Hart onyxra...@gmail.com wrote: I am the lead dev on Twitgoo and I just built full echo support for 'upload' there. Its on the beta site right now, so if you want to test, please contact me for the info, otherwise it should be out by the end of the week. It will have full support of header, query string and multipart body parameters. On May 17, 2:47 pm, Rich rhyl...@gmail.com wrote: With the impending switch off of Basic Auth, should we keep a list of media providers and external services that have already made the switch to oAuth Echo. So far I've found and tested TwitPic - full oAuth Echo support TwitVid - oAuth Echo by sending as a URL parameter I know MobyPicture intend to have oAuth Echo enabled this month. Any others any one knows of?
[twitter-dev] Re: alert() in anywhere.js
We just rolled out @anywhere yesterday and some of our users are experiencing similar issues. http://twitpic.com/1p00d6 Steve On May 14, 6:57 pm, Larry la...@topsy.com wrote: I just came across a coworker's browser that triggered analert() call fromanywhere.js. While okay for development, the use ofalert() is not friendly for production websites. Could these be converted console.log() or some other benign mechanism? Grepping throughanywhere.js I found two instances ofalert(): alert(To set up @anywhere, please provide a client ID); alert(No version matching +Z); Cheers Larry
[twitter-dev] Re: alert() in anywhere.js
What is your ETA on rolling out the change? We are deciding on whether we should disable @anywhere until alert() is removed. On May 19, 2:41 pm, Dan Webb d...@twitter.com wrote: On Wed, May 19, 2010 at 11:27 AM, Steve C st...@twitpic.com wrote: We just rolled out @anywhere yesterday and some of our users are experiencing similar issues. http://twitpic.com/1p00d6 We rolled out a fix at the weekend that we fixed all the browsers that we test under but there are obviously still some browsers getting the issue. I think we'll use console.info to display these message instead of an alert. We wanted to let developers know that they needed a clientID in the most noticable way but to avoid unintended annoyance of users we'll move to console.log. Thanks, -- Dan Webb Front-end Engineer, Platform d...@twitter.com / @danwrong +1 415 425 5631
[twitter-dev] Re: alert() in anywhere.js
Thanks Dan- We appreciate you your teams hard work. On May 19, 2:53 pm, Dan Webb d...@twitter.com wrote: On Wed, May 19, 2010 at 11:48 AM, Damon Clinkscales sca...@pobox.com wrote: On Wed, May 19, 2010 at 1:41 PM, Dan Webb d...@twitter.com wrote: On Wed, May 19, 2010 at 11:27 AM, Steve C st...@twitpic.com wrote: Just wondering...does TwitPic have a bug or misconfiguration or is this an @anywhere bug? Javascript errors at startup time (in these cases by browser bugs in certain browsers that we don't support) are causing the initialization to terminate early leaving the client ID unset. We're going to ensure that unsupport browsers fail silently rather than triggering this alert. ETA for fix is within the hour. -- Dan Webb Front-end Engineer, Platform d...@twitter.com / @danwrong +1 415 425 5631
[twitter-dev] Re: alert() in anywhere.js
I am assuming they will create a dummy function that will be used console.log is undefined- otherwise, you are very right. On May 19, 3:03 pm, nischalshetty nischalshett...@gmail.com wrote: One of us is crazy here. If I'm not wrong console.log belongs to firebug. Which means you will get a javascript error on ALL browsers which do not have firebug installed and running. -Nischal On May 19, 11:41 pm, Dan Webb d...@twitter.com wrote: On Wed, May 19, 2010 at 11:27 AM, Steve C st...@twitpic.com wrote: We just rolled out @anywhere yesterday and some of our users are experiencing similar issues. http://twitpic.com/1p00d6 We rolled out a fix at the weekend that we fixed all the browsers that we test under but there are obviously still some browsers getting the issue. I think we'll use console.info to display these message instead of an alert. We wanted to let developers know that they needed a clientID in the most noticable way but to avoid unintended annoyance of users we'll move to console.log. Thanks, -- Dan Webb Front-end Engineer, Platform d...@twitter.com / @danwrong +1 415 425 5631