It is a case of tool maturity, but it's a heck of a steep hill to
climb up when comparing HTTP Basic Auth to any alternatives.
Comparable toolsets for a wide range of languages and environments
won't be available for a long time, if ever.
In addition, my real concern, as stated above, is with app
When my application had OAuth I was doing all of the requests using
OAuth in the headers and it worked fine... Perhaps you are experiencing
a transient issues. If you have never been able to make a protected
resource request there may be an error in your implementation.
Dimebrain wrote:
Ju
I, too, have a bunch of automated scripts accounts that I will be
attempting to move to OAuth in the near future. My plan is just to
create a "dummy" app under my main account and then write a simple
"Get Your Access Token" page on my website and use it for each of my
"bot" accounts to create and
Hi there,
This is a known issue [1] that I have been working on for some
time. I have a fix ready to be deployed next week so hopefully this
will start working correctly. Every API user wants and deserves the
correct data and the cache should work correctly to keep load off the
datab
Hi all,
Resurrecting an old thread in order to kill it, or at least wound
it. We just deployed a /friendships/add page that is the opposite of /
blocks/confirm. Check out http://twitter.com/friendships/add/mzsanford
for an example. There are upcoming plans to build out that page some
m
On Thu, Mar 26, 2009 at 7:30 PM, Elliott Kember
wrote:
>
>> If you don't have a database storing the access tokens or indefinite
>> sessions on your webserver storing them, then the user will have to
>> login everytime. There's no way to get an access token without users
>> going through the OAu
Hi there,
As part of the OAuth changes I've been planning start restricting
the GET/POST operations some more. If you follow this list you have
probably noticed that people using POST in place of GET has been the
source of many OAuth errors. If that gets added things like this will
br
OIC,
you just want more followers :)
This is pretty cool. I am assuming that there will be no additional
API call introduced here since friendships/create already does this
API-wise?
-Chad
On Fri, Mar 27, 2009 at 11:20 AM, Matt Sanford wrote:
> Hi all,
> Resurrecting an old thread in orde
Hi Chad,
Correct. This was just for sites that have a Web UI, want to
suggest people to follow, and don't want to collect passwords just for
that one action. Things like wefollow.com (though they didn't ask for
it) are a prime example.
Thanks;
— Matt
On Mar 27, 2009, at 08:33 AM, C
Hi there,
Is your application registered as read-only by chance? If it is
POSTs will fail but the message should be a little more descriptive.
Thanks;
— Matt
On Mar 26, 2009, at 11:34 AM, Baishampayan Ghose wrote:
I'm having a little trouble with oAuth - I'm getting an Invalid OAu
Thanks, Brandon. I was following, but tweets get lost in the clutter.
I've added it to my rss reader so hopefully I've got the bases covered
now.
On Mar 25, 4:28 pm, Brandon Geiger wrote:
> you should follow @twitterapi - easier to keep up with announcements
> regarding the API and OAuth. It wen
On Fri, Mar 27, 2009 at 11:00 AM, Chad Etzel wrote:
>
> Anyone else dealing with the script/automation issue in a different manner?
>
That's pretty much going to be my plan. Dummy "Script Automation of
Doom" Application and then just a basic webapp that auths and does
it's thing for that to get
Hey guys, this is probably a pretty basic question - but somehow I
haven't been able to find the answer...
When a user logs into my web app for the first time using OAuth, and I
receive the "oauth_access_token" and "oauth_access_token_secret", I
realize I need to save these to the database, but h
Seriously guys, whats the point in implementing OAuth for stuff like
this? Why do you need to "delegate" access rights to your scripts, your
scripts _are_ you, acting as a proxy to the Twitter API as you.
OAuth is for delegating access to a third party and is not the right
tool for this job,
On Fri, Mar 27, 2009 at 11:20 AM, Matt Sanford wrote:
> There are upcoming plans to build out that page some more, so don't everyone
> reply at once about what's not on there ;). Since this isn't the highest
> priority change being discussed I wanted to get a minimal version out so
> people could
2 options:
1) Roll your own authentication or use something like OpenID, Facbook
Connect, etc.
2) Send the users through the OAuth flow every time they visit your site.
Abraham
On Fri, Mar 27, 2009 at 02:29, Chris wrote:
>
> Hey guys, this is probably a pretty basic question - but somehow I
> h
I've done some console based hacking about with Flickr in the past and
the approach has been as you describe. Using token based auth means
the user needs to tell twitter that it is ok for your app to access
their content. This means there is a token waiting for your app.
On the web this is
It's giving me this error message when I attempt to add/change my
background image:
1 error prohibited this current user from being saved
There was a problem with the following field:
* Description is too long (maximum is 160 characters)
Hi there,
Just to let everybody know, I'm currently working on a way for
you to use Twitter for login without getting back a new access token
every time. The database churn is not good for performance, and the re-
authorize is a crappy user experience. It's really a lose-lose at the
mo
Hi Chad,
The oauth authorization login does not propagate sessions to the
main site but the oauth logout does blank out your cookies. The
combination of these two things is the cause for your issue. During
initial development myself and the UX guy used a bunch of test
accounts and ra
So say I send them through the OAuth flow everytime, would there then
be any reason to persist their access tokens in the DB? as I could
just save it to the session when they run through the flow again.
On Mar 27, 9:39 am, Abraham Williams <4bra...@gmail.com> wrote:
> 2 options:
> 1) Roll your ow
On Fri, Mar 27, 2009 at 12:33 PM, Joshua Perry wrote:
> Seriously guys, whats the point in implementing OAuth for stuff like this?
> Why do you need to "delegate" access rights to your scripts, your scripts
> _are_ you, acting as a proxy to the Twitter API as you.
>
If Basic Auth is going to go
Thats exactly what I am saying, just because OAuth is the hammer that
the Twitter developers are providing to solve the third party delegation
problem doesn't make every problem a "nail", and I don't understand why
everyone is jumping on board trying to shoehorn OAuth into every
authentication
If you don't need to access the API as the user in between sessions then
currently no.
On Fri, Mar 27, 2009 at 12:00, Chris wrote:
>
> So say I send them through the OAuth flow everytime, would there then
> be any reason to persist their access tokens in the DB? as I could
> just save it to the
Fair enough. I'm most confused about the fact that moving from
request_token -> access_token doesn't want to use the
oauth_token_secret that comes with the initial unauthenticated request
token, in fact if I try to hash the signature with that it will fail.
I got over that and my implementation i
It seems to me that Twitter themselves have said (or at least heavily
implied) that Basic Auth will GO AWAY in the future. Therefore, OAuth
will be the ONLY hammer to use when driving nails.
Now, if that stance has changed and Basic Auth will be available
forever more, then I am more than happy
Well, on my site I'll say something like "If you're logged in to
Twitter already, click here to log in." It works the same way as with
OpenID.
If they aren't logged into Twitter, they're prompted for their
username and password at Twitter's site. Then they're taken straight
back to mine.
If they
Hello there,
It seems there have been a few threads lately that end in
frustration about Basic Auth going away. Going into the OAuth beta we
were thinking that we would ideally [1] turn off Basic Auth in the
future. Based on the feedback (that's what betas are for, right?)
we've seen
On Fri, Mar 27, 2009 at 4:04 PM, Matt Sanford wrote:
> The low barrier to entry with the Twitter API it a great feature we
> don't want to lose. We think about it often, and I think about it all of the
> time in relation to OAuth. I see this as a concern as much as cron jobs and
> TwitPic int
Hi matt,
I generally like the idea and implementation of oauth and the general
flow.
My main issue is for the vast amount of sites such as twe2 and twollo
that key their accounts off twitter and use twitter as an
authentication mechanism now have to introduce a new login mechanism
and a
Hi Paul,
In a reply to a previous thread today I mentioned we're working
on making that login scenario easier. I am working on it as we speak
(or, type, rather).
Thanks;
— Matt
On Mar 27, 2009, at 02:32 PM, Paul Kinlan wrote:
Hi matt,
I generally like the idea and implementation o
Ivan,
Iain of @tweetdeck brought this use case to my attention during devnest so
it is certainty something we want to address with OAuth. We still consider
OAuth's current implementation as a beta, and thus incomplete. The pattern
for proxied approval hasn't been decided but as I said, is on our mi
Does anyone have working code on how an unattended request from an app
would work?
-Adam
On Mar 10, 11:25 am, Cameron Kaiser wrote:
> > > The real trick was what to do with keys in an open source app, but
> > > fortunately the key issue is already solved because Twitter is presumably
> > > not
I'm a complete newbie, so apologies if this isn't an appropriate forum
for my question.
I would like to set up a Twitter account that automatically retweets
the tweets from a list of followed accounts. (I hope that makes
sense.)
The idea is that a group of people chimes in on a specific topic,
I've been playing around using fsockopen to interact with the API but I"m
having issues getting ssl to work.
My understanding is the call should look something like this:
@fsockopen('ssl://twitter.com', 443, $errno, $errstr, $this->timeout) but it
always returns a html 400 page. If i drop the ssl:
Has anyone integrated SQL 2005 or SQL 2008 directly with the twitter
API? If so I'd sure love to hear how you've done it.
Thanks!
Craig
Using the seach API (search.twitter.com/search.json) I would like to
be able to retrieve old posts for a given query. I currently use a
combination of since_id and until, but, I can only get the last 1500
posts for any given day - the problem being that the until date only
specifies the date p
Hey guys !
I looking for a way to create a RETweet link that captures the url and
the title. I need to display RT + @MUTWITTERURL + $BloggerPostTitle +
$BloggerURL.
The idea is pretty similar with what tweetmeme.com does but I want to
be able to customize the @MUTWITTERURL. I guess that the leng
The workflow you describe has actually always bothered me, and I think
is the kind of thing OAuth is trying to combat.
Twitpic is not an official service of Twitter, but it seems to be
treated as such by many clients, which silently share their users'
Twitter authentication information. Any clien
Perhaps I'm completely missing this, but if I can properly
authenticate a user in a PHP script, how can I then retrieve their
updates for a particular date?
You can use the since parameter for going up to 24 hours old. Otherwise you
have to just manually page back until you get what you need.
On Fri, Mar 27, 2009 at 23:34, Dan wrote:
>
> Perhaps I'm completely missing this, but if I can properly
> authenticate a user in a PHP script, how can I then
http://twitter.com/home/?status=RT+your+text+here";>Retweet
On Fri, Mar 27, 2009 at 22:55, t0ny wrote:
>
> Hey guys !
>
> I looking for a way to create a RETweet link that captures the url and
> the title. I need to display RT + @MUTWITTERURL + $BloggerPostTitle +
> $BloggerURL.
>
> The idea is
I had a gaff in the bit of code that was parsing out the tokens in
Twitter's response, and for whatever reason these badly parsed tokens
worked just fine all the way up until a protected resource call. I'm
glad it's resolved, but I didn't enjoy going over my OAuth code in
excruciating detail a few
43 matches
Mail list logo
