[twitter-dev] Twitter Authentication
Hi, Im using TwitterMe api for my mobile application, I registered my application in twitter and got the consumer key and the secret key. The problem Im having is after I post a twit it gives an exception which tells javax.microedition.pki.CertificateException: Subject alternative name did not match site name This is how I do the post. Credential credential = new Credential(user, pwd,Constants.twitConsumerKey,Constants.twitConsumerSecretKey); UserAccountManager userAccMgr = UserAccountManager.getInstance(credential); if (userAccMgr.verifyCredential()) { Tweet tweet = new Tweet(message); TweetER tweeter = TweetER.getInstance(userAccMgr); tweet = tweeter.post(tweet); DialogFrame frame = new DialogFrame(); frame.setTitle(Twitter); frame.setBody(Successfully Twitted!); frame.createUI(2); } pls some body help me. Thanks in advance. pradeep. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Change in error response objects
I'm seeing these error responses on other endpoints, now. Here's the result of an OAuth authenticated request for friends_ids: {errors:[{code:53,message:Basic authentication is not supported}]} Then verify_credentials Authenticating as the same user: {request:/1/account/verify_credentials.json,error:Could not authenticate with OAuth.} Then an unauthenticated users/show for the same user: {errors:[{code:63,message:User has been suspended}]} So, I finally see what the real problem is. The inconsistency in error formats and messages is quite difficult to deal with. I'm also getting these errors for friends_ids. Interestingly, this is the response I get using OAuth. * Raffi Krikorian ra...@twitter.com [100830 05:48]: what endpoints are you still seeing this error format under? the change should have been reverted in the case that you were mentioning. On Sun, Aug 29, 2010 at 9:00 AM, Marc Mims marc.m...@gmail.com wrote: * Raffi Krikorian ra...@twitter.com [100827 06:03]: hi all. this is most certainly a mistake on our part - we'll be reverting this change. Raffi, we're still seeing these unexpected error structures. When will the change be reverted? -Marc On Fri, Aug 27, 2010 at 4:45 AM, Cameron Kaiser spec...@floodgap.com wrote: It looks like error responses have changed, at least for users/show. I used to get: {error:User has been suspended} Now, I get: {errors:[{code:63,message:User has been suspended}]} I'm seeing that too. When did this change? -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Raffi Krikorian Twitter Platform Team http://twitter.com/raffi -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] statuses/filter track and retweets
Hi, I'm using statuses/filter?track=something streaming api. Noticed that it doesn't return native twitter retweets which contain something in the original tweet text. Specifically: statuses/filter?track=#custserv misses the following retweet from MarshaCollier: RT @JeffreyJKingman: Crowdsourcing CustServ has issues of message management and company control. What issues from keeping CustServ in- company? #custserv I expected to get both original tweet and the retweet, but got only the original one. Is it supposed to work in this way? Thanks, Kostya -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] A day wasted trying to get public feed is OAuth the issue?
You can't access external pages via javascript because of webbrowser security. You will have to write a script that gets the .json page and send that to your user (a proxy). Tom On 9/1/10 5:12 AM, jmargey wrote: Hi all, My first day working on a twitter app, basically I have a web page that displays a public feed from a celeb. I am calling http://twitter.com/statuses/user_timeline/celebname.json and then using jquery to display the feed. Now I know the json exists because if I paste the url above in the browser it lets me save the json. If I call the json locally from my code http://localhost/test/celebname.json it returns the json and I can display the feed, but when I call http://twitter.com/statuses/user_timeline/celebname.json it returns nothing. Any ideas? Is is to do with the switch to OAuth? Do I have to create a twitter app which calls the feed, and the celeb has to authorise the app? Even though its a public feed? Any suggestions would be great. I posted code below $(function () { var html =; /* I can save the following json but it returns nothing in code */ var tweeturl = http://twitter.com/statuses/user_timeline/ celebname.json; /* this works when json saved locally*/ //var tweeturl = http://localhost/testcelebname.json;; $.getJSON(tweeturl, function (d) { $.each(d, function (i, item) { if (i % 3 == 0 i != 0) { html += /div; } if (i % 3 == 0) { html += div class=\tweet-items\; } html += div class=\jeanne-tweet\p + item.text + / pdiv class=\tweet-date\ + item.created_at + /div/div; }); $('#tweet-items').append(html); }); }); -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Can we have bulk statuses/show?
The statuses/show/:id API method right now only retrieves a single status. Could we have a bulk version, where you can pass a set of status ID-s, and receive a set of statuses in return? Primary motivation is to conserve rate limit. In some apps, you have a set of status ID-s that you want to display to user, and fetching them one by one consumes limit like crazy. J -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: making twitter in asp.net
On Aug 29, 9:12 pm, vijay parmar viju.supers...@gmail.com wrote: hello sir, i m vijay parmar, i m in 7th sem(B.E. IT)i m making a project of twitter in asp.net... i kindly need your help so plz give me some idea about making twitter in asp.net so i can start making my project work... give me reply as early possible vijay parmar -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: Status update results in Internal server error 500
At first I was like: Oh Noos! But then I was like: I changed my code to URL encode the body data, but still get the 500. I get this for _every_ update request I make. Signature base string: POSThttp%3A%2F%2Fapi.twitter.com%2F1%2Fstatuses %2Fupdate.jsonoauth_consumer_key%3DI1yQDPyI7WUn2fN9JfFWww %26oauth_nonce%3DzUiSrxqbsHQDdLL808dHSGwK1SJT78RKA7q266lQtms%253D %26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp %3D1283329212%26oauth_token%3D172686984- rnCFtLBbV00YlZVXN0Um1weBPk1dZ3sQXh22rTkG%26oauth_version%3D1.0%26status %3Dsetting%2520up%2520my%2520twitter%2520hoot Sniffed: POST /1/statuses/update.json HTTP/1.1 Content-Type: text/xml; charset=utf-8 User-Agent: RTL Netherlands OAuth 0.1 Authorization: OAuth oauth_consumer_key=I1yQDPyI7WUn2fN9JfFWww, oauth_signature_method=HMAC-SHA1, oauth_timestamp=1283329212, oauth_nonce=zUiSrxqbsHQDdLL808dHSGwK1SJT78RKA7q266lQtms%3D, oauth_version=1.0, oauth_token=172686984- rnCFtLBbV00YlZVXN0Um1weBPk1dZ3sQXh22rTkG, oauth_signature=GjVUXM%2Fw %2FhlIoC5BuFQSSqnkRSU%3D Host: api.twitter.com Content-Length: 41 status=setting%20up%20my%20twitter%20hootHTTP/1.1 500 Internal Server Error Date: Wed, 01 Sep 2010 08:20:44 GMT Server: hi Status: 500 Internal Server Error Content-Type: text/html; charset=UTF-8 Set-Cookie: k=217.118.160.30.1283329243822931; path=/; expires=Wed, 08- Sep-10 08:20:43 GMT; domain=.twitter.com Cache-Control: max-age=300 Expires: Wed, 01 Sep 2010 08:25:43 GMT Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked f4 Status: 500 Internal Server Error Content-Type: text/html htmlbodyh1500 Internal Server Error/h1/body/htmlStatus: 500 Internal Server Error Content-Type: text/html htmlbodyh1500 Internal Server Error/h1/body/html 0 -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Twitter Authentication
Hi, This is a known issue of WTK 2.5.2, which has some issues to support the type of certificate used by Twitter. It has nothing to do with the API itself. I suggest you to try it on Java ME Plataform SDK 3 or on your device. Regards, Ernandes On Wed, Sep 1, 2010 at 2:20 AM, Pradeep Senanayake pradeepd.senanay...@gmail.com wrote: Hi, Im using TwitterMe api for my mobile application, I registered my application in twitter and got the consumer key and the secret key. The problem Im having is after I post a twit it gives an exception which tells javax.microedition.pki.CertificateException: Subject alternative name did not match site name This is how I do the post. Credential credential = new Credential(user, pwd,Constants.twitConsumerKey,Constants.twitConsumerSecretKey); UserAccountManager userAccMgr = UserAccountManager.getInstance(credential); if (userAccMgr.verifyCredential()) { Tweet tweet = new Tweet(message); TweetER tweeter = TweetER.getInstance(userAccMgr); tweet = tweeter.post(tweet); DialogFrame frame = new DialogFrame(); frame.setTitle(Twitter); frame.setBody(Successfully Twitted!); frame.createUI(2); } pls some body help me. Thanks in advance. pradeep. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Ernandes Jr. - ALL programs are poems. However, NOT all programmers are poets. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Can we have bulk statuses/show?
Fetching a random list of statuses is likely to include a number of statuses that are not in cache. I think accounting for them on a one-by-one basis models our cost fairly well. -John Kalucki http://twitter.com/jkalucki Twitter Inc. On Wed, Sep 1, 2010 at 8:00 AM, Jaanus jaa...@gmail.com wrote: The statuses/show/:id API method right now only retrieves a single status. Could we have a bulk version, where you can pass a set of status ID-s, and receive a set of statuses in return? Primary motivation is to conserve rate limit. In some apps, you have a set of status ID-s that you want to display to user, and fetching them one by one consumes limit like crazy. J -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: statuses/filter track and retweets
I found the reason why the retweet from my prev post is missing from streaming track results. After retweeting the length of the status is greater then 140 chars. I track by #custserv which is in the end of the status. Looks like streaming tracks the body of the retweet, but not the original status text. Shall it be considered as a bug? Traditional search returns both original status and retweet in the above case. Thanks, Kostya On Sep 1, 10:02 am, Kostya Nikolayev kostya1...@gmail.com wrote: Hi, I'm using statuses/filter?track=something streaming api. Noticed that it doesn't return native twitter retweets which contain something in the original tweet text. Specifically: statuses/filter?track=#custserv misses the following retweet from MarshaCollier: RT @JeffreyJKingman: Crowdsourcing CustServ has issues of message management and company control. What issues from keeping CustServ in- company? #custserv I expected to get both original tweet and the retweet, but got only the original one. Is it supposed to work in this way? Thanks, Kostya -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] statuses/filter track and retweets
Track looks at the status text and matches this field properly. When a user retweets, a new status is created that refers to the old status. This new status text is matched by track correctly. When long tweets are retweeted, the text is truncated. Note that this tweet is long, and the missing matched term is the last word in the text. -John Kalucki http://twitter.com/jkalucki Twitter Inc. On Wed, Sep 1, 2010 at 7:02 AM, Kostya Nikolayev kostya1...@gmail.comwrote: Hi, I'm using statuses/filter?track=something streaming api. Noticed that it doesn't return native twitter retweets which contain something in the original tweet text. Specifically: statuses/filter?track=#custserv misses the following retweet from MarshaCollier: RT @JeffreyJKingman: Crowdsourcing CustServ has issues of message management and company control. What issues from keeping CustServ in- company? #custserv I expected to get both original tweet and the retweet, but got only the original one. Is it supposed to work in this way? Thanks, Kostya -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Basic Auth
We have been getting a {errors:[{code:53,message:Basic authentication is not supported}]} error on our feeds for the last 15 or so hours, our feeds tweet at most 5 times an hour but have become inactive because of this error. We are using Jtwitter and have not had an isssue with this untill half-a day ago. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Non-Developer RSS Feeds
Now that OAuth is here, how will the general public get access to Twitter RSS feeds? Since Basic auth has been disabled they seem unusable. Thanks, Grant -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Authentication on opening Twitter.com in browser
Hello! Is it possible to open Twitter website with a user logged in? There are links in my desktop application that forwards a user into twitter.com pages, and it would be handy to automate login operation. Is there a method? Thanks. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Simple way to get user timeline?
Hello I just joined this group because today I noticed the twitter page i had on my site was no longer working due to the change in Twitter's API. Previously I was using php code I found online that made use of CURL with basic authentication but unfortunately that no longer works. I've looked through the API documentation but it seems that everything with oauth involves having the visitor authorize their account to be used with my application however all I'm looking for is a simple way (without using the widget) to post my user timeline on a php page. Can anyone point me in the right direction? -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] statuses/mentions include_rts
Hello. I'm having a bit of a problem with the include_rts parameter when calling the statuses/mentions API. Either I'm misunderstanding what it's supposed to do, or I'm just having trouble getting it to work. A little help with either would be great! Scenario: * User_A tweets something (either from my app or natively on twitter.com) * User_B retweets it natively on twitter.com * I go into the API Console on dev.twitter.com and try the statuses/ mentions method passing include_rts=true as a parameter The response I get back does not include the retweet by User_B. It SHOULD be there, right? If so, any idea what I might be doing/ thinking wrong? Thanks. Dave -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] XAuth 401 error
Hi, My mobile app was working like a charm using xAuth authentication until this morning (in France). Even after the Basic Auth removal my app was working (using xAuth) yesterday evening but this morning in france, my app always returns 401 error.I 'have'nt changed anything. Have you changed something in xAuth process yesterday ? Any idea ??? -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: Status update results in Internal server error 500
FYI: - I'm hailing to Twitter via C# - If I send the data in my request chunked, I get a different error message: HTTP/1.1 500 Internal Server Error Date: Wed, 01 Sep 2010 13:02:53 GMT Server: Apache Set-Cookie: k=217.118.160.30.1283346173979846; path=/; expires=Wed, 08- Sep-10 13:02:53 GMT; domain=.twitter.com Last-Modified: Wed, 01 Sep 2010 07:14:45 GMT Accept-Ranges: bytes Content-Length: 4659 Vary: Accept-Encoding Connection: close Content-Type: text/html; charset=UTF-8 ... h2Something is technically wrong./h2 pThanks for noticing...we're going to fix it up and have things back to normal soon./p ... -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] win phone 7 xAuth
Hi guys, Does anyone know what is wrong with my code? it always returns Failed to validate oauth signature and token (it did return access token and access access secret few day ago) here is my code (I use Hammock/TweetSharp library) private const string _consumerKey = cKey; private const string _consumerSecret = cSecret; private string _userName = uName; private string _password = uPassword; Button.Click { Hammock.RestClient c = new RestClient() { Authority = https:// api.twitter.com/oauth/, HasElevatedPermissions = true, Credentials = new OAuthCredentials() { Type = OAuthType.ClientAuthentication, ConsumerKey = _consumerKey, ConsumerSecret = _consumerSecret, SignatureMethod = OAuthSignatureMethod.HmacSha1, ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader, ClientUsername = _userName, ClientPassword = _password, } }; RestRequest r = new RestRequest() { Path = access_token, }; c.BeginRequest(r, new RestCallback(Callback)); } public void Callback(Hammock.RestRequest request, Hammock.RestResponse response, object userState) { var a = response.Content; (I set debug here, and variable 'a' contains Failed to validate oauth signature and token, RestRespone.content contains 'Content' threw an exception of typeSystem.UnauthorizedAccessException } Thanks -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] A day wasted trying to get public feed is OAuth the issue?
Also, the API isn't at twitter.com -- it's at api.twitter.com and also requires a version component to the path. The types of requests you want to make, once you settle on a means of transport, would be to http://api.twitter.com/1/statuses/user_timeline.json?screen_name=celebname Taylor On Wed, Sep 1, 2010 at 12:15 AM, Tom van der Woerdt i...@tvdw.eu wrote: You can't access external pages via javascript because of webbrowser security. You will have to write a script that gets the .json page and send that to your user (a proxy). Tom On 9/1/10 5:12 AM, jmargey wrote: Hi all, My first day working on a twitter app, basically I have a web page that displays a public feed from a celeb. I am calling http://twitter.com/statuses/user_timeline/celebname.json and then using jquery to display the feed. Now I know the json exists because if I paste the url above in the browser it lets me save the json. If I call the json locally from my code http://localhost/test/celebname.json it returns the json and I can display the feed, but when I call http://twitter.com/statuses/user_timeline/celebname.json it returns nothing. Any ideas? Is is to do with the switch to OAuth? Do I have to create a twitter app which calls the feed, and the celeb has to authorise the app? Even though its a public feed? Any suggestions would be great. I posted code below $(function () { var html =; /* I can save the following json but it returns nothing in code */ var tweeturl = http://twitter.com/statuses/user_timeline/ celebname.json; /* this works when json saved locally*/ //var tweeturl = http://localhost/testcelebname.json;; $.getJSON(tweeturl, function (d) { $.each(d, function (i, item) { if (i % 3 == 0 i != 0) { html += /div; } if (i % 3 == 0) { html += div class=\tweet-items\; } html += div class=\jeanne-tweet\p + item.text + / pdiv class=\tweet-date\ + item.created_at + /div/div; }); $('#tweet-items').append(html); }); }); -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Simple way to get user timeline?
In your applications profile, there is a section for your own tokens which eradicates the need for pushing through the user authentication process. You can use a library to make OAuth requests from that point on, one of which calls will be the user_timeline. Scott. On 1 Sep 2010, at 08:17, quick5pnt0 wrote: Hello I just joined this group because today I noticed the twitter page i had on my site was no longer working due to the change in Twitter's API. Previously I was using php code I found online that made use of CURL with basic authentication but unfortunately that no longer works. I've looked through the API documentation but it seems that everything with oauth involves having the visitor authorize their account to be used with my application however all I'm looking for is a simple way (without using the widget) to post my user timeline on a php page. Can anyone point me in the right direction? smime.p7s Description: S/MIME cryptographic signature
Re: [twitter-dev] Simple way to get user timeline?
1. register your app at dev.twitter.com to get your set of keys 2. get a hold of and install the twitter_oauth.php class 3. add in the getConnectionWithAccessToken function (I forget where it's available) 4. make your calls like this... (you will use get instead of post, and make the appropriate request for your statuses) $PMconnection = getConnectionWithAccessToken ($pm_consumer_key,$pm_consumer_secret,$pm_access_token, $pm_access_secret); $PMsuccess = $PMconnection-post('https://api.twitter.com/1/statuses/ update.json', array('status' = $thisTweet)); hope this helps On Sep 1, 2010, at 1:17 AM, quick5pnt0 wrote: Can anyone point me in the right direction? -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] win phone 7 xAuth
Hi, I would make sure that your system's clock is within about 5 minutes of Twitter's. We return our current time in the Date HTTP header of every response. One easy way to fixate an application's clock with our servers is to issue a HTTP HEAD request to http://api.twitter.com/1/help/test.xml -- it's a non-rate-limited request and will allow you to adjust your clock in relation to ours. If you're still having problems we can move on to other possibilities. Taylor On Wed, Sep 1, 2010 at 12:21 AM, Hongwei suhongwe...@gmail.com wrote: Hi guys, Does anyone know what is wrong with my code? it always returns Failed to validate oauth signature and token (it did return access token and access access secret few day ago) here is my code (I use Hammock/TweetSharp library) private const string _consumerKey = cKey; private const string _consumerSecret = cSecret; private string _userName = uName; private string _password = uPassword; Button.Click { Hammock.RestClient c = new RestClient() { Authority = https:// api.twitter.com/oauth/, HasElevatedPermissions = true, Credentials = new OAuthCredentials() { Type = OAuthType.ClientAuthentication, ConsumerKey = _consumerKey, ConsumerSecret = _consumerSecret, SignatureMethod = OAuthSignatureMethod.HmacSha1, ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader, ClientUsername = _userName, ClientPassword = _password, } }; RestRequest r = new RestRequest() { Path = access_token, }; c.BeginRequest(r, new RestCallback(Callback)); } public void Callback(Hammock.RestRequest request, Hammock.RestResponse response, object userState) { var a = response.Content; (I set debug here, and variable 'a' contains Failed to validate oauth signature and token, RestRespone.content contains 'Content' threw an exception of typeSystem.UnauthorizedAccessException } Thanks -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] undo retweets in stream api
Is there any fix for this issue? We try to calculate the order and the number of retweets of a person's tweet whom we follow through stream api. However the retweets and undo-retweets of people whom we don't follow accumulates and increases the RT number. On Tue, Jun 15, 2010 at 6:47 PM, John Kalucki j...@twitter.com wrote: Various counts are off on Twitter right now, so you shouldn't be basing much on counts. If you are following the original tweeter, you get the retweet, but not the deletion. If you are following the retweeter, you get both the retweet and the deletion notice. This is due to a limitation in the deletion message format -- there isn't enough information to route the message in the first case. This affects several streaming use cases, and is a known issue that we, eventually, hope to fix the next time we're in that part of the code. One workaround, albeit often impractical, is to take the full firehose and do the correlation on your end. -John Kalucki http://twitter.com/jkalucki Infrastructure, Twitter Inc. On Tue, Jun 15, 2010 at 8:35 AM, Furkan Kuru furkank...@gmail.com wrote: Yes, the original tweet was not deleted. Some of the retweets were deleted. Actually we noticed this problem when one of the tweet's retweet count seemed higher than it was shown in twitter. (both not exceeding 100) I do not know if twitter acts retweets as a reply-to-user and sends it to our stream. so we do not know wheter some of these retweet messages come from the users whom we do not follow. But so far, our retweet scores were always smaller than it was shown in twitter and we thought it was caused because of the fact that we do not follow everyone that might retweet the tweet. On Tue, Jun 15, 2010 at 6:21 PM, John Kalucki j...@twitter.com wrote: Was the original tweet by an account you are following, or was the retweet by an account you are following? Also, I'm assuming that it was the retweet that was deleted, not the original tweet. -John Kalucki http://twitter.com/jkalucki Infrastructure, Twitter Inc. On Tue, Jun 15, 2010 at 6:59 AM, Furkan Kuru furkank...@gmail.com wrote: I am using the follow param on a shadow account. On Tue, Jun 15, 2010 at 4:14 PM, John Kalucki j...@twitter.com wrote: Which endpoint and parameters are you using? Firehose? Sample? Track? Etc. -John Kalucki http://twitter.com/jkalucki Infrastructure, Twitter Inc. On Tue, Jun 15, 2010 at 3:03 AM, Furkan Kuru furkank...@gmail.com wrote: Hello, In our stream we receive deleted statuses but can not receive undo retweets. Is undoing a retweet message is different than deleting a status? wiki has shown only the deleted status message info: JSON: { delete: { status: { id: 1234, user_id: 3 } } } -- Furkan Kuru -- Furkan Kuru -- Furkan Kuru -- Furkan Kuru -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Revoked @anywhere access automatically re-granted?
Hi, I'm using the @anywhere tweetbox, and I am confused by the revoking / re-granting access is handled. This is the scenario: 0) I type a tweet in the @anywhere tweetbox and hit Tweet 1) In the popup screen, I allow the app to connect to my account 2) I post a tweet. All is well. 3) I revoke my app's access (as expected, when I revisit the my Connections tab, my app is gone) 4) I go back to the app, and try post a new Tweet. Above the tweetbox, the spinner keeps spinning, but the tweet does not get posted 5) I revisit my Connections tab, and my app is now in the list of allowed apps again. 6) when I refresh my app's page, I can tweet as before. I would have expected to have to connect again after revoking access. Is this a bug (the one tweet that never gets posted certainly seems to be), or is hitting Tweet again considered an implicit granting of access? -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Basic Auth
* Cradash rand...@gmail.com [100901 06:40]: We have been getting a {errors:[{code:53,message:Basic authentication is not supported}]} error on our feeds for the last 15 or so hours, our feeds tweet at most 5 times an hour but have become inactive because of this error. We are using Jtwitter and have not had an isssue with this untill half-a day ago. I've been seeing this message for suspended users. See my most recent post in this thread: http://groups.google.com/group/twitter-development-talk/browse_thread/thread/356faad144d2c336/ebf4a20b2dd1a16c?lnk=gstq=error+change#ebf4a20b2dd1a16c Here's a shortened URL: http://is.gd/eONAH An unauthenticated call to users/show for that user may tell you what the real problem is. -Marc -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: Status update results in Internal server error 500
And now for something strange: I get the same 500 response _regardless_ of what I put in the body. Also when the data in the Signature base string is different from what is used in the body. So not even a '401 unauthorized' message... At first I suspected the(/my) signature, but now I have doubts. Lots of them. And still no solution... -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Moving from white-listed account to single access token
Our application never has to make API requests on behalf of the end- user. We don't even call API methods that require authentication. That's why we haven't implemented OAuth. However, we did make the requests on behalf of a white-listed account using Basic Authentication, to benefit from the 20,000 calls/hour rate limit. If we were to use the single access token-approach, we'll have to register an application first in order to generate the access token. Will this application or access token be white-listed automatically if the application is registered using the white-listed account? -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] 500: Something is technically wrong while calling lists/memberships
Hi Matt, thanks for your help. It has taken a moment to activate debugging on our live platform and waiting for the data generation (batch-job). Now I have the requested information available: Sep 1 06:58:01 consumer1 [ActiveMQ Session Task] DEBUG - Request: Sep 1 06:58:01 consumer1 [ActiveMQ Session Task] DEBUG - GET http://api.twitter.com/1/treypennington/lists/memberships.json?cursor=1328223569980794792 Sep 1 06:58:01 consumer1 [ActiveMQ Session Task] DEBUG - OAuth base string: GEThttp%3A%2F%2Fapi.twitter.com%2F1%2Ftreypennington%2Flists%2Fmemberships.jsoncursor%3D1328223569980794792%26oauth_consumer_key%3D Wlcg5zbNH60gCZAHCswGIw%26oauth_nonce%3D375038756%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1283324281%26oauth_token%3D9836582-S2JMTDaS0AemlPx64zrGJUSedhqeXV1tVMp3Yc7uk%26oauth_version%3D1.0Sep 1 06:58:01 consumer1 [ActiveMQ Session Task] DEBUG - OAuth signature: ZSMuaVPXY5TRCewrLwM/libe1DY=Sep 1 06:58:01 consumer1 [ActiveMQ Session Task] DEBUG - Authorization: Sep 1 06:58:01 consumer1 [ActiveMQ Session Task] DEBUG - X-Twitter-Client-URL: http://twitter4j.org/en/twitter4j-2.1.3.xmlSep 1 06:58:01 consumer1 [ActiveMQ Session Task] DEBUG - X-Twitter-Client: Twitter4JSep 1 06:58:01 consumer1 [ActiveMQ Session Task] DEBUG - Accept-Encoding: gzipSep 1 06:58:01 consumer1 [ActiveMQ Session Task] DEBUG - User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10Sep 1 06:58:01 consumer1 [ActiveMQ Session Task] DEBUG - X-Twitter-Client-Version: 2.1.3Sep 1 06:58:01 consumer1 [ActiveMQ Session Task] DEBUG - Connection: close Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - Response: Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - HTTP/1.1 500 Internal Server Error Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - X-Transaction: 1283324281-10058-19273 Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - X-RateLimit-Limit: 2 Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - Content-Length: 1729 Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - X-RateLimit-Remaining: 19873 Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - Expires: Tue, 31 Mar 1981 05:00:00 GMT Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - Last-Modified: Wed, 01 Sep 2010 06:58:01 GMT Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - X-RateLimit-Reset: 1283327829 Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - X-RateLimit-Class: api_whitelisted Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - X-Revision: DEV Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - Set-Cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCPyCFswqAToHaWQiJWE5N2VlZGVjOWRmYWIz%250ANDVjMWZmNmQyMjEzYTIyMDQ4IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy% 250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--17f6d5db85a1f0ad355c58c556f22fa526066528; domain=.twitter.com; path=/ Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - Set-Cookie: lang=en; path=/ Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - Set-Cookie: guest_id=128332428158978084; path=/; expires=Fri, 01 Oct 2010 06:58:01 GMT Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - Set-Cookie: k=75.101.167.21.1283324281572833; path=/; expires=Wed, 08-Sep-10 06:58:01 GMT; domain=.twitter.com Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - Connection: close Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - Server: hiSep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0 Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - Pragma: no-cache Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - Status: 500 Internal Server Error Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - Date: Wed, 01 Sep 2010 06:58:02 GMT Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - Vary: Accept-Encoding Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - Content-Encoding: gzip Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - Content-Type: text/html; charset=utf-8 Sep 1 06:58:02 consumer1 [ActiveMQ Session Task] DEBUG - !DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd;#012html xmlns=http://www.w3. org/1999/xhtml lang=en xml:lang=en#012 head#012meta http-equiv=Content-Type content=text/html; charset=utf-8 /#012meta http-equiv=Content-Language content=en-us /#012titleTwit ter / Error/title#012link href=http://s.twimg.com/images/favicon.ico; rel=shortcut icon type=image/x-icon /#012#012style type=text/css#012 /* Page#012
Re: [twitter-dev] Moving from white-listed account to single access token
Hi Niels, Our whitelisting system still operates almost exclusively on IP address and accounts -- not applications. So yes, once you move to using OAuth for your account, it will be given the same whitelisted limits. You can more quickly implement your single access token example by making use of the my access token feature on dev.twitter.com that will provide the access token for the user who owns the application without having to bother with the entire OAuth request cycle. Taylor On Wed, Sep 1, 2010 at 7:54 AM, Niels van der Rest n.vanderr...@gmail.comwrote: Our application never has to make API requests on behalf of the end- user. We don't even call API methods that require authentication. That's why we haven't implemented OAuth. However, we did make the requests on behalf of a white-listed account using Basic Authentication, to benefit from the 20,000 calls/hour rate limit. If we were to use the single access token-approach, we'll have to register an application first in order to generate the access token. Will this application or access token be white-listed automatically if the application is registered using the white-listed account? -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: Status update results in Internal server error 500
Looking at some of your example debug output above, you're sending a Content-Type header of text/xml when you aren't sending us XML, you're sending us x-www-form-urlencoded data. Taylor On Wed, Sep 1, 2010 at 7:38 AM, Papa.Coen papa.c...@gmail.com wrote: And now for something strange: I get the same 500 response _regardless_ of what I put in the body. Also when the data in the Signature base string is different from what is used in the body. So not even a '401 unauthorized' message... At first I suspected the(/my) signature, but now I have doubts. Lots of them. And still no solution... -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: Status update results in Internal server error 500
Fixed! CONTENT TYPE must be: application/x-www-form-urlencoded ! 1337. Thanks to this post: http://groups.google.com/group/twitter-development-talk/browse_thread/thread/2c84b962327f7161/7d5e1fd98644913e?lnk=gstq=internal+server+error#7d5e1fd98644913e -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: Moving from white-listed account to single access token
Hi Taylor, Thanks for your quick reply, that's everything I needed to know! Niels On Sep 1, 4:57 pm, Taylor Singletary taylorsinglet...@twitter.com wrote: Hi Niels, Our whitelisting system still operates almost exclusively on IP address and accounts -- not applications. So yes, once you move to using OAuth for your account, it will be given the same whitelisted limits. You can more quickly implement your single access token example by making use of the my access token feature on dev.twitter.com that will provide the access token for the user who owns the application without having to bother with the entire OAuth request cycle. Taylor On Wed, Sep 1, 2010 at 7:54 AM, Niels van der Rest n.vanderr...@gmail.comwrote: Our application never has to make API requests on behalf of the end- user. We don't even call API methods that require authentication. That's why we haven't implemented OAuth. However, we did make the requests on behalf of a white-listed account using Basic Authentication, to benefit from the 20,000 calls/hour rate limit. If we were to use the single access token-approach, we'll have to register an application first in order to generate the access token. Will this application or access token be white-listed automatically if the application is registered using the white-listed account? -- Twitter developer documentation and resources:http://dev.twitter.com/doc API updates via Twitter:http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] How to get results older than last 100 tweets from a profile or search
Hey Pablo, The Search index is only 5 days so it makes sense you can only get results for that period. Your query is correct and will provide access to the information Search knows about. The Streaming API will allow you to receive results from the time you connect to the API onwards. Information about the Streaming API can be found on our developer resources site: http://dev.twitter.com/pages/streaming_api We have a list of community written libraries which might be of interest: http://dev.twitter.com/pages/oauth_libraries Best, Matt On Tue, Aug 31, 2010 at 8:01 AM, Pablo Augusto em...@pabloaugusto.comwrote: Thanks for the reply. I just tested and its ok, but only can ger results to 2010-08-28 from now. Hav any way to workarround this? //return null is lower than 28º day $request = http://search.twitter.com/search.atom?q=from:user+keyword+since:2010-08-27rpp=100page= .$j; One question. Any one knows a updated class for the twiter api? Or can show me any example of a current working code to search api or streaming api? I had read that streaming api is best to monitoring keywords and track users. Anyone here has write a blog post about streaming api with php? Or search api with php? It's just working, but i want se some examples of best practices in this area. Thanks in advanced. [image: Pablo Augusto] *Design e Desenvolvimento* MSN: m...@pabloaugusto.com SKYPE: sk...@pabloaugusto.com EMAIL: cont...@pabloaugusto.com TWITTER: @pabloaugusto SITE: http://pabloaugusto.com On Tue, Aug 31, 2010 at 03:21, Matt Harris thematthar...@twitter.comwrote: Hey Pablo, The reason you are getting 100 results is because you are passing a results per page (rpp) value of 100. To access the next 100 results you need to request the next page, which you can do by setting the parameter 'page' equal to the page you want. You can find out more about search on our developer resources site: http://dev.twitter.com/doc/get/search Hope that helps, Matt On Mon, Aug 30, 2010 at 6:34 PM, Pablo Augusto em...@pabloaugusto.comwrote: Hello, I'm wondering if its possible to get back the twits from one account for last 3 days for example. im useing a class that do the follow search to capture tweets: $request = 'http://search.twitter.com/search.'.$this-http://search.twitter.com/search.%27.$this- type; $request .= '?q='.urlencode($this-query); Using the methos of this class i do the fololow search: $search = new TwitterSearch(); $search-from('@username'); $search-contains('#hashtag'); $search-since(22554873450); $results = $search-rpp(100)-results(); But i only get the last 100 results (the newest ever) I just try to put a low number at SINCE: for example: $search-since(21554873450); Buts aver show the last newest results. Anyone knows how can i get results older than last 100 newest in any querry, class, function, etc? if anyone can help, ill be graceful. * * *Pablo Augusto* MSN: m...@pabloaugusto.com SKYPE: sk...@pabloaugusto.com EMAIL: cont...@pabloaugusto.com SITE: http://webtags.com.br [image: Linkedin] http://linkedin.com/in/pabloaugusto [image: Twitter] http://twitter.com/pabloaugusto [image: Facebook][image: Flickr] http://flickr.com/photos/pabloaugusto [image: Youtube]http://youtube.com/pabloaugustoo [image: FormSpring] http://formspring.me/pabloaugust0 [image: LastFM]http://lastfm.com.br/user/pabloaugustoo [image: DeviantART] http://deviantart.com/pabloaugustoo [image: Tumblr]http://pabloaugusto.tumblr.com/ [image: Vimeo] http://vimeo.com/pabloaugusto [image: del.icio.us]http://del.icio.us/pabloaugusto [image: Slideshare] http://slideshare.net/pabloaugusto [image: Friendfeed]http://friendfeed.com/pabloaugusto -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Matt Harris Developer Advocate, Twitter http://twitter.com/themattharris -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Matt Harris Developer Advocate, Twitter http://twitter.com/themattharris -- Twitter developer documentation and resources: http://dev.twitter.com/doc API
Re: [twitter-dev] Re: Moving from white-listed account to single access token
There are also some helpful code samples for using single tokens on our developer site: http://dev.twitter.com/pages/oauth_single_token Matt On Wed, Sep 1, 2010 at 8:23 AM, Niels van der Rest n.vanderr...@gmail.com wrote: Hi Taylor, Thanks for your quick reply, that's everything I needed to know! Niels On Sep 1, 4:57 pm, Taylor Singletary taylorsinglet...@twitter.com wrote: Hi Niels, Our whitelisting system still operates almost exclusively on IP address and accounts -- not applications. So yes, once you move to using OAuth for your account, it will be given the same whitelisted limits. You can more quickly implement your single access token example by making use of the my access token feature on dev.twitter.com that will provide the access token for the user who owns the application without having to bother with the entire OAuth request cycle. Taylor On Wed, Sep 1, 2010 at 7:54 AM, Niels van der Rest n.vanderr...@gmail.comwrote: Our application never has to make API requests on behalf of the end- user. We don't even call API methods that require authentication. That's why we haven't implemented OAuth. However, we did make the requests on behalf of a white-listed account using Basic Authentication, to benefit from the 20,000 calls/hour rate limit. If we were to use the single access token-approach, we'll have to register an application first in order to generate the access token. Will this application or access token be white-listed automatically if the application is registered using the white-listed account? -- Twitter developer documentation and resources:http://dev.twitter.com/doc API updates via Twitter:http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Matt Harris Developer Advocate, Twitter http://twitter.com/themattharris -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: 401 errors calling access_token
* Taylor Singletary taylorsinglet...@twitter.com [100827 11:11]: Can you provide any more details about the error response you're giving (like the actual body of the error response)? Taylor, I emailed the full HTTP request and response along with the request token/secret for one of these 401 errors we're seeing. Did you get that email? Did it shed any light on the problem? Although most token exchanges work without error, this happens frequently enough to be a real concern. New users are sometimes unable to register and we lose them forever. -Marc -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: 401 errors calling access_token
Hi Marc, I'll try to respond to you today. It's no excuse, I know, but we've been busy! :) Taylor On Wed, Sep 1, 2010 at 8:33 AM, Marc Mims marc.m...@gmail.com wrote: * Taylor Singletary taylorsinglet...@twitter.com [100827 11:11]: Can you provide any more details about the error response you're giving (like the actual body of the error response)? Taylor, I emailed the full HTTP request and response along with the request token/secret for one of these 401 errors we're seeing. Did you get that email? Did it shed any light on the problem? Although most token exchanges work without error, this happens frequently enough to be a real concern. New users are sometimes unable to register and we lose them forever. -Marc -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: 401 errors calling access_token
* Taylor Singletary taylorsinglet...@twitter.com [100901 08:35]: I'll try to respond to you today. It's no excuse, I know, but we've been busy! :) Thanks, Taylor. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Advertisement Details
Hi, I wish to understand more on Twitter policy and setup for advertisements on apps based Twitter API. Is there any other page than http://dev.twitter.com/pages/api_terms which can make me crystal clear on this one? Thanks, SGarg -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Advertisement Details
Hi SGarg, This help center document should help answer questions you may have and also includes links to inquire for more information. http://support.twitter.com/articles/142161-advertisers Thanks, Taylor On Wed, Sep 1, 2010 at 8:45 AM, SGarg twitz...@gmail.com wrote: Hi, I wish to understand more on Twitter policy and setup for advertisements on apps based Twitter API. Is there any other page than http://dev.twitter.com/pages/api_terms which can make me crystal clear on this one? Thanks, SGarg -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: [twitter-api-announce] Announcing Site Streams Beta
I made a minor change to see if it will flush the cache. The policy is, as of 9/1/2010: During the beta testing period, sites are encouraged to first pull and cross-check test data from both Site Streams and the REST API to develop confidence in correctness and robustness. Once a Site Streams client implementation is deemed sufficiently stable, the streaming data could, depending on your risk-tolerance, become the primary production data source. Once this feature graduates to production, Site Streams applications must only use the REST API for data that is not available through Site Streams or use the REST API as a fall-back data source. Disruptions during the beta period should be expected and masked by this fall-back. On Wed, Sep 1, 2010 at 3:21 PM, Dewald Pretorius dpr...@gmail.com wrote: John, That page still says exactly the same. On Aug 30, 5:24 pm, John Kalucki j...@twitter.com wrote: It's cached. It'll update via a process that is mysterious to me. On Mon, Aug 30, 2010 at 1:21 PM, Dewald Pretorius dpr...@gmail.com wrote: John, Is that page cached, because the third sentence of the first bullet under Important Items still says *exactly* the same? On Aug 30, 5:15 pm, John Kalucki j...@twitter.com wrote: Thanks. I've clarified the language. -John On Mon, Aug 30, 2010 at 12:42 PM, Dewald Pretorius dpr...@gmail.com wrote: John, Perhaps you should then rephrase the following at http://bit.ly/sitestream_doc One Site Streams graduates to production, sites must only use the REST API for data that is not available through User Streams or as a fall-back data source. It's in the first paragraph of Important Items. Here's another issue that probably needs to be considered. It applies mostly to DMs, because people will tend to use DMs for sensitive information, and would expect a certain level of privacy. Right now, an OAuth authorized site can query a user's DMs and do with that info what it likes. It could present privacy issues, but at least you have an audit trail of the DM request by the authorized site in your logs/system. You lose that audit trail with Site Streams. The DMs are indiscriminately distributed out to all OAuth authorized sites that subscribe to the user's stream. It may not seem like a big deal, because it's status quo minus the audit trail. Until you're hit with a multi-million dollar class-action lawsuit for indiscriminately distributing potentially sensitive information. Then it is a big deal. It's not only the lawsuit, it's a privacy PR disaster as well. On Aug 30, 4:25 pm, John Kalucki j...@twitter.com wrote: We're not forcing people over to Site Streams. If, on the other hand, if you start to consume Site Streams, we want you to stop regular polling on the REST API. If your service is modest, any excess delivery will be modest. Excessive options add complexity and slow development for what may be little practical efficiency gain. Bandwidth and CPU are nearly free at 1mbit/sec. It's all a balance. -John Kaluckihttp://twitter.com/jkalucki Twitter, Inc. On Mon, Aug 30, 2010 at 12:15 PM, Dewald Pretorius dpr...@gmail.com wrote: This is super news. However, if you're going to force web services to use Site Streams when it is in production (sites must only use the REST API for data that is not available through User Streams), then please add the ability to subscribe only to certain elements. For example, we need the ability to subscribe to only Follows, or to only Tweets and Retweets, etc. You make note that each stream may consume significant bandwidth ( 1MB). If a web service does not make use of the user's Follows, or of the user's Tweets, then it makes no sense to consume that bandwidth with the dead-weight of the elements that are not used by the service. I understand that Site Streams is in beta now. I'm putting in this request for when it is in production and we are forced to use it. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter:http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter:http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Error 401 only in Target (working fine in simulator)
Hi , I am developing a Twitter application in MTK (Media tek ) platform. I am using Oauth and and My application has the X-auth permission I am first using POST with required params and the am using below URL https://api.twitter.com/oauth/access_token to get the access token in exchange with the username, password. I am able to get the access token and My application is working fine in the simulator (I ma using the proxy server in simulator) But in the Mobile (I amm not using proxy) , when I post https://api.twitter.com/oauth/access_token I am always getting 401 - Unauthorized (Failed to validate oauth signature and token) The below is my sample input string to get the signature (hmac-sha1) POSThttp%3A%2F%2Fapi.twitter.com%2Foauth %2Faccess_tokenoauth_consumer_key%3D4dsadsadsasdsd%26oauth_nonce %3D1262304301%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp %3D1262304300%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth %26x_auth_password%3Dtest1234%26x_auth_username%3Dnareshs %2540google.com Please someone help me to resolve this issue.. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: XAuth 401 error
Users of my xAuth application are also getting 401, since about 12 hours ago. Steve -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] undo retweets in stream api
Other than taking the firehose, I don't know how one would keep retweet counts perfectly in sync. Perhaps a statistical model and some sampling via REST will allow you to derate counts with reasonable accuracy? -John On Wed, Sep 1, 2010 at 2:17 PM, Furkan Kuru furkank...@gmail.com wrote: Is there any fix for this issue? We try to calculate the order and the number of retweets of a person's tweet whom we follow through stream api. However the retweets and undo-retweets of people whom we don't follow accumulates and increases the RT number. On Tue, Jun 15, 2010 at 6:47 PM, John Kalucki j...@twitter.com wrote: Various counts are off on Twitter right now, so you shouldn't be basing much on counts. If you are following the original tweeter, you get the retweet, but not the deletion. If you are following the retweeter, you get both the retweet and the deletion notice. This is due to a limitation in the deletion message format -- there isn't enough information to route the message in the first case. This affects several streaming use cases, and is a known issue that we, eventually, hope to fix the next time we're in that part of the code. One workaround, albeit often impractical, is to take the full firehose and do the correlation on your end. -John Kalucki http://twitter.com/jkalucki Infrastructure, Twitter Inc. On Tue, Jun 15, 2010 at 8:35 AM, Furkan Kuru furkank...@gmail.com wrote: Yes, the original tweet was not deleted. Some of the retweets were deleted. Actually we noticed this problem when one of the tweet's retweet count seemed higher than it was shown in twitter. (both not exceeding 100) I do not know if twitter acts retweets as a reply-to-user and sends it to our stream. so we do not know wheter some of these retweet messages come from the users whom we do not follow. But so far, our retweet scores were always smaller than it was shown in twitter and we thought it was caused because of the fact that we do not follow everyone that might retweet the tweet. On Tue, Jun 15, 2010 at 6:21 PM, John Kalucki j...@twitter.com wrote: Was the original tweet by an account you are following, or was the retweet by an account you are following? Also, I'm assuming that it was the retweet that was deleted, not the original tweet. -John Kalucki http://twitter.com/jkalucki Infrastructure, Twitter Inc. On Tue, Jun 15, 2010 at 6:59 AM, Furkan Kuru furkank...@gmail.com wrote: I am using the follow param on a shadow account. On Tue, Jun 15, 2010 at 4:14 PM, John Kalucki j...@twitter.com wrote: Which endpoint and parameters are you using? Firehose? Sample? Track? Etc. -John Kalucki http://twitter.com/jkalucki Infrastructure, Twitter Inc. On Tue, Jun 15, 2010 at 3:03 AM, Furkan Kuru furkank...@gmail.com wrote: Hello, In our stream we receive deleted statuses but can not receive undo retweets. Is undoing a retweet message is different than deleting a status? wiki has shown only the deleted status message info: JSON: { delete: { status: { id: 1234, user_id: 3 } } } -- Furkan Kuru -- Furkan Kuru -- Furkan Kuru -- Furkan Kuru -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Error 401 only in Target (working fine in simulator)
Hi Karthik, Make sure that the time on your device is in sync with Twitter's clocks. We return our current time in the Date HTTP header of every response. One easy way to fixate an application's clock with our servers is to issue a HTTP HEAD request to http://api.twitter.com/1/help/test.xml -- it's a non-rate-limited request and will allow you to adjust your clock in relation to ours. The oauth_timestamp in your example here is for Dec 31st, 2009. Taylor On Wed, Sep 1, 2010 at 9:10 AM, Karthik karthikduraisw...@gmail.com wrote: Hi , I am developing a Twitter application in MTK (Media tek ) platform. I am using Oauth and and My application has the X-auth permission I am first using POST with required params and the am using below URL https://api.twitter.com/oauth/access_token to get the access token in exchange with the username, password. I am able to get the access token and My application is working fine in the simulator (I ma using the proxy server in simulator) But in the Mobile (I amm not using proxy) , when I post https://api.twitter.com/oauth/access_token I am always getting 401 - Unauthorized (Failed to validate oauth signature and token) The below is my sample input string to get the signature (hmac-sha1) POSThttp%3A%2F%2Fapi.twitter.com%2Foauth %2Faccess_tokenoauth_consumer_key%3D4dsadsadsasdsd%26oauth_nonce %3D1262304301%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp %3D1262304300%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth %26x_auth_password%3Dtest1234%26x_auth_username%3Dnareshs %2540google.com Please someone help me to resolve this issue.. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: xAuth not Working (Help)
Dear Taylor, I am developing an twitter app in MTK (Mediatek platform and my app has the x-auth privilages) My Issue: I am getting errocode 401 (Failed to validate oauth signature and token), only in the mobile (MTK - media tek - where I am not using proxy). I ma getting the x-auth access token and all other api's are working fine in the simualtor (where I am using proxy) So when I look in to the TCP packets : In simulator: POST https:api.twitter.com/oauth/access_token HTTP/1.1 (Absolute URL) Host: api.twitter.com authorization: OAuth oauth_consumer_key=abcdefghijklm, oauth_nonce=1262304257, oauth_signature_method=HMAC-SHA1, oauth_timestamp=1262304256, oauth_version=1.0, oauth_signature=4vvYMzqy1BBixGRh4bpeA5xa%2BPo%3D but in target I ma getting as : POST /oauth/access_token HTTP/1.1 (Relative URL) Other than this , no other changes I have found between simulator and target. My Signature simple string : POSThttps%3A%2F%2Fapi.twitter.com%2Foauth %2Faccess_tokenoauth_consumer_key%abcdefghijklm%26oauth_nonce %3D1262304257%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp %3D1262304256%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth %26x_auth_password%3Dtest1234%26x_auth_username%3Dnareshs %2540google.com I am using the platform provided sha1-hmac algorithm which is same in target and simulator. Please help me find out the issue which is only occuring in my target. Regards, Karthik -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: XAuth 401 error
We have fixed a bug in our OAuth implementation that allowed timestamps in the future to be accepted. We've now corrected this such that timetsamps must be within a reasonable amount of time in cosideration to Twitter's server clocks. We return our current time in the Date HTTP header of every response. One easy way to fixate an application's clock with our servers is to issue a HTTP HEAD request to http://api.twitter.com/1/help/test.xml -- it's a non-rate-limited request and will allow you to adjust your clock in relation to ours. Make sure that you're keeping to the OAuth spec and using UTC-based epoch time in seconds. Taylor On Wed, Sep 1, 2010 at 9:15 AM, Steve Loft kettletoft@googlemail.comwrote: Users of my xAuth application are also getting 401, since about 12 hours ago. Steve -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: xAuth not Working (Help)
You should sort the fields in the Base String. Tom On 9/1/10 6:35 PM, Karthik wrote: Dear Taylor, I am developing an twitter app in MTK (Mediatek platform and my app has the x-auth privilages) My Issue: I am getting errocode 401 (Failed to validate oauth signature and token), only in the mobile (MTK - media tek - where I am not using proxy). I ma getting the x-auth access token and all other api's are working fine in the simualtor (where I am using proxy) So when I look in to the TCP packets : In simulator: POST https:api.twitter.com/oauth/access_token HTTP/1.1 (Absolute URL) Host: api.twitter.com authorization: OAuth oauth_consumer_key=abcdefghijklm, oauth_nonce=1262304257, oauth_signature_method=HMAC-SHA1, oauth_timestamp=1262304256, oauth_version=1.0, oauth_signature=4vvYMzqy1BBixGRh4bpeA5xa%2BPo%3D but in target I ma getting as : POST /oauth/access_token HTTP/1.1 (Relative URL) Other than this , no other changes I have found between simulator and target. My Signature simple string : POSThttps%3A%2F%2Fapi.twitter.com%2Foauth %2Faccess_tokenoauth_consumer_key%abcdefghijklm%26oauth_nonce %3D1262304257%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp %3D1262304256%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth %26x_auth_password%3Dtest1234%26x_auth_username%3Dnareshs %2540google.com I am using the platform provided sha1-hmac algorithm which is same in target and simulator. Please help me find out the issue which is only occuring in my target. Regards, Karthik -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: xAuth not Working (Help)
Dear Tom, its is in sorted order only. And moreover the same order working fine in Simualtor On Sep 1, 9:37 pm, Tom van der Woerdt i...@tvdw.eu wrote: You should sort the fields in the Base String. Tom On 9/1/10 6:35 PM, Karthik wrote: Dear Taylor, I am developing an twitter app in MTK (Mediatek platform and my app has the x-auth privilages) My Issue: I am getting errocode 401 (Failed to validate oauth signature and token), only in the mobile (MTK - media tek - where I am not using proxy). I ma getting the x-auth access token and all other api's are working fine in the simualtor (where I am using proxy) So when I look in to the TCP packets : In simulator: POST https:api.twitter.com/oauth/access_token HTTP/1.1 (Absolute URL) Host: api.twitter.com authorization: OAuth oauth_consumer_key=abcdefghijklm, oauth_nonce=1262304257, oauth_signature_method=HMAC-SHA1, oauth_timestamp=1262304256, oauth_version=1.0, oauth_signature=4vvYMzqy1BBixGRh4bpeA5xa%2BPo%3D but in target I ma getting as : POST /oauth/access_token HTTP/1.1 (Relative URL) Other than this , no other changes I have found between simulator and target. My Signature simple string : POSThttps%3A%2F%2Fapi.twitter.com%2Foauth %2Faccess_tokenoauth_consumer_key%abcdefghijklm%26oauth_nonce %3D1262304257%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp %3D1262304256%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth %26x_auth_password%3Dtest1234%26x_auth_username%3Dnareshs %2540google.com I am using the platform provided sha1-hmac algorithm which is same in target and simulator. Please help me find out the issue which is only occuring in my target. Regards, Karthik -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Advertisement Details
Thanks Taylor. So can you confirm - I can have an application based on Twitter API, and put my own ads around it (properly distinguished as an ad and not a Twitter entity like Tweet) and do not have to share revenue with Twitter for it? It is only if I use Promoted Tweets / Trends that I have to share. Thanks, SGarg On Wed, Sep 1, 2010 at 9:18 PM, Taylor Singletary taylorsinglet...@twitter.com wrote: Hi SGarg, This help center document should help answer questions you may have and also includes links to inquire for more information. http://support.twitter.com/articles/142161-advertisers Thanks, Taylor On Wed, Sep 1, 2010 at 8:45 AM, SGarg twitz...@gmail.com wrote: Hi, I wish to understand more on Twitter policy and setup for advertisements on apps based Twitter API. Is there any other page than http://dev.twitter.com/pages/api_terms which can make me crystal clear on this one? Thanks, SGarg -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: Error 401 only in Target (working fine in simulator)
Dear Taylor, I still done get how to sync my mobile clock to the twitter server clock. Can you explain little more..? On Sep 1, 9:34 pm, Taylor Singletary taylorsinglet...@twitter.com wrote: Hi Karthik, Make sure that the time on your device is in sync with Twitter's clocks. We return our current time in the Date HTTP header of every response. One easy way to fixate an application's clock with our servers is to issue a HTTP HEAD request tohttp://api.twitter.com/1/help/test.xml-- it's a non-rate-limited request and will allow you to adjust your clock in relation to ours. The oauth_timestamp in your example here is for Dec 31st, 2009. Taylor On Wed, Sep 1, 2010 at 9:10 AM, Karthik karthikduraisw...@gmail.com wrote: Hi , I am developing a Twitter application in MTK (Media tek ) platform. I am using Oauth and and My application has the X-auth permission I am first using POST with required params and the am using below URL https://api.twitter.com/oauth/access_token to get the access token in exchange with the username, password. I am able to get the access token and My application is working fine in the simulator (I ma using the proxy server in simulator) But in the Mobile (I amm not using proxy) , when I post https://api.twitter.com/oauth/access_token I am always getting 401 - Unauthorized (Failed to validate oauth signature and token) The below is my sample input string to get the signature (hmac-sha1) POSThttp%3A%2F%2Fapi.twitter.com%2Foauth %2Faccess_tokenoauth_consumer_key%3D4dsadsadsasdsd%26oauth_nonce %3D1262304301%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp %3D1262304300%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth %26x_auth_password%3Dtest1234%26x_auth_username%3Dnareshs %2540google.com Please someone help me to resolve this issue.. -- Twitter developer documentation and resources:http://dev.twitter.com/doc API updates via Twitter:http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: XAuth 401 error
For desktop apps using oAuth, the timestamp issue causing 401 errors is a big problem. People's desktops have all sorts of crazy times set on them. This means now every application that uses Twitter oAuth needs to have code written to sync/modify its time with Twitter's. It's a pain. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: Error 401 only in Target (working fine in simulator)
You mean I just issue a http request http://api.twitter.com/1/help/test.xml to the server before I start my login..? On Sep 1, 9:34 pm, Taylor Singletary taylorsinglet...@twitter.com wrote: Hi Karthik, Make sure that the time on your device is in sync with Twitter's clocks. We return our current time in the Date HTTP header of every response. One easy way to fixate an application's clock with our servers is to issue a HTTP HEAD request tohttp://api.twitter.com/1/help/test.xml-- it's a non-rate-limited request and will allow you to adjust your clock in relation to ours. The oauth_timestamp in your example here is for Dec 31st, 2009. Taylor On Wed, Sep 1, 2010 at 9:10 AM, Karthik karthikduraisw...@gmail.com wrote: Hi , I am developing a Twitter application in MTK (Media tek ) platform. I am using Oauth and and My application has the X-auth permission I am first using POST with required params and the am using below URL https://api.twitter.com/oauth/access_token to get the access token in exchange with the username, password. I am able to get the access token and My application is working fine in the simulator (I ma using the proxy server in simulator) But in the Mobile (I amm not using proxy) , when I post https://api.twitter.com/oauth/access_token I am always getting 401 - Unauthorized (Failed to validate oauth signature and token) The below is my sample input string to get the signature (hmac-sha1) POSThttp%3A%2F%2Fapi.twitter.com%2Foauth %2Faccess_tokenoauth_consumer_key%3D4dsadsadsasdsd%26oauth_nonce %3D1262304301%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp %3D1262304300%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth %26x_auth_password%3Dtest1234%26x_auth_username%3Dnareshs %2540google.com Please someone help me to resolve this issue.. -- Twitter developer documentation and resources:http://dev.twitter.com/doc API updates via Twitter:http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Twitter logout - hate to open this can of worms again
Hi everyone, I am compelled to ask because the search turned out a few post that were somewhat vague and didn't answer all my questions. I have a website widget that interacts heavily with Twitter. We use OAuth to authenticate our requests. To logout the users from our side we destroy the OAuth token. However during the initial OAuth workflow Twitter places a cookie on the browser, so if the user logs out from our site but navigates to the Twitter site they are still logged in. Closing the browser solves this, as it appears the cookie is a session cookie. Calling the account/end_session.json end point does nothing for use because the call is server side so the cookie doesn't get replaced. I am a little concerned about this behavior since the widget will be on a public site users can access from public computers. It is possible the users will log out of our widget but not close the browser window. At that point someone could navigate to twitter and still be logged in with their account. So finally my questions are: 1. Is how do I reliably log users out of Twitter? 2. Is it really necessary for Twitter to send this cookie during the OAuth workflow? The API is stateless so the cookie is really un- necessary as far as using the apis is concerned. Sorry for the lengthy post, responses are greatly appreciated! Cheers, Matei -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: Error 401 only in Target (working fine in simulator)
You'll need to: a) determine the system time on the device you're running on b) determine the system time with Twitter by reading the Date HTTP header from a response to making a request to http://api.twitter.com/1/help/text.xml c) Convert both times to UTC-based epoch time in seconds. d) If Twitter's time is ahead of your device's time, adjust your oauth_timestamp by the amount of seconds your device is behind. If Twitter's time is behind your device's time, adjust your oauth_timestamp by the amount tof seconds your device is ahead. Taylor On Wed, Sep 1, 2010 at 9:46 AM, Karthik karthikduraisw...@gmail.com wrote: You mean I just issue a http request http://api.twitter.com/1/help/test.xml to the server before I start my login..? On Sep 1, 9:34 pm, Taylor Singletary taylorsinglet...@twitter.com wrote: Hi Karthik, Make sure that the time on your device is in sync with Twitter's clocks. We return our current time in the Date HTTP header of every response. One easy way to fixate an application's clock with our servers is to issue a HTTP HEAD request tohttp://api.twitter.com/1/help/test.xml-- it's a non-rate-limited request and will allow you to adjust your clock in relation to ours. The oauth_timestamp in your example here is for Dec 31st, 2009. Taylor On Wed, Sep 1, 2010 at 9:10 AM, Karthik karthikduraisw...@gmail.com wrote: Hi , I am developing a Twitter application in MTK (Media tek ) platform. I am using Oauth and and My application has the X-auth permission I am first using POST with required params and the am using below URL https://api.twitter.com/oauth/access_token to get the access token in exchange with the username, password. I am able to get the access token and My application is working fine in the simulator (I ma using the proxy server in simulator) But in the Mobile (I amm not using proxy) , when I post https://api.twitter.com/oauth/access_token I am always getting 401 - Unauthorized (Failed to validate oauth signature and token) The below is my sample input string to get the signature (hmac-sha1) POSThttp%3A%2F%2Fapi.twitter.com%2Foauth %2Faccess_tokenoauth_consumer_key%3D4dsadsadsasdsd%26oauth_nonce %3D1262304301%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp %3D1262304300%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth %26x_auth_password%3Dtest1234%26x_auth_username%3Dnareshs %2540google.com Please someone help me to resolve this issue.. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter:http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: XAuth 401 error
This is true of all applications running to spec. We've always denied requests that were behind our system clock by an unreasonable amont -- you would be presented with this conundrum in that scenario as well, regardless of our recent change to also apply this restriction to timestamps in the future. Many developers have implemented this pattern to keep their clocks in sync. It's unwise to trust your system clock. Taylor On Wed, Sep 1, 2010 at 9:44 AM, J.D. jeremy.d.mul...@gmail.com wrote: For desktop apps using oAuth, the timestamp issue causing 401 errors is a big problem. People's desktops have all sorts of crazy times set on them. This means now every application that uses Twitter oAuth needs to have code written to sync/modify its time with Twitter's. It's a pain. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Raffi Matt to discuss Tweet Button User Streams @hackerdojo Sept 8th, Wednesday eve
fyi Raffi Krikorian Matt Harris of the Twitter dev team will discuss demo code examples on the Tweet Button User Streams, in Mountain View @ Hacker Dojo, Wednesday, September 8th, 6:30 pm. for details see http://www.meetup.com/TwitterMeetup/calendar/14487529 -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Advertisement Details
Hi SGarg, I'm not well qualified to interpret our terms of service around advertising. If you're in doubt, you may want to consult a lawyer. You can also send questions to our advertising team at twitter_...@twitter.com Taylor On Wed, Sep 1, 2010 at 9:42 AM, SGarg twitz...@gmail.com wrote: Thanks Taylor. So can you confirm - I can have an application based on Twitter API, and put my own ads around it (properly distinguished as an ad and not a Twitter entity like Tweet) and do not have to share revenue with Twitter for it? It is only if I use Promoted Tweets / Trends that I have to share. Thanks, SGarg On Wed, Sep 1, 2010 at 9:18 PM, Taylor Singletary taylorsinglet...@twitter.com wrote: Hi SGarg, This help center document should help answer questions you may have and also includes links to inquire for more information. http://support.twitter.com/articles/142161-advertisers Thanks, Taylor On Wed, Sep 1, 2010 at 8:45 AM, SGarg twitz...@gmail.com wrote: Hi, I wish to understand more on Twitter policy and setup for advertisements on apps based Twitter API. Is there any other page than http://dev.twitter.com/pages/api_termswhich can make me crystal clear on this one? Thanks, SGarg -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] all my client users report failed to validate oauth signature ...
Hi, i switched to oauth since 2 weeks or so, and deprecated basic auth completely, and all my client users upgrade, and the app stats show that every thing is fine and they're enjoying oauth, yesterday i get the message failed to validate oauth signature , and all my client users report the same message, i believe that the application my be black listed because i do alot of requests during my development of iphone app? plz help. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: all my client users report failed to validate oauth signature ...
I'm seeing a similar thing. Some of my users who have been OAuth authorized for many weeks now suddenly get an invalid OAuth signature. On Sep 1, 1:59 pm, mostafa farghaly keepon...@gmail.com wrote: Hi, i switched to oauth since 2 weeks or so, and deprecated basic auth completely, and all my client users upgrade, and the app stats show that every thing is fine and they're enjoying oauth, yesterday i get the message failed to validate oauth signature , and all my client users report the same message, i believe that the application my be black listed because i do alot of requests during my development of iphone app? plz help. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: XAuth 401 error
Sure. I implemented it and it was not hard, just one more thing to deal with, that's all. :) -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: all my client users report failed to validate oauth signature ...
We did make a change last night that enforced that oauth_timestamps could not be in the future (previously we only validated that they weren't in the past). Ensure that your oauth_timestamp is always within 5 minutes of api.twitter.com, regardless of the time within the system environment you're executing requests. Taylor On Wed, Sep 1, 2010 at 10:03 AM, Dewald Pretorius dpr...@gmail.com wrote: I'm seeing a similar thing. Some of my users who have been OAuth authorized for many weeks now suddenly get an invalid OAuth signature. On Sep 1, 1:59 pm, mostafa farghaly keepon...@gmail.com wrote: Hi, i switched to oauth since 2 weeks or so, and deprecated basic auth completely, and all my client users upgrade, and the app stats show that every thing is fine and they're enjoying oauth, yesterday i get the message failed to validate oauth signature , and all my client users report the same message, i believe that the application my be black listed because i do alot of requests during my development of iphone app? plz help. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: all my client users report failed to validate oauth signature ...
thank you i find this after writing the post http://groups.google.com/group/twitter-development-talk/browse_thread/thread/64e59e18c4948fa On Sep 1, 8:18 pm, Taylor Singletary taylorsinglet...@twitter.com wrote: We did make a change last night that enforced that oauth_timestamps could not be in the future (previously we only validated that they weren't in the past). Ensure that your oauth_timestamp is always within 5 minutes of api.twitter.com, regardless of the time within the system environment you're executing requests. Taylor On Wed, Sep 1, 2010 at 10:03 AM, Dewald Pretorius dpr...@gmail.com wrote: I'm seeing a similar thing. Some of my users who have been OAuth authorized for many weeks now suddenly get an invalid OAuth signature. On Sep 1, 1:59 pm, mostafa farghaly keepon...@gmail.com wrote: Hi, i switched to oauth since 2 weeks or so, and deprecated basic auth completely, and all my client users upgrade, and the app stats show that every thing is fine and they're enjoying oauth, yesterday i get the message failed to validate oauth signature , and all my client users report the same message, i believe that the application my be black listed because i do alot of requests during my development of iphone app? plz help. -- Twitter developer documentation and resources:http://dev.twitter.com/doc API updates via Twitter:http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: Open Source CMS Module and Consumer Secret
Well, as a testimony to this less than elegant solution (IMHO), I have rolled out my app (a PHP add-on for a popular CMS) with the the customer_key and customer_secret fields blank in a settings type control panel (db storage). I was very clear to provide a thorough walk through of the dev.twitter.com application registration process for my user-base. The walk through takes the site admin all the way through initial installation, app registration, twitter account authentication and sending their first tweet using the app. So, far I have had very few questions as to how to set up the app using the new system. And I have had no complaints. Hurray! On Aug 31, 2:08 am, Ken k...@cimas.ch wrote: oops. really, I had thought this through but got carried away with the 'transparent installation' idea. During the installation, the user would authenticate (via the software provider or directly with twitter?) - and then be delivered the credentials. Sorry. On Aug 31, 10:58 am, Ken k...@cimas.ch wrote: It seems that we are talking about two categories of applications. 1.) As in the subject of this thread, open-source CMS or other multi- user, membership or blogging systems. This type of system usually has some facility for the admin user/webmaster to change settings such as admin email address, error messages, API keys, etc. It makes sense for each deployment of such a system/module to be registered as a Twitter application (even if it is not an original unique application) if only because that way, the source or via tag would be a link back to the individual deployment and not to the original developers of the software. In these cases the person installing the system can probably be counted on to have the ability and willingness to go to twitter.com and register an app, following the instructions provided by the software developers (you guys). 2.) Single-user server or open-source desktop app. I don't know all the details of Xauth, but it seems to involve some manual effort by Twitter. So apologies up front if the following already exists, has been rejected, or doesn't make sense: If the single-user server or open-source desktop app has been approved by Twitter, why not build in to the app a call to the Twitter API that would create and install the needed credentials? The callback url would be defined by the app, the other properties could be taken from the details proved by the user at install time. This could even be executed transparently during the installation. This new API endpoint would return something like what we now get using My Access Token. Ken On Aug 31, 2:30 am, John SJ Anderson geneh...@gmail.com wrote: I think it's far better developer/business practice to design *proprietary* applications that are secure and register them with Twitter using xAuth. As has been said time and time again, proprietary is not a solution for this, as any non-hosted app using OAuth can have the keys extracted from it. Additionally, some of us would like to write Free or Open Source applications, that people can use on their own machines, without requiring them to register as Twitter developers. It used to be possible to do this. sigh j. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: XAuth 401 error
Thanks - the problem was that the library routine I used for the Unix timestamp didn't take Daylight Savings into account! Steve On Sep 1, 5:35 pm, Taylor Singletary taylorsinglet...@twitter.com wrote: We have fixed a bug in our OAuth implementation that allowed timestamps in the future to be accepted. We've now corrected this such that timetsamps must be within a reasonable amount of time in cosideration to Twitter's server clocks. We return our current time in the Date HTTP header of every response. One easy way to fixate an application's clock with our servers is to issue a HTTP HEAD request tohttp://api.twitter.com/1/help/test.xml-- it's a non-rate-limited request and will allow you to adjust your clock in relation to ours. Make sure that you're keeping to the OAuth spec and using UTC-based epoch time in seconds. Taylor On Wed, Sep 1, 2010 at 9:15 AM, Steve Loft kettletoft@googlemail.comwrote: Users of my xAuth application are also getting 401, since about 12 hours ago. Steve -- Twitter developer documentation and resources:http://dev.twitter.com/doc API updates via Twitter:http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Choosing which account to link an application to
I have some questions about choosing an account to link an API integration to. Ultimately, I'm trying to decide whether to use an existing account that our marketing team uses, or to create a new one. I need a little bit of information to help me make my decision: - What is risk to using existing account? For instance, could it be blacklisted or disabled because the integration behaves badly, and prevent us from doing our marketing? - If we use new account, do we need to Tweet from it to keep it active? Does API activity count as activity? - Will any customer be able to see which Twitter account we're actually using? - Does having an established account make it easier or harder to whitelist the api application? Thanks, Alan -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: XAuth 401 error
i'm on my way to fix this, but i wonder why you didn't let us know about this change ??? On Sep 1, 8:44 pm, Steve Loft kettletoft@googlemail.com wrote: Thanks - the problem was that the library routine I used for the Unix timestamp didn't take Daylight Savings into account! Steve On Sep 1, 5:35 pm, Taylor Singletary taylorsinglet...@twitter.com wrote: We have fixed a bug in our OAuth implementation that allowed timestamps in the future to be accepted. We've now corrected this such that timetsamps must be within a reasonable amount of time in cosideration to Twitter's server clocks. We return our current time in the Date HTTP header of every response. One easy way to fixate an application's clock with our servers is to issue a HTTP HEAD request tohttp://api.twitter.com/1/help/test.xml-- it's a non-rate-limited request and will allow you to adjust your clock in relation to ours. Make sure that you're keeping to the OAuth spec and using UTC-based epoch time in seconds. Taylor On Wed, Sep 1, 2010 at 9:15 AM, Steve Loft kettletoft@googlemail.comwrote: Users of my xAuth application are also getting 401, since about 12 hours ago. Steve -- Twitter developer documentation and resources:http://dev.twitter.com/doc API updates via Twitter:http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] OAuth pin flow happening instead of normal oauth_callback redirect
I have a sample app which works fine on my local machine. When I deploy it to a dev server and go through the flow, I get the PIN in the browser and no redirect. I checked the server timestamps and they are within 1 second of each other. Does anyone have any thoughts on what might be wrong? I looked through dev.twitter.com oauth pages but I didn't see anything besides the server timestamps. Thanks much! /damon -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: xAuth not Working (Help)
Oh, sorry, you are right. You replaced the consumer key with some random value but apparently you also replaced the 3D in %3D so my validator didn't catch it properly. Tom On 9/1/10 6:42 PM, Karthik wrote: Dear Tom, its is in sorted order only. And moreover the same order working fine in Simualtor On Sep 1, 9:37 pm, Tom van der Woerdt i...@tvdw.eu wrote: You should sort the fields in the Base String. Tom On 9/1/10 6:35 PM, Karthik wrote: Dear Taylor, I am developing an twitter app in MTK (Mediatek platform and my app has the x-auth privilages) My Issue: I am getting errocode 401 (Failed to validate oauth signature and token), only in the mobile (MTK - media tek - where I am not using proxy). I ma getting the x-auth access token and all other api's are working fine in the simualtor (where I am using proxy) So when I look in to the TCP packets : In simulator: POST https:api.twitter.com/oauth/access_token HTTP/1.1 (Absolute URL) Host: api.twitter.com authorization: OAuth oauth_consumer_key=abcdefghijklm, oauth_nonce=1262304257, oauth_signature_method=HMAC-SHA1, oauth_timestamp=1262304256, oauth_version=1.0, oauth_signature=4vvYMzqy1BBixGRh4bpeA5xa%2BPo%3D but in target I ma getting as : POST /oauth/access_token HTTP/1.1 (Relative URL) Other than this , no other changes I have found between simulator and target. My Signature simple string : POSThttps%3A%2F%2Fapi.twitter.com%2Foauth %2Faccess_tokenoauth_consumer_key%abcdefghijklm%26oauth_nonce %3D1262304257%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp %3D1262304256%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth %26x_auth_password%3Dtest1234%26x_auth_username%3Dnareshs %2540google.com I am using the platform provided sha1-hmac algorithm which is same in target and simulator. Please help me find out the issue which is only occuring in my target. Regards, Karthik -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] OAuth pin flow happening instead of normal oauth_callback redirect
Hi Damon, Verify that your application has a default callback URL set on your app's page on dev.twitter.com -- the existence of that field is what determines whether we'll automatically be sending you into out of band mode or note. Further, while that default callback URL needs to exist on your application record, make sure that you're sending an oauth_callback on the request token step with the URL you want to be directed to following the authentication step -- it's best to be explicit instead of relying on some implicit setting in your application record (and not providing an oauth_callback on the request token step is not correct to the specification). Taylor On Wed, Sep 1, 2010 at 11:26 AM, Damon Clinkscales sca...@pobox.com wrote: I have a sample app which works fine on my local machine. When I deploy it to a dev server and go through the flow, I get the PIN in the browser and no redirect. I checked the server timestamps and they are within 1 second of each other. Does anyone have any thoughts on what might be wrong? I looked through dev.twitter.com oauth pages but I didn't see anything besides the server timestamps. Thanks much! /damon -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: XAuth 401 error
Sorry for the trouble our alignment has caused. Honestly, we should have announced we were going to harden this, but -- and really we should have learned our lesson on this -- we were operating under the assumption that OAuth clients develop to spec, which includes presenting the current epoch time in UTC seconds with every issued request. We already were enforcing that timestamps could not be more than 15 minutes old -- and in the interests of limiting potential security exploits or continued erroneous utilization of the API, we decided to enforce that timestamps must also be no more than 15 minutes ahead of our clock. So now we have balance where previously there was lopsidedness. In other news, as we've reminded developers a few times, now's a great time to make sure that all of your applications are using api.twitter.com with versioning in the path for all REST resource requests. It would be terrible to wake up some morning to find that none of your API calls work any more because you're using unsupported API end points. Taylor On Wed, Sep 1, 2010 at 12:04 PM, bjcoredev jme...@gmail.com wrote: I m agree with you On 1 sep, 20:08, mostafa farghaly keepon...@gmail.com wrote: i'm on my way to fix this, but i wonder why you didn't let us know about this change ??? On Sep 1, 8:44 pm, Steve Loft kettletoft@googlemail.com wrote: Thanks - the problem was that the library routine I used for the Unix timestamp didn't take Daylight Savings into account! Steve On Sep 1, 5:35 pm, Taylor Singletary taylorsinglet...@twitter.com wrote: We have fixed a bug in our OAuth implementation that allowed timestamps in the future to be accepted. We've now corrected this such that timetsamps must be within a reasonable amount of time in cosideration to Twitter's server clocks. We return our current time in the Date HTTP header of every response. One easy way to fixate an application's clock with our servers is to issue a HTTP HEAD request tohttp:// api.twitter.com/1/help/test.xml-- it's a non-rate-limited request and will allow you to adjust your clock in relation to ours. Make sure that you're keeping to the OAuth spec and using UTC-based epoch time in seconds. Taylor On Wed, Sep 1, 2010 at 9:15 AM, Steve Loft kettletoft@googlemail.comwrote: Users of my xAuth application are also getting 401, since about 12 hours ago. Steve -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter:http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en-Masquer le texte des messages précédents - - Afficher le texte des messages précédents - -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] 400 response from twitterauth statuses/update call
Hello, I've been transitioning our basic authentication calls over to OAuth. I'm using the twitterauth PHP library. All of the authentication calls are working and I receive proper responses from GET requests (ex: account/verify_credentials, account/rate_limit_status), but when I attempt a status update POST I get a 400 Bad Request response. From the account/rate_limit_status call I know I'm below the rate limit. Here's a PHP snippet... $content = $connection-post('statuses/update', array(status = Status update)); Has anybody else been experiencing this behavior? Thanks, JC -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] win phone 7 xAuth
Unless your system does not have access to the Internet, there is no excuse for not synchronizing its clocks to the world-wide NTP server pool. Zero - zip - zilch - nada - absolutely no excuse! Five minutes leeway is not really acceptable. -- M. Edward (Ed) Borasky http://borasky-research.net http://twitter.com/znmeb A mathematician is a device for turning coffee into theorems. - Paul Erdos Quoting Taylor Singletary taylorsinglet...@twitter.com: Hi, I would make sure that your system's clock is within about 5 minutes of Twitter's. We return our current time in the Date HTTP header of every response. One easy way to fixate an application's clock with our servers is to issue a HTTP HEAD request to http://api.twitter.com/1/help/test.xml -- it's a non-rate-limited request and will allow you to adjust your clock in relation to ours. If you're still having problems we can move on to other possibilities. Taylor On Wed, Sep 1, 2010 at 12:21 AM, Hongwei suhongwe...@gmail.com wrote: Hi guys, Does anyone know what is wrong with my code? it always returns Failed to validate oauth signature and token (it did return access token and access access secret few day ago) here is my code (I use Hammock/TweetSharp library) private const string _consumerKey = cKey; private const string _consumerSecret = cSecret; private string _userName = uName; private string _password = uPassword; Button.Click { Hammock.RestClient c = new RestClient() { Authority = https:// api.twitter.com/oauth/, HasElevatedPermissions = true, Credentials = new OAuthCredentials() { Type = OAuthType.ClientAuthentication, ConsumerKey = _consumerKey, ConsumerSecret = _consumerSecret, SignatureMethod = OAuthSignatureMethod.HmacSha1, ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader, ClientUsername = _userName, ClientPassword = _password, } }; RestRequest r = new RestRequest() { Path = access_token, }; c.BeginRequest(r, new RestCallback(Callback)); } public void Callback(Hammock.RestRequest request, Hammock.RestResponse response, object userState) { var a = response.Content; (I set debug here, and variable 'a' contains Failed to validate oauth signature and token, RestRespone.content contains 'Content' threw an exception of typeSystem.UnauthorizedAccessException } Thanks -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: Error 401 only in Target (working fine in simulator)
I'd think mobiles - at least the common ones (iPhone, Android, Symbian, Blackberry, Palm, etc.) would be synchronized to world time automatically. At least my old LG ENV and current Verizon Droid Incredible tell me what time it is. ;-) -- M. Edward (Ed) Borasky http://borasky-research.net http://twitter.com/znmeb A mathematician is a device for turning coffee into theorems. - Paul Erdos Quoting Karthik karthikduraisw...@gmail.com: Dear Taylor, I still done get how to sync my mobile clock to the twitter server clock. Can you explain little more..? On Sep 1, 9:34 pm, Taylor Singletary taylorsinglet...@twitter.com wrote: Hi Karthik, Make sure that the time on your device is in sync with Twitter's clocks. We return our current time in the Date HTTP header of every response. One easy way to fixate an application's clock with our servers is to issue a HTTP HEAD request tohttp://api.twitter.com/1/help/test.xml-- it's a non-rate-limited request and will allow you to adjust your clock in relation to ours. The oauth_timestamp in your example here is for Dec 31st, 2009. Taylor On Wed, Sep 1, 2010 at 9:10 AM, Karthik karthikduraisw...@gmail.com wrote: Hi , I am developing a Twitter application in MTK (Media tek ) platform. I am using Oauth and and My application has the X-auth permission I am first using POST with required params and the am using below URL https://api.twitter.com/oauth/access_token to get the access token in exchange with the username, password. I am able to get the access token and My application is working fine in the simulator (I ma using the proxy server in simulator) But in the Mobile (I amm not using proxy) , when I post https://api.twitter.com/oauth/access_token I am always getting 401 - Unauthorized (Failed to validate oauth signature and token) The below is my sample input string to get the signature (hmac-sha1) POSThttp%3A%2F%2Fapi.twitter.com%2Foauth %2Faccess_tokenoauth_consumer_key%3D4dsadsadsasdsd%26oauth_nonce %3D1262304301%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp %3D1262304300%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth %26x_auth_password%3Dtest1234%26x_auth_username%3Dnareshs %2540google.com Please someone help me to resolve this issue.. -- Twitter developer documentation and resources:http://dev.twitter.com/doc API updates via Twitter:http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: Error 401 only in Target (working fine in simulator)
Not iOS (iPhone, iPod Touch, etc) - my iPod Touch seems to be 18 seconds out of sync. Tom On 9/1/10 10:39 PM, M. Edward (Ed) Borasky wrote: I'd think mobiles - at least the common ones (iPhone, Android, Symbian, Blackberry, Palm, etc.) would be synchronized to world time automatically. At least my old LG ENV and current Verizon Droid Incredible tell me what time it is. ;-) -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: XAuth 401 error
Peoples' desktops are almost all Windows (90%) or MacOS X (9%). I don't know about Macs but I know for a fact that Windows XP and later desktops can be *easily* syncronized to world time via NTP - in fact, Microsoft has servers! And for the 1% outliers like me (openSUSE 11.3) there are usually desktop tools (YaST2) that make it point-and-click. As long as your users are following their desktop maker's religion about viruses, software updates, firewalls, etc., and aren't running something ancient like Windows Millenium Edition or a PowerPC Mac with a dial-up Internet connection, they should have clocks that are right as long as they're on line. -- M. Edward (Ed) Borasky http://borasky-research.net http://twitter.com/znmeb A mathematician is a device for turning coffee into theorems. - Paul Erdos Quoting J.D. jeremy.d.mul...@gmail.com: For desktop apps using oAuth, the timestamp issue causing 401 errors is a big problem. People's desktops have all sorts of crazy times set on them. This means now every application that uses Twitter oAuth needs to have code written to sync/modify its time with Twitter's. It's a pain. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: XAuth 401 error
I should mention that I am having no problem posting updates to twitter itself, but I cannot post pictures through twitpic or yfrog due to this error.. and it was working earlier with no code change since. On Sep 1, 5:02 pm, MigrantP migra...@gmail.com wrote: I am also getting this problem, despite it working perfectly yesterday. I've added a timestamp offset adjustment as you recommended just in case, and am sending an accurate GMT timestamp, but still getting 401 errors. There is no additional information included in the error, so I'm at a loss. Was anything else changed? -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: Error 401 only in Target (working fine in simulator)
That's a surprise - I'd expect Apple to be on top of stuff like that! Even so, 18 seconds is well within Twitter's outrageously generous tolerance of five minutes. Then again, I used to work at Goddard Space Flight Center - I was spoiled by having clocks accurate to a microsecond available as wall plugs. ;-) -- M. Edward (Ed) Borasky http://borasky-research.net http://twitter.com/znmeb A mathematician is a device for turning coffee into theorems. - Paul Erdos Quoting Tom van der Woerdt i...@tvdw.eu: Not iOS (iPhone, iPod Touch, etc) - my iPod Touch seems to be 18 seconds out of sync. Tom On 9/1/10 10:39 PM, M. Edward (Ed) Borasky wrote: I'd think mobiles - at least the common ones (iPhone, Android, Symbian, Blackberry, Palm, etc.) would be synchronized to world time automatically. At least my old LG ENV and current Verizon Droid Incredible tell me what time it is. ;-) -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] A helper wrapper for Abraham Williams TwitterOAuth PHP wrapper
Hi All, A console application and additional wrapper for Abraham Williams TwitterOAuth PHP wrapper which makes the process of obtaining OAuth credentials for plain old single user mode usage a little easier:- http://www.nicholasdejong.com/story/helper-wrapper-abraham-williams-twitteroauth-php-wrapper From the README:- This package has two main components both of which you'll want to use:- twitteroauth-helper-console --- Use the console tool in a shell to create a valid twitteroauth.credentials file:- Step 1 - go to Twitter and obtain your API key and secret values. Step 2 - run the twitteroauth-helper-console tool in a shell. Step 3 - set your API secret and key using the set_consumer_key and set_consumer_secret commands within the console tool. Step 4 - request user authentication using request_user_auth console command then visit the Twitter URL that is provided in a web browser. You may need to log into Twitter and you will need to allow your application. Step 5 - Using the PIN code that will be displayed in the step above go back to the console application and use the verify_user_auth_request command. Step 6 - Move the twitteroauth.credentials file that has been created to a safe place. twitteroauth-wrapper You don't need to use this wrapper to use the twitteroauth credentials but it does make things even easier. All you need to do to make a post is the following:- include('twitteroauth-helper-wrapper.php'); $TOHW = new TwitterOAuthHelperWrapper('/path/to/credentials.file'); $TOHW-post('statuses/update',array('status'='Hello World!')); Enjoy, N -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] 500: Something is technically wrong while calling lists/memberships
Hi Matt, the problem seems to be getting worse. No I see this error quite often and with other calls than lists/memberships too. One example with statuses/retweets: Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Request: Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - GET http://api.twitter.com/1/statuses/retweets/18334417346.json?count=100 Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - OAuth base string: GEThttp%3A%2F%2Fapi.twitter.com%2F1%2Fstatuses%2Fretweets%2F18334417346.jsonco unt%3D100%26oauth_consumer_key%3DWlcg5zbNH60gCZAHCswGIw%26oauth_nonce%3D3148833036%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1283373740%26oaut h_token%3D14150654-pkmqfsHKGaD9Uj6Ahus2Zv8euQ1zyKrgrU1v7kwUq%26oauth_version%3D1.0 Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - OAuth signature: rZds70A8TKCKmCSfdRPFpEGURsc= Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Authorization: * *** Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - X-Twitter-Client-URL: http://twitter4j.org/en/twitter4j-2.1.3.xml Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - X-Twitter-Client: Twitter4J Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Accept-Encoding: gzip Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10 Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - X-Twitter-Client-Version: 2.1.3 Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Connection: close Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Response: Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - HTTP/1.1 500 Internal Server ErrorSep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - X-Transaction: 1283373740-97223-912Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - X-RateLimit-Limit: 2Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Content-Length: 1729Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - X-RateLimit-Remaining: 19967 Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Expires: Tue, 31 Mar 1981 05:00:00 GMT Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Last-Modified: Wed, 01 Sep 2010 20:42:20 GMTSep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - X-RateLimit-Reset: 1283377034Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - X-RateLimit-Class: api_whitelistedSep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - X-Revision: DEVSep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Set-Cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCA8zCc8qAToHaWQiJTljNTJlM2Q0ZjQ3MTY3%250AOGE0ODM2NGMzMjQwYjJiN2M0IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--466cc297d1c8f9370081fbe2ffba832a8f03b682; domain=.twitter.com; path=/Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Set-Cookie: lang=en; path=/Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Set-Cookie: guest_id=128337374080975974; path=/; expires=Fri, 01 Oct 2010 20:42:20 GMTSep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Set-Cookie: k=75.101.167.21.1283373740806509; path=/; expires=Wed, 08-Sep-10 20:42:20 GMT; domain=.twitter.comSep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Connection: closeSep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Server: hiSep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Pragma: no-cacheSep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Status: 500 Internal Server ErrorSep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Date: Wed, 01 Sep 2010 20:42:20 GMTSep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Vary: Accept-EncodingSep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Content-Encoding: gzipSep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - Content-Type: text/html; charset=utf-8 Sep 1 20:42:20 consumer1 [ActiveMQ Session Task] DEBUG - !DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd;#012html xmlns=http://www.w3.org/1999/xhtml; lang=en xml:lang=en#012 head#012 meta http-equiv=Content-Type content=text/html; charset=utf-8 /#012 meta http-equiv=Content-Language content=en-us /#012titleTwitter / Error/title#012link href=http://s.twimg.com/images/favicon.ico; rel=shortcut icon type=image/x-icon /#012#012style type=text/css#012 /* Page#012 --- */#012 * { border: 0; padding: 0;
Re: [twitter-dev] Re: Error 401 only in Target (working fine in simulator)
Uh ... not counting solar flares and disrupted satellite communications, of course ... 2012 / 2013 is supposedly going to be a challenge ;-) -- M. Edward (Ed) Borasky http://borasky-research.net http://twitter.com/znmeb A mathematician is a device for turning coffee into theorems. - Paul Erdos Quoting M. Edward (Ed) Borasky zn...@borasky-research.net: That's a surprise - I'd expect Apple to be on top of stuff like that! Even so, 18 seconds is well within Twitter's outrageously generous tolerance of five minutes. Then again, I used to work at Goddard Space Flight Center - I was spoiled by having clocks accurate to a microsecond available as wall plugs. ;-) -- M. Edward (Ed) Borasky http://borasky-research.net http://twitter.com/znmeb A mathematician is a device for turning coffee into theorems. - Paul Erdos Quoting Tom van der Woerdt i...@tvdw.eu: Not iOS (iPhone, iPod Touch, etc) - my iPod Touch seems to be 18 seconds out of sync. Tom On 9/1/10 10:39 PM, M. Edward (Ed) Borasky wrote: I'd think mobiles - at least the common ones (iPhone, Android, Symbian, Blackberry, Palm, etc.) would be synchronized to world time automatically. At least my old LG ENV and current Verizon Droid Incredible tell me what time it is. ;-) -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Authentication on opening Twitter.com in browser
Hey, This would require the application to know the users credentials - something the move to OAuth was to avoid - and so it isn't possible to auto-log somebody in. Best, Matt On Wed, Sep 1, 2010 at 4:02 AM, qip-er qip.o@googlemail.com wrote: Hello! Is it possible to open Twitter website with a user logged in? There are links in my desktop application that forwards a user into twitter.com pages, and it would be handy to automate login operation. Is there a method? Thanks. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Matt Harris Developer Advocate, Twitter http://twitter.com/themattharris -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: Error 401 only in Target (working fine in simulator)
Our generous time range is actually +- ~ 15 minutes -- I just tell everyone within 5 minutes to keep things proper and sane. :) Understand that our correction here is a bit sudden; we may make a compromise tweak that will restrict future timestamps, but now with a more relaxed resolution than 15 minutes -- with the intention to rectify this more gradually in the future. In the meantime, we strongly suggest clients perform a timestamp sanity check. I'll work on formalizing and abstracting the few options developers have to make this smooth. Some day we'll finally release our improved OAuth 1.0A implementation that will also be very specific with you about the drift detected in your timestamp. Thanks, Taylor On Wed, Sep 1, 2010 at 1:55 PM, M. Edward (Ed) Borasky zn...@borasky-research.net wrote: That's a surprise - I'd expect Apple to be on top of stuff like that! Even so, 18 seconds is well within Twitter's outrageously generous tolerance of five minutes. Then again, I used to work at Goddard Space Flight Center - I was spoiled by having clocks accurate to a microsecond available as wall plugs. ;-) -- M. Edward (Ed) Borasky http://borasky-research.net http://twitter.com/znmeb A mathematician is a device for turning coffee into theorems. - Paul Erdos Quoting Tom van der Woerdt i...@tvdw.eu: Not iOS (iPhone, iPod Touch, etc) - my iPod Touch seems to be 18 seconds out of sync. Tom On 9/1/10 10:39 PM, M. Edward (Ed) Borasky wrote: I'd think mobiles - at least the common ones (iPhone, Android, Symbian, Blackberry, Palm, etc.) would be synchronized to world time automatically. At least my old LG ENV and current Verizon Droid Incredible tell me what time it is. ;-) -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Raffi Matt to discuss Tweet Button User Streams @hackerdojo Sept 8th, Wednesday eve
Yes, we'll be there. Looking forward to it. Who else on the list is going? - it's nice to be able to put faces to email addresses Matt On Wed, Sep 1, 2010 at 9:57 AM, schwentker schwent...@gmail.com wrote: fyi Raffi Krikorian Matt Harris of the Twitter dev team will discuss demo code examples on the Tweet Button User Streams, in Mountain View @ Hacker Dojo, Wednesday, September 8th, 6:30 pm. for details see http://www.meetup.com/TwitterMeetup/calendar/14487529 -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Matt Harris Developer Advocate, Twitter http://twitter.com/themattharris -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Twitter oAuth
Hey Edward, Basic Auth on the REST API was disabled August 31st. All authenticated requests to the REST API (anything on http://api.twitter.com) need to use OAuth. There is more information on our developer resources site: http://dev.twitter.com/pages/basic_to_oauth Hope that helps, Matt On Tue, Aug 31, 2010 at 8:07 PM, Edward J. Yoon edwardy...@apache.org wrote: Is it still possible to login using username/password? then, how can I program it? -- Best Regards, Edward J. Yoon edwardy...@apache.org http://blog.udanax.org -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Matt Harris Developer Advocate, Twitter http://twitter.com/themattharris -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Authenticate to retrieve a tweet?
Hi, Do you know if you share your connection with anybody else? We allow 150 unauthenticated requests to the API per hour, so anybody else who makes requests on that IP without authentication will use some of those requests up. This includes applications you might be running on your computer which are making unauthenticated requests. The alternative is to make authenticated requests to ensure that unauthenticated limit doesn't affect you. You can do this using the single token method described on our developer resources site: http://dev.twitter.com/pages/oauth_single_token Hope that helps, Matt On Tue, Aug 31, 2010 at 6:00 PM, bretth brett...@gmail.com wrote: Hi, I hope someone can clarify a few things for me please I need to retrieve individual tweets via some sort of backend api/rss/ xml -ish web service for a website that I'm building. I can do the searching for hashtags/keywords etc fine; but I'm having trouble getting the contents of individual tweets when I have the url/id for the tweet. To elaborate; I have a URL like this: http://twitter.com/USERNAME/status/123456789 and I know I can then hit http://api.twitter.com/1/statuses/show/123456789.xml to get that tweet and user detail in xml format. However I'm finding that after a few tries I start to get authentication issues; it seems to be some kind of rate limiting, because eventually I can get it again. Now while I certainly won't be overwhelming twitter with requests or anything, I do need the ability to make more than a few requests per hour. So what's the best way to achieve this? Do I have to authenticate with oAuth or something? Can you clarify this? Because everything I've ready about oAuth suggests that it requires some sort of user intervention as well to complete the process. I don't want this. I have my twitter app (with ID and Secret) and I want to be able to use that to authenticate and query Twitter as much as possible. Is there an example of this that I can look at? Thanks!!! -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Matt Harris Developer Advocate, Twitter http://twitter.com/themattharris -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Raffi Matt to discuss Tweet Button User Streams @hackerdojo Sept 8th, Wednesday eve
If you picked a place that was a bit closer to me, I would have come. But sorry, I will not travel 8000 kilometers for that. ;-) Tom On 1 sep. 2010, at 23:08, Matt Harris thematthar...@twitter.com wrote: Yes, we'll be there. Looking forward to it. Who else on the list is going? - it's nice to be able to put faces to email addresses Matt On Wed, Sep 1, 2010 at 9:57 AM, schwentker schwent...@gmail.com wrote: fyi Raffi Krikorian Matt Harris of the Twitter dev team will discuss demo code examples on the Tweet Button User Streams, in Mountain View @ Hacker Dojo, Wednesday, September 8th, 6:30 pm. for details see http://www.meetup.com/TwitterMeetup/calendar/14487529 -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Matt Harris Developer Advocate, Twitter http://twitter.com/themattharris -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] OAuth pin flow happening instead of normal oauth_callback redirect
On Wed, Sep 1, 2010 at 3:25 PM, Taylor Singletary taylorsinglet...@twitter.com wrote: Hi Damon, Verify that your application has a default callback URL set on your app's page on dev.twitter.com -- the existence of that field is what determines whether we'll automatically be sending you into out of band mode or note. Further, while that default callback URL needs to exist on your application record, make sure that you're sending an oauth_callback on the request token step with the URL you want to be directed to following the authentication step -- it's best to be explicit instead of relying on some implicit setting in your application record (and not providing an oauth_callback on the request token step is not correct to the specification). Taylor Thanks Taylor. Yes, I had figured out that I needed to specify one in the call as well (I had already set one in the dev.twitter.com UI). I don't know the precise cause of the issue, but I did figure out it was a gem version issue. 'oauth' Ruby gem 0.3.4 works and 'oauth' Ruby gem 0.4.2 does not. If anyone can shed any light on that, it'd be much appreciated, but at least 0.3.4 is working. Thanks, /damon -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] OAuth pin flow happening instead of normal oauth_callback redirect
Great. I'll take a look at the most recent version of the ruby gem as soon as I get a chance. From my experience, 0.3.4 was a very solid release. I'll follow up when I've had a chance to review. Thanks, Taylor On Wed, Sep 1, 2010 at 2:38 PM, Damon Clinkscales sca...@pobox.com wrote: On Wed, Sep 1, 2010 at 3:25 PM, Taylor Singletary taylorsinglet...@twitter.com wrote: Hi Damon, Verify that your application has a default callback URL set on your app's page on dev.twitter.com -- the existence of that field is what determines whether we'll automatically be sending you into out of band mode or note. Further, while that default callback URL needs to exist on your application record, make sure that you're sending an oauth_callback on the request token step with the URL you want to be directed to following the authentication step -- it's best to be explicit instead of relying on some implicit setting in your application record (and not providing an oauth_callback on the request token step is not correct to the specification). Taylor Thanks Taylor. Yes, I had figured out that I needed to specify one in the call as well (I had already set one in the dev.twitter.com UI). I don't know the precise cause of the issue, but I did figure out it was a gem version issue. 'oauth' Ruby gem 0.3.4 works and 'oauth' Ruby gem 0.4.2 does not. If anyone can shed any light on that, it'd be much appreciated, but at least 0.3.4 is working. Thanks, /damon -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Twitter OAuth Echo and PHP
I am looking for some help, I am grabbing the full headers from a request sent by the iPhone twitter app to my PHP application. I am looking to grab the username, and well all avail content from https://api.twitter.com/1/account/verify_credentials.json ... I was told OAuth Echo would be the route to take. I am just not clear on how to send the request back to Twitter. I have tried a dozen or so Curl options and also tried to use Abrahams OAuth functions and always get the following Could not authenticate you response back. Can any assist me on how the headers should be sent back to get a correct response? thanks a million in advance. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: making twitter in asp.net
On 9/1/2010 2:07 AM, vijay parmar wrote: On Aug 29, 9:12 pm, vijay parmarviju.supers...@gmail.com wrote: hello sir, i m vijay parmar, i m in 7th sem(B.E. IT)i m making a project of twitter in asp.net... i kindly need your help so plz give me some idea about making twitter in asp.net so i can start making my project work... give me reply as early possible vijay parmar Check out TwitterVB (http://twittervb.codeplex.com) or Twitterizer -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: Coming soon: a solution for Open Source applications using OAuth with the Twitter API
On 8/19/2010 11:50 AM, briandunnington wrote: as Julio stated above, the official response from Taylor (in another thread) was that this solution will *not* be rolled out. there is currently no other alternative being offered other. and just to repeat what has already been said a few time in this thread - this is not just a problem with open source apps. any app that is distributed (ie: not running on your own web server) has this problem. i read on Daring Fireball the other day about a new Twitter app called Hibari, so i downloaded it and got the consumer key and secret within a couple of minutes. others apps are just as susceptible - any time the user has the code, the secret must be considered unsecure. And that assumes that you distribute the consumerkey and consumersecret with the app. Nothing about Open Source requires this. You could just as easily just distribute the source and require that users obtain their own ConsumerKey combos. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: Coming soon: a solution for Open Source applications using OAuth with the Twitter API
I have an open source Twitter client for Google Chrome and this is how I distribute it. The source is available with no API key. If developers wish to play with the source they must register their own OAuth application. http://github.com/abraham/omnitweet For users there is a packaged download that includes an API key. They just install the extension and off they go. http://github.com/abraham/omnitweet/downloads Abraham - Abraham Williams | Hacker Advocate | http://abrah.am @abraham | http://projects.abrah.am | http://blog.abrah.am This email is: [ ] shareable [x] ask first [ ] private. On Wed, Sep 1, 2010 at 15:58, John Meyer john.l.me...@gmail.com wrote: On 8/19/2010 11:50 AM, briandunnington wrote: as Julio stated above, the official response from Taylor (in another thread) was that this solution will *not* be rolled out. there is currently no other alternative being offered other. and just to repeat what has already been said a few time in this thread - this is not just a problem with open source apps. any app that is distributed (ie: not running on your own web server) has this problem. i read on Daring Fireball the other day about a new Twitter app called Hibari, so i downloaded it and got the consumer key and secret within a couple of minutes. others apps are just as susceptible - any time the user has the code, the secret must be considered unsecure. And that assumes that you distribute the consumerkey and consumersecret with the app. Nothing about Open Source requires this. You could just as easily just distribute the source and require that users obtain their own ConsumerKey combos. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: Error 401 only in Target (working fine in simulator)
On Sep 1, 2010, at 15:55 , M. Edward (Ed) Borasky wrote: That's a surprise - I'd expect Apple to be on top of stuff like that! Even so, 18 seconds is well within Twitter's outrageously generous tolerance of five minutes. There are different sync. points for different devices. For example, iPhones sync with ATT. iPads sync with Apple. There appears to be a ≈30 second difference between them. While being far from a time sync expert, I suspect leap seconds are the issue. Anon, Andrew Andrew W. Donoho Donoho Design Group, L.L.C. a...@ddg.com, +1 (512) 750-7596 We did not come to fear the future. We came here to shape it. -- President Barack Obama, Sept. 2009 -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] oauth echo php sample
Does anyone have a sample header that should be sent back to twitter as well as maybe the curl commands? I have been trying to construct a header to send back to twitter using OAuth echo, but have not been successful in doing so. And example would be excellent if anyone is able to provide. Thanks -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: Coming soon: a solution for Open Source applications using OAuth with the Twitter API
Yes, and your application's consumer secret ends with the following characters: jOU I obviously know the entire string and have the good sense not to reveal it here. The point is, it's trivially easy for me or anybody else to unzip your packaged download and get your secret. You didn't need to send it to me. I can now start spoofing your chrome extension in my Twitter client. I can use your secret to spam the crap out of people, and the folks at Twitter will eventually revoke the key, rendering your chrome extension useless to your users. Don't feel bad, it takes even less skill to get the consumer secret for the twitter client that I wrote. It's not even zipped. Download it and grep the source if you want to... you can spoof me, too! OAuth is not just broken for open source apps, it's broken for any app that resides on a client's computer... it's just slightly worse for open source applications because we have to go through the extra effort of not sharing our secrets along with the source code, if only to pretend that it's somehow making the secret safer. It's not. If you embed a secret into an application that lives on someone else's PC, that secret will be uncovered eventually if it's worth the effort. .mike On Sep 1, 7:08 pm, Abraham Williams 4bra...@gmail.com wrote: I have an open source Twitter client for Google Chrome and this is how I distribute it. The source is available with no API key. If developers wish to play with the source they must register their own OAuth application. http://github.com/abraham/omnitweet For users there is a packaged download that includes an API key. They just install the extension and off they go. http://github.com/abraham/omnitweet/downloads Abraham - Abraham Williams | Hacker Advocate |http://abrah.am @abraham |http://projects.abrah.am|http://blog.abrah.am This email is: [ ] shareable [x] ask first [ ] private. On Wed, Sep 1, 2010 at 15:58, John Meyer john.l.me...@gmail.com wrote: On 8/19/2010 11:50 AM, briandunnington wrote: as Julio stated above, the official response from Taylor (in another thread) was that this solution will *not* be rolled out. there is currently no other alternative being offered other. and just to repeat what has already been said a few time in this thread - this is not just a problem with open source apps. any app that is distributed (ie: not running on your own web server) has this problem. i read on Daring Fireball the other day about a new Twitter app called Hibari, so i downloaded it and got the consumer key and secret within a couple of minutes. others apps are just as susceptible - any time the user has the code, the secret must be considered unsecure. And that assumes that you distribute the consumerkey and consumersecret with the app. Nothing about Open Source requires this. You could just as easily just distribute the source and require that users obtain their own ConsumerKey combos. -- Twitter developer documentation and resources:http://dev.twitter.com/doc API updates via Twitter:http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] annotations access
Howdy, I'm building a Twitter client that needs to make use of annotations to avoid displaying duplicate tweets to the end-user (long story...). Do I need to do something special to get access to the annotations API? I think I am posting my annotations correctly, but I can't be sure, as they are not appearing when I read the statuses with curl, or in my user stream. Is anyone else out there successfully using annotations? Is the feature not generally available yet? If not, how does one go about getting on the beta group? Thanks in advance, Chris -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: Coming soon: a solution for Open Source applications using OAuth with the Twitter API
On Wed, Sep 1, 2010 at 7:58 PM, John Meyer john.l.me...@gmail.com wrote: And that assumes that you distribute the consumerkey and consumersecret with the app. Nothing about Open Source requires this. You could just as easily just distribute the source and require that users obtain their own ConsumerKey combos. The problem, in this case, is the awkward UX. Hello user! Thanks for downloading application X! To use it, you must register your application on Twitter, then authorize it to be used! And don't forget to use the proper options or it won't work, ok? Oh wait I sec... Why I need to register and _then_ authorize it? It doesn't make sense! That other application don't ask me all this shit... -- Julio Biason julio.bia...@gmail.com Twitter: http://twitter.com/juliobiason -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: Coming soon: a solution for Open Source applications using OAuth with the Twitter API
On 9/1/2010 6:03 PM, Mike Desjardins wrote: Yes, and your application's consumer secret ends with the following characters: jOU I obviously know the entire string and have the good sense not to reveal it here. The point is, it's trivially easy for me or anybody else to unzip your packaged download and get your secret. You didn't need to send it to me. I can now start spoofing your chrome extension in my Twitter client. I can use your secret to spam the crap out of people, and the folks at Twitter will eventually revoke the key, rendering your chrome extension useless to your users. And rendering the key useless to the spammer. Besides, if I'm a spammer what makes more sense to me: hijacking consumer key combos one by one and spamming them to the point of cancellation or developing a way to get hundreds of my own keys to do the spamming (again, ignoring the fact that you need user tokens to spam along with those stolen consumer key combos). That is unless you assume that spammers are doing it just to screw with programmers and not to make a profit. Is oAuth absolutely safe? No, of course not. No computer, outside of the one locked in a building with no internet connections, outside power sources, or walls, is safe. But oAuth is definitely safer at least from the point of view of the user who only has to worry about shutting off a single app as opposed to changing their password. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
Re: [twitter-dev] Re: Coming soon: a solution for Open Source applications using OAuth with the Twitter API
On 9/1/2010 6:46 PM, Julio Biason wrote: On Wed, Sep 1, 2010 at 7:58 PM, John Meyerjohn.l.me...@gmail.com wrote: And that assumes that you distribute the consumerkey and consumersecret with the app. Nothing about Open Source requires this. You could just as easily just distribute the source and require that users obtain their own ConsumerKey combos. The problem, in this case, is the awkward UX. Hello user! Thanks for downloading application X! To use it, you must register your application on Twitter, then authorize it to be used! And don't forget to use the proper options or it won't work, ok? That's the way Twitter Tools for Wordpress works, and it isn't ackward at all. It's description leaves something to be desired, but it ain't rocket science. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en