Re: [twitter-dev] Callback URL not authorized issue
Hi Steve, Our OAuth implementation is very strict about host names and will not authorize callbacks unless the host name matches exactly. In your case, the www subdomain is the difference. You can make your @Anywhere app work on both host names by adding mymobileplanet.co.uk (without the www) to your list of authorized domains. Go to http://dev.twitter.com/apps, click on the name of your @Anywhere app, and then click on Manage Domains in the right sidebar. Enter mymobileplanet.co.uk into the form field and click Authorize. On Fri, Aug 6, 2010 at 10:56 AM, Steve atif-nas...@hotmail.com wrote: I have implemented @Anywhere on a web-page. I have registered an app with Twitter and inserted the API key in the head section and both modules in the body section of my page. I am getting the following error: The provided callback url http://mymobileplanet.co.uk/iPhone.html is not authorized for the client registered to 'http:// www.mymobileplanet.co.uk'. I have tried several methods to somehow make it work but all in vain. I would appreciate if someone can visit my pages and see what the problem is or guide me how I can make it work. -- Dana Contreras Twitter Platform Team http://twitter.com/DanaDanger
Re: [twitter-dev] Adding and removing from Lists does not appear to be working
Hi Alex, Can you tell me specifically which lists and users you're seeing this problem with? Feel free to email me off-list if you prefer. On Wed, Jul 28, 2010 at 12:54 AM, Alex B alex.boswo...@gmail.com wrote: Adding and Deleting members from lists appears to be silently failing. This issue also appears to impact the Twitter web interface. Is it just me seeing this bug? Is there any information on the issue? -- Dana Contreras Twitter Platform Team http://twitter.com/DanaDanger
Re: [twitter-dev] Favorites/:id/create.json returns not found
Hi Jim, Change the URL to https://api.twitter.com/1/favorites/create/15738870223.json and it should work. On Tue, Jun 8, 2010 at 5:04 PM, Jim Cortez j...@jimcortez.com wrote: Hi all, I am having trouble with setting favorites through the oAuth API (with xAuth). Must other api's work (exception being blocks/exists, see previous emails). Here is an example request: location: https://api.twitter.com/1/favorites/15738870223/create.json authorizationHeader: OAuth oauth_consumer_key=snip, oauth_nonce=snip, oauth_signature=snip, oauth_signature_method=HMAC-SHA1, oauth_timestamp=1276041800, oauth_token=snip, oauth_version=1.0, postData: id=15738870223 responseData: {request:/1/favorites/15738870223/create.json,error:Not found} Now on the web, this is fine: http://twitter.com/twitterapi/status/15738870223 I tried removing the id as post data, but then I got an invalid signature error. Any ideas? Thanks, Jim Cortez -- Dana Contreras Twitter Platform Team http://twitter.com/DanaDanger
Re: [twitter-dev] OAuth problem: can authenticate, but cant fetch timelines.
When you're constructing your signature base string, don't include the query parameters in the URL. The query parameters do need to be included in the next part of the signature base string though. Here's what the base string in your example should look like: GEThttp%3A%2F%2Fapi.twitter.com%2F1%2Fstatuses%2Fhome_timeline.jsoncount%3D200%26oauth_consumer_key%3D***%26oauth_nonce%3Dcbj41uc3y0d0lju8%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1274460844%26oauth_token%3D**%26oauth_version%3D1.0 %3Fcount%3D200 has been removed, and count%3D200%26 has been inserted after the second ampersand. On Fri, May 21, 2010 at 9:59 AM, Miguel de Icaza miguel.de.ic...@gmail.com wrote: Hello folks, I have my client speaking OAuth to twitter for the entire initial dance up to getting my access token. But once I try using the access token to call: http://api.twitter.com/1/statuses/mentions.json?count=200 All I get from twitter is a 401 with the following body: {request:/1/statuses/mentions.json?count=200,error:Incorrect signature} I followed the steps described here:http://dev.twitter.com/pages/ auth and just assumed that since there is no content, the value for computing the signature is not needed. GEThttp%3A%2F%2Fapi.twitter.com%2F1%2Fstatuses%2Fhome_timeline.json %3Fcount%3D200oauth_consumer_key%3D***%26oauth_nonce %3Dcbj41uc3y0d0lju8%26oauth_signature_method%3DHMAC- SHA1%26oauth_timestamp%3D1274460844%26oauth_token%3D** %26oauth_version%3D1.0 My composite signature is made of my consumer secret (from the twitter app page) and the oauth_token_secret returned by the acquire access token process This is what ends up in the HTTP traffic, when I append the oauth_signature: GET /1/statuses/home_timeline.json?count=200 HTTP/1.1 authorization: OAuth oauth_consumer_key=**,oauth_nonce=r3cy0enwrqeq1qns,oauth_signature_method=HMAC- SHA1,oauth_timestamp=1274461098,oauth_token=823083- ***,oauth_version=1.0,oauth_signature=dGhefwoSaiSQ0XMSswJ1UdPtkeI %3D Connection: keep-alive Host: api.twitter.com Any ideas on what I am doing wrong? -- Dana Contreras Twitter Platform Team http://twitter.com/DanaDanger
Re: [twitter-dev] OAuth problem: can authenticate, but cant fetch timelines.
...and I see Taylor beat me to it. ;) On Fri, May 21, 2010 at 10:34 AM, Dana Contreras d...@twitter.com wrote: When you're constructing your signature base string, don't include the query parameters in the URL. The query parameters do need to be included in the next part of the signature base string though. Here's what the base string in your example should look like: GEThttp%3A%2F%2Fapi.twitter.com%2F1%2Fstatuses%2Fhome_timeline.jsoncount%3D200%26oauth_consumer_key%3D***%26oauth_nonce%3Dcbj41uc3y0d0lju8%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1274460844%26oauth_token%3D**%26oauth_version%3D1.0 %3Fcount%3D200 has been removed, and count%3D200%26 has been inserted after the second ampersand. On Fri, May 21, 2010 at 9:59 AM, Miguel de Icaza miguel.de.ic...@gmail.com wrote: Hello folks, I have my client speaking OAuth to twitter for the entire initial dance up to getting my access token. But once I try using the access token to call: http://api.twitter.com/1/statuses/mentions.json?count=200 All I get from twitter is a 401 with the following body: {request:/1/statuses/mentions.json?count=200,error:Incorrect signature} I followed the steps described here:http://dev.twitter.com/pages/ auth and just assumed that since there is no content, the value for computing the signature is not needed. GEThttp%3A%2F%2Fapi.twitter.com%2F1%2Fstatuses%2Fhome_timeline.json %3Fcount%3D200oauth_consumer_key%3D***%26oauth_nonce %3Dcbj41uc3y0d0lju8%26oauth_signature_method%3DHMAC- SHA1%26oauth_timestamp%3D1274460844%26oauth_token%3D** %26oauth_version%3D1.0 My composite signature is made of my consumer secret (from the twitter app page) and the oauth_token_secret returned by the acquire access token process This is what ends up in the HTTP traffic, when I append the oauth_signature: GET /1/statuses/home_timeline.json?count=200 HTTP/1.1 authorization: OAuth oauth_consumer_key=**,oauth_nonce=r3cy0enwrqeq1qns,oauth_signature_method=HMAC- SHA1,oauth_timestamp=1274461098,oauth_token=823083- ***,oauth_version=1.0,oauth_signature=dGhefwoSaiSQ0XMSswJ1UdPtkeI %3D Connection: keep-alive Host: api.twitter.com Any ideas on what I am doing wrong? -- Dana Contreras Twitter Platform Team http://twitter.com/DanaDanger -- Dana Contreras Twitter Platform Team http://twitter.com/DanaDanger
Re: [twitter-dev] 'unix way' Twitter scripts - will they still work?
Net::Twitter has an OAuth role that you can use: http://search.cpan.org/dist/Net-Twitter/lib/Net/Twitter/Role/OAuth.pm Take a look at the examples section on that page. The first example demonstrates a typical pattern for authorizing the client and storing the access token on disk. One complication you're going to run into is that people who use your client will need to generate their own consumer key/secret pairs, because you can't distribute your secret in the open. Take a look at the authorize command in Marcel and Raffi's twurl client (http://github.com/marcel/twurl) for a good example of how to handle this. Dana On Mon, May 17, 2010 at 6:34 AM, Neal Rauhauser nrauhau...@gmail.com wrote: I've published a handful of 'unix way' scripts written in perl and based on Marc Mims' Net::Twitter library. The basic idea was to lower the barrier of entry for folks who want some simple thing done - say a unix admin who wants a system to be able to tweet/DM. There are a lot of things that could be done with this - I've played a bit with integrating Nagios alerts using this, with making Request Tracker able to send messages via Twitter, etc. http://github.com/StrandedWind/Simple-Perl-Scripts-For-Twitter These are little things, as they should be, and made to run from the command line, which is the right way to handle lots of text data. I'm seeing this stuff on Oauth, I'm absolutely not a web developer in any sense of the word, and I'm wondering how I preserve the functionality of these tools across the pending changes. Any thoughts on how to provide a construction kit for command line/ daemon users would be appreciated. -- Dana Contreras Twitter Platform Team http://twitter.com/DanaDanger
[twitter-dev] New methods for pending follow requests
We've deployed two new methods for retrieving pending follow requests for protected users: * /friendships/incoming * /friendships/outgoing The incoming method returns a list of users who have pending requests to follow the authenticating user. The outgoing method returns a list of protected users for whom the authenticating user has pending follow requests. Both methods return 5000 user IDs per page. Cursors are provided in the unlikely event that you need to page through a list of more than 5000 pending follow requests. Full documentation is here: https://apiwiki.twitter.com/Twitter-REST-API-Method%3A-friendships-incoming https://apiwiki.twitter.com/Twitter-REST-API-Method%3A-friendships-outgoing Enjoy! -- Dana Contreras Twitter Platform Team http://twitter.com/DanaDanger
[twitter-dev] New rate limit headers for users/search
We've added a new set of HTTP response headers to users/search to document its secondary rate limit: * X-FeatureRateLimit-Limit * X-FeatureRateLimit-Remaining * X-FeatureRateLimit-Reset * X-FeatureRateLimit-Class Calls to users/search are rate limited by the standard REST API rate limit, as well as by a secondary rate limit that applies only to users/search (60 calls per hour). If either of these limits is exceeded, access to users/search is restricted until the limits reset. The new headers provide information about the secondary rate limit in the same way that the existing X-RateLimit headers document the standard REST API rate limit. Both sets of headers will be sent in response to calls to users/search. You can find more information about this update here: https://apiwiki.twitter.com/Rate-limiting -- Dana Contreras Twitter Platform Team http://twitter.com/DanaDanger -- To unsubscribe, reply using remove me as the subject.
Re: [twitter-dev] Re: New methods for pending follow requests
Allow/deny/cancel endpoints would certainly be the next logical step. As for user objects, you can pass the array of user IDs to users/lookup: http://apiwiki.twitter.com/Twitter-REST-API-Method%3A-users-lookup On Tue, Apr 13, 2010 at 5:13 PM, Naveen Ayyagari nav...@getsocialscope.comwrote: Is there API endpoints planned to accept/reject incoming and cancel outgoing pending requests? I am curious, what the use case is for a list of ids for pending requests? Without APIs to interact with pending requests, what would this information be used for? For a mobile client, exposing this type of information is valuable to the user, but user objects (not ids) would be required to create a UI for someone to view and then interact with such requests. --Naveen Ayyagari @knight9 @SocialScope On Apr 13, 7:32 pm, Dana Contreras d...@twitter.com wrote: We've deployed two new methods for retrieving pending follow requests for protected users: * /friendships/incoming * /friendships/outgoing The incoming method returns a list of users who have pending requests to follow the authenticating user. The outgoing method returns a list of protected users for whom the authenticating user has pending follow requests. Both methods return 5000 user IDs per page. Cursors are provided in the unlikely event that you need to page through a list of more than 5000 pending follow requests. Full documentation is here: https://apiwiki.twitter.com/Twitter-REST-API-Method%3A-friendships-in...https://apiwiki.twitter.com/Twitter-REST-API-Method%3A-friendships-ou. .. Enjoy! -- Dana Contreras Twitter Platform Teamhttp://twitter.com/DanaDanger -- To unsubscribe, reply using remove me as the subject. -- Dana Contreras Twitter Platform Team http://twitter.com/DanaDanger