Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
On Mon, Apr 26, 2010 at 11:09:38AM -0400, Dean Collins wrote: Yeh but John, who is going to install MySQL for a desktop client? 1) John was responding to someone who said a database wouldn't work for [him] since I do not have a desktop app, end I do not store anything in a database. If he doesn't have a desktop app, then he's talking about a web app and, as John said, pretty much every web host out there gives you MySQL, no installation required. 2) MySQL isn't the only RDBMS out there... If I were writing a desktop app which needed to handle significant amounts of data, I'd use SQLite. The SQLite libraries in every language I'm aware of aren't just interfaces to the database, but rather contain the entire database engine, so there's no external application to install. This is a well- proven approach, with Firefox probably being the biggest-name application using an embedded SQLite database engine to handle its data. http://en.wikipedia.org/wiki/SQLite -- Dave Sherohman -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
On 04/27/2010 12:11 AM, Dave Sherohman wrote: On Mon, Apr 26, 2010 at 11:09:38AM -0400, Dean Collins wrote: Yeh but John, who is going to install MySQL for a desktop client? 1) John was responding to someone who said a database wouldn't work for [him] since I do not have a desktop app, end I do not store anything in a database. If he doesn't have a desktop app, then he's talking about a web app and, as John said, pretty much every web host out there gives you MySQL, no installation required. 2) MySQL isn't the only RDBMS out there... If I were writing a desktop app which needed to handle significant amounts of data, I'd use SQLite. The SQLite libraries in every language I'm aware of aren't just interfaces to the database, but rather contain the entire database engine, so there's no external application to install. This is a well- proven approach, with Firefox probably being the biggest-name application using an embedded SQLite database engine to handle its data. http://en.wikipedia.org/wiki/SQLite Fortunately, SQLite is small enough that having dozens of applications, each with its own embedded binary of SQLite, doesn't run you out of RAM. ;-) -- M. Edward (Ed) Borasky borasky-research.net/m-edward-ed-borasky A mathematician is a device for turning coffee into theorems. ~ Paul Erdős -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
On 4/27/2010 5:52 AM, Eoin wrote: Hi, This is probably a basic question - but what is the best option if you have written an integration for a web-based application that is installed on multiple sites? The URL is going to change per installation (and won't be publicly accessible), and I would really like to minimise the impact to the application's administrators and users. thanks, Eoin If the app stores twitter usernames/passwords in combo, one solution may be to use xAuth and run a batch job to convert. Once you've converted over to tokens, ditch the passwords and you're done. -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
One solution, which I know won't win the popularity prize, is for Twitter to relax its XAuth restrictions and allow web apps to use full OAuth and/or XAuth, depending on what works best for them. In my case, I will still use full OAuth because it's so much better than dealing with Twitter credential issues. But, I will add a small link below the Twitter authorize button on my site that says something like, Can't get to Twitter.com? which then leads to a username- password entry form, and then triggers an XAuth authorization. unfortunately, this defeats the purpose of oauth :( http://mehack.com/xauth-and-perhaps-the-need-for-socializing-ap -- Raffi Krikorian Twitter Platform Team http://twitter.com/raffi -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
RE: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
One solution, which I know won't win the popularity prize, is for Twitter to relax its XAuth restrictions and allow web apps to use full OAuth and/or XAuth, depending on what works best for them. In my case, I will still use full OAuth because it's so much better than dealing with Twitter credential issues. But, I will add a small link below the Twitter authorize button on my site that says something like, Can't get to Twitter.com? which then leads to a username- password entry form, and then triggers an XAuth authorization. unfortunately, this defeats the purpose of oauth :( http://mehack.com/xauth-and-perhaps-the-need-for-socializing-ap -- Raffi Krikorian Twitter Platform Team http://twitter.com/raffi But for a desktop client it doesn't really matter now does it? I'm still not buying it that oauth is going add any value for desktop clients with regards to password security. Basically you are now storing token in the desktop client instead of password. Same difference if you are worried about the end users pc getting hacked. Cheers, Dean -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
RE: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
-Original Message- From: twitter-development-talk@googlegroups.com [mailto:twitter-development-t...@googlegroups.com] On Behalf Of John Meyer Sent: Monday, April 26, 2010 10:48 AM To: twitter-development-talk@googlegroups.com Subject: Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse On 4/26/2010 8:43 AM, jaronbarends wrote: @raffi thanks for your replies. I didn't mean to start a discussion about Twitter's policy here (although I can imagine some people would like to discuss it elsewhere). I'm mostly interested in finding a solution. @dean: I'm not sure I understand your suggestion about using oAuth for both the desktop and the web app. Did you mean letting the users allow access through the desktop app, then storing the username/token combination in a central database and using that database for the web app too? That wouldn't work for me since I do not have a desktop app, end I do not store anything in a database... no I think he meant that you can use the oAuth for EITHER the desktop or the web. You wouldn't even need to store the username; just the token and the token_secret. And the database can be anything from an actual RDBMS to a text file stored on the server (although with the fact that almost every web host that you pay for provides at least MySQL and the fact that text files are notoriously insecure you should be thinking about upgrading). Yeh but John, who is going to install MySQL for a desktop client? You're still thinking webapps instead of desktop (yes I realize I'm in the minority here). Cheers, Dean -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
On 4/26/2010 9:09 AM, Dean Collins wrote: -Original Message- From: twitter-development-talk@googlegroups.com [mailto:twitter-development-t...@googlegroups.com] On Behalf Of John Meyer Sent: Monday, April 26, 2010 10:48 AM To: twitter-development-talk@googlegroups.com Subject: Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse On 4/26/2010 8:43 AM, jaronbarends wrote: @raffi thanks for your replies. I didn't mean to start a discussion about Twitter's policy here (although I can imagine some people would like to discuss it elsewhere). I'm mostly interested in finding a solution. @dean: I'm not sure I understand your suggestion about using oAuth for both the desktop and the web app. Did you mean letting the users allow access through the desktop app, then storing the username/token combination in a central database and using that database for the web app too? That wouldn't work for me since I do not have a desktop app, end I do not store anything in a database... no I think he meant that you can use the oAuth for EITHER the desktop or the web. You wouldn't even need to store the username; just the token and the token_secret. And the database can be anything from an actual RDBMS to a text file stored on the server (although with the fact that almost every web host that you pay for provides at least MySQL and the fact that text files are notoriously insecure you should be thinking about upgrading). Yeh but John, who is going to install MySQL for a desktop client? You're still thinking webapps instead of desktop (yes I realize I'm in the minority here). Um, not jaron since he said he didn't have a desktop app. -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
i don't know very much about textpattern, however, might @anywhere be a solution for this? On Mon, Apr 26, 2010 at 11:08 AM, monkeyninja andy1...@gmail.com wrote: Hi Raffi, Not sure if I am following this correctly or not, but basically I have been developing a plugin for Textpattern for a while that uses basic authorisation to update a Twitter feed based on the username/password set for the plugin. Does this change mean that the user would now be temporarily passed back to Twitter before they would be authorised? I am hoping this isn't the case as it would make the plugin somewhat useless to the people using it. On Apr 24, 4:40 pm, Raffi Krikorian ra...@twitter.com wrote: hi all. you're going to be hearing a lot from me over the next 9 weeks. our plan is to turn off basic authorization on the API by june 30, 2010 -- developers will have to switch over to OAuth by that time. between now and then, there will be a *lot* of information coming along with tips on how to use OAuth Echo, xAuth, etc. we really want to make this transition as easy as we can for everybody. as always, please feel free to reach out to this group, or to @twitterapi directly. if you need help remembering the date - http://bit.ly/twcountdown . -- Raffi Krikorian Twitter Platform Teamhttp://twitter.com/raffi -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en -- Raffi Krikorian Twitter Platform Team http://twitter.com/raffi
Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
not at all. twitter.com is already setup completely for oauth echo. at this point, its just 3rd party providers, and end clients. the @twitterapi team is ready to help out any of those that need help. On Sat, Apr 24, 2010 at 9:28 PM, Jaanus jaa...@gmail.com wrote: Is there any kind of special involvement needed from you every time someone wants to do OAuth Echo? I thought I'll make my own server for my own app for some purpose. Judging by the spec you posted on your blog a while ago (http://mehack.com/oauth-echo-delegation-in-identity- verificatio), it does not look like some special Twitter involvement is needed, as long as I implement all that's needed in my app and server? J On Apr 24, 5:44 pm, Raffi Krikorian ra...@twitter.com wrote: hi tom! i will be sending more info about it - we've been working with yfrog, tweetphoto, and twitpic to get their services migrated - they are either finished or are nearly there. if there are others that you would like the @twitterapi team involved with to help them get migrated over as well, then feel free to drop me an e-mail asking me. On Sat, Apr 24, 2010 at 10:48 AM, Thomas Woolway tswool...@gmail.com wrote: Hi Raffi, Great that we've got a date for basic auth deprecation, but is there any news/timescales on OAuth Echo? We've got nine weeks and counting to get the spec, get the service providers to implement it, build it into clients and get our user-bases to upgrade if they want to be able to upload photos post June 30th. That's easier if you're web based, but not a huge amount of time if you are desktop or mobile based. Thanks, Tom On Sat, Apr 24, 2010 at 4:49 PM, Raffi Krikorian ra...@twitter.com wrote: there is a really good chance - now that oauth 2.0 has been submitted as a drafthttp://tools.ietf.org/html/draft-hammer-oauth2-00, we are going to spend some time catching up our oauth 2.0 implementation. at that point, we'll evaluate letting it loose. On Sat, Apr 24, 2010 at 8:44 AM, Dewald Pretorius dpr...@gmail.com wrote: Raffi, that is super awesome. Thank you. Any chance that you will have OAuth 2.0 in production before then? On Apr 24, 12:40 pm, Raffi Krikorian ra...@twitter.com wrote: hi all. you're going to be hearing a lot from me over the next 9 weeks. our plan is to turn off basic authorization on the API by june 30, 2010 -- developers will have to switch over to OAuth by that time. between now and then, there will be a *lot* of information coming along with tips on how to use OAuth Echo, xAuth, etc. we really want to make this transition as easy as we can for everybody. as always, please feel free to reach out to this group, or to @twitterapi directly. if you need help remembering the date - http://bit.ly/twcountdown . -- Raffi Krikorian Twitter Platform Teamhttp://twitter.com/raffi -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en -- Raffi Krikorian Twitter Platform Team http://twitter.com/raffi -- Raffi Krikorian Twitter Platform Teamhttp://twitter.com/raffi -- Raffi Krikorian Twitter Platform Team http://twitter.com/raffi
Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
Did you whitelist your app for xAuth? On Apr 25, 2010 1:22 PM, Craig Hockenberry craig.hockenbe...@gmail.com wrote: Hi Raffi! Is there a delay/verification after a new app is created? I just created a new app and am seeing problems getting the OAuth token with a xAuth HTTP request that looks like this: xAuth consumer key = N3fq77IdBT4qfglbcb4njg, consumer secret = REDACTED xAuth URL = https://api.twitter.com/oauth/access_token xAuth HTTP method = POST, shouldHandleCookies = NO, cachePolicy = NSURLRequestReloadIgnoringCacheData xAuth HTTP headers = { Content-Length = 78; Content-Type = application/x-www-form-urlencoded; } xAuth HTTP body = x_auth_mode=client_authx_auth_username=REDACTEDx_auth_password=REDACTED I get back a status code of 0 and a response of Failed to validate oauth signature and token. For an older application with different consumer information (key = 5CAYV1DR5uwhVRJDBrepw) but the same username and password), I get back a code of 200 and an empty response. If there is indeed a delay for this information to propagate, you need to let people know... -ch On Apr 24, 8:40 am, Raffi Krikorian ra...@twitter.com wrote: hi all. you're going to be hearing a lot from me over the next 9 weeks. our plan is to turn... Twitter Platform Teamhttp://twitter.com/raffi -- Subscription settings:http://groups.google -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
hi craig. have you gotten access to xAuth? applications are not, by default, given access to xAuth - if you e-mail a...@twitter.com with - your client token; and - a description of your application then we can grant it access. On Sun, Apr 25, 2010 at 1:22 PM, Craig Hockenberry craig.hockenbe...@gmail.com wrote: Hi Raffi! Is there a delay/verification after a new app is created? I just created a new app and am seeing problems getting the OAuth token with a xAuth HTTP request that looks like this: xAuth consumer key = N3fq77IdBT4qfglbcb4njg, consumer secret = REDACTED xAuth URL = https://api.twitter.com/oauth/access_token xAuth HTTP method = POST, shouldHandleCookies = NO, cachePolicy = NSURLRequestReloadIgnoringCacheData xAuth HTTP headers = { Content-Length = 78; Content-Type = application/x-www-form-urlencoded; } xAuth HTTP body = x_auth_mode=client_authx_auth_username=REDACTEDx_auth_password=REDACTED I get back a status code of 0 and a response of Failed to validate oauth signature and token. For an older application with different consumer information (key = 5CAYV1DR5uwhVRJDBrepw) but the same username and password), I get back a code of 200 and an empty response. If there is indeed a delay for this information to propagate, you need to let people know... -ch On Apr 24, 8:40 am, Raffi Krikorian ra...@twitter.com wrote: hi all. you're going to be hearing a lot from me over the next 9 weeks. our plan is to turn off basic authorization on the API by june 30, 2010 -- developers will have to switch over to OAuth by that time. between now and then, there will be a *lot* of information coming along with tips on how to use OAuth Echo, xAuth, etc. we really want to make this transition as easy as we can for everybody. as always, please feel free to reach out to this group, or to @twitterapi directly. if you need help remembering the date - http://bit.ly/twcountdown . -- Raffi Krikorian Twitter Platform Teamhttp://twitter.com/raffi -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en -- Raffi Krikorian Twitter Platform Team http://twitter.com/raffi
RE: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
Jaron, Why not use oAuth on a desktop client as well as the web client? This way your Chinese users can still use the app? We are thinking of enabling oauth for MyPostButler in the same format but haven't decided if it's worth the effort until we get the all clear from twitter they wont kill the application once we move to oauth.. Cheers, Dean -Original Message- From: twitter-development-talk@googlegroups.com [mailto:twitter-development-t...@googlegroups.com] On Behalf Of jaronbarends Sent: Sunday, April 25, 2010 3:50 AM To: Twitter Development Talk Subject: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse I moved my web based app from basic auth to oAuth just last week. I subsequently got several pleas from Chinese users to put the old version back up, as they could no longer use my app, since access to Twitter.com is blocked in China. This issue has discussed in this group before here: https://groups.google.com/group/twitter-development-talk/browse_thread/thread/39b8b326d8b679c6 Being a frontend developer, I may have misunderstood the outcome of that discussion (I certainly hope so). But from Raffi's last comment there (understood, but, right now, not in the plan. web apps will have to use the standard oauth workflow.) I understand that web app users in countries like China where twitter is blocked will simply no longer be able to use Twitter via the web. Have I understood this correctly? If not, how can I make sure users in blocked countries can still use my web app? If my users can no longer use my app, what do you suggest I recommend them? Jaron On Apr 24, 5:40 pm, Raffi Krikorian ra...@twitter.com wrote: hi all. you're going to be hearing a lot from me over the next 9 weeks. our plan is to turn off basic authorization on the API by june 30, 2010 -- developers will have to switch over to OAuth by that time. between now and then, there will be a *lot* of information coming along with tips on how to use OAuth Echo, xAuth, etc. we really want to make this transition as easy as we can for everybody. as always, please feel free to reach out to this group, or to @twitterapi directly. if you need help remembering the date -http://bit.ly/twcountdown . -- Raffi Krikorian Twitter Platform Teamhttp://twitter.com/raffi -- Subscription settings:http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
It is specified on the XAuth documentation. On Sun, Apr 25, 2010 at 13:39, Craig Hockenberry craig.hockenbe...@gmail.com wrote: No, I didn't ask for access. I guess that's the bug: there's no place during the signup process that tells you that you need to go through a manual process to get xAuth access... -ch On Apr 25, 1:29 pm, Raffi Krikorian ra...@twitter.com wrote: hi craig. have you gotten access to xAuth? applications are not, by default, given access to xAuth - if you e-mail a...@twitter.com with - your client token; and - a description of your application then we can grant it access. On Sun, Apr 25, 2010 at 1:22 PM, Craig Hockenberry craig.hockenbe...@gmail.com wrote: Hi Raffi! Is there a delay/verification after a new app is created? I just created a new app and am seeing problems getting the OAuth token with a xAuth HTTP request that looks like this: xAuth consumer key = N3fq77IdBT4qfglbcb4njg, consumer secret = REDACTED xAuth URL =https://api.twitter.com/oauth/access_token xAuth HTTP method = POST, shouldHandleCookies = NO, cachePolicy = NSURLRequestReloadIgnoringCacheData xAuth HTTP headers = { Content-Length = 78; Content-Type = application/x-www-form-urlencoded; } xAuth HTTP body = x_auth_mode=client_authx_auth_username=REDACTEDx_auth_password=REDACTED I get back a status code of 0 and a response of Failed to validate oauth signature and token. For an older application with different consumer information (key = 5CAYV1DR5uwhVRJDBrepw) but the same username and password), I get back a code of 200 and an empty response. If there is indeed a delay for this information to propagate, you need to let people know... -ch On Apr 24, 8:40 am, Raffi Krikorian ra...@twitter.com wrote: hi all. you're going to be hearing a lot from me over the next 9 weeks. our plan is to turn off basic authorization on the API by june 30, 2010 -- developers will have to switch over to OAuth by that time. between now and then, there will be a *lot* of information coming along with tips on how to use OAuth Echo, xAuth, etc. we really want to make this transition as easy as we can for everybody. as always, please feel free to reach out to this group, or to @twitterapi directly. if you need help remembering the date - http://bit.ly/twcountdown . -- Raffi Krikorian Twitter Platform Teamhttp://twitter.com/raffi -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en -- Raffi Krikorian Twitter Platform Teamhttp://twitter.com/raffi -- Abraham Williams | Developer for hire | http://abrah.am @abraham | http://projects.abrah.am | http://blog.abrah.am This email is: [ ] shareable [x] ask first [ ] private.
Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
It is not twitter telling you it is China. -- Little androids dreaming of Nexus Ones compiled this text. On Apr 25, 2010 6:53 PM, Dewald Pretorius dpr...@gmail.com wrote: Raffi, We really need a resolution for this issue before Basic Auth is deprecated. It sounds as if Twitter is telling developers of web apps that they cannot provide service to Chinese users, and other users behind firewalls that block access to twitter.com. But that can't be right, can it? On Apr 25, 4:49 am, jaronbarends jaronbare...@gmail.com wrote: I moved my web based app from ba... This issue has discussed in this group before here: https://groups.google.com/group/twitter-development-talk/browse_threa... Being a frontend developer, I may have misunderstood the outcome of that discussion (I certain... -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
before this gets out of hand - i, personally, am very sensitive to these issues. i've been spending some brain power trying to come up with a solution. if people have suggestions, then please feel free to reach out to me personally and off list. On Sun, Apr 25, 2010 at 7:54 PM, Ron B rbther...@gmail.com wrote: China's policy didn't just recently change, Twitter's did. So it is Twitter telling us that we may not be able to support China and other firewall blocked countries any longer. It is, after all, within Twitter's power to continue to support Basic Auth. It is their conscious decision not to, despite the significant negative ramifications being brought to their attention. In an earlier comment from Twitter: twitter.com is trying to drive people to understand and discover what's going on in the world. No one in the world needs to understand and discover what's going on more than the people of these communist-block countries that otherwise see only what their governments allow them to see. It is unfortunate that Twitter plans to turn their back on them. Then again, what's a billion people here or there?... On Apr 25, 9:04 pm, Abraham Williams 4bra...@gmail.com wrote: It is not twitter telling you it is China. -- Little androids dreaming of Nexus Ones compiled this text. On Apr 25, 2010 6:53 PM, Dewald Pretorius dpr...@gmail.com wrote: Raffi, We really need a resolution for this issue before Basic Auth is deprecated. It sounds as if Twitter is telling developers of web apps that they cannot provide service to Chinese users, and other users behind firewalls that block access to twitter.com. But that can't be right, can it? On Apr 25, 4:49 am, jaronbarends jaronbare...@gmail.com wrote: I moved my web based app from ba... This issue has discussed in this group before here: https://groups.google.com/group/twitter-development-talk/browse_threa... Being a frontend developer, I may have misunderstood the outcome of that discussion (I certain... -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en -- Raffi Krikorian Twitter Platform Team http://twitter.com/raffi
Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
there is a really good chance - now that oauth 2.0 has been submitted as a draft http://tools.ietf.org/html/draft-hammer-oauth2-00, we are going to spend some time catching up our oauth 2.0 implementation. at that point, we'll evaluate letting it loose. On Sat, Apr 24, 2010 at 8:44 AM, Dewald Pretorius dpr...@gmail.com wrote: Raffi, that is super awesome. Thank you. Any chance that you will have OAuth 2.0 in production before then? On Apr 24, 12:40 pm, Raffi Krikorian ra...@twitter.com wrote: hi all. you're going to be hearing a lot from me over the next 9 weeks. our plan is to turn off basic authorization on the API by june 30, 2010 -- developers will have to switch over to OAuth by that time. between now and then, there will be a *lot* of information coming along with tips on how to use OAuth Echo, xAuth, etc. we really want to make this transition as easy as we can for everybody. as always, please feel free to reach out to this group, or to @twitterapi directly. if you need help remembering the date - http://bit.ly/twcountdown . -- Raffi Krikorian Twitter Platform Teamhttp://twitter.com/raffi -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en -- Raffi Krikorian Twitter Platform Team http://twitter.com/raffi
Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
Hi Raffi, Great that we've got a date for basic auth deprecation, but is there any news/timescales on OAuth Echo? We've got nine weeks and counting to get the spec, get the service providers to implement it, build it into clients and get our user-bases to upgrade if they want to be able to upload photos post June 30th. That's easier if you're web based, but not a huge amount of time if you are desktop or mobile based. Thanks, Tom On Sat, Apr 24, 2010 at 4:49 PM, Raffi Krikorian ra...@twitter.com wrote: there is a really good chance - now that oauth 2.0 has been submitted as a draft http://tools.ietf.org/html/draft-hammer-oauth2-00, we are going to spend some time catching up our oauth 2.0 implementation. at that point, we'll evaluate letting it loose. On Sat, Apr 24, 2010 at 8:44 AM, Dewald Pretorius dpr...@gmail.comwrote: Raffi, that is super awesome. Thank you. Any chance that you will have OAuth 2.0 in production before then? On Apr 24, 12:40 pm, Raffi Krikorian ra...@twitter.com wrote: hi all. you're going to be hearing a lot from me over the next 9 weeks. our plan is to turn off basic authorization on the API by june 30, 2010 -- developers will have to switch over to OAuth by that time. between now and then, there will be a *lot* of information coming along with tips on how to use OAuth Echo, xAuth, etc. we really want to make this transition as easy as we can for everybody. as always, please feel free to reach out to this group, or to @twitterapi directly. if you need help remembering the date - http://bit.ly/twcountdown . -- Raffi Krikorian Twitter Platform Teamhttp://twitter.com/raffi -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en -- Raffi Krikorian Twitter Platform Team http://twitter.com/raffi
Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
hi tom! i will be sending more info about it - we've been working with yfrog, tweetphoto, and twitpic to get their services migrated - they are either finished or are nearly there. if there are others that you would like the @twitterapi team involved with to help them get migrated over as well, then feel free to drop me an e-mail asking me. On Sat, Apr 24, 2010 at 10:48 AM, Thomas Woolway tswool...@gmail.comwrote: Hi Raffi, Great that we've got a date for basic auth deprecation, but is there any news/timescales on OAuth Echo? We've got nine weeks and counting to get the spec, get the service providers to implement it, build it into clients and get our user-bases to upgrade if they want to be able to upload photos post June 30th. That's easier if you're web based, but not a huge amount of time if you are desktop or mobile based. Thanks, Tom On Sat, Apr 24, 2010 at 4:49 PM, Raffi Krikorian ra...@twitter.comwrote: there is a really good chance - now that oauth 2.0 has been submitted as a draft http://tools.ietf.org/html/draft-hammer-oauth2-00, we are going to spend some time catching up our oauth 2.0 implementation. at that point, we'll evaluate letting it loose. On Sat, Apr 24, 2010 at 8:44 AM, Dewald Pretorius dpr...@gmail.comwrote: Raffi, that is super awesome. Thank you. Any chance that you will have OAuth 2.0 in production before then? On Apr 24, 12:40 pm, Raffi Krikorian ra...@twitter.com wrote: hi all. you're going to be hearing a lot from me over the next 9 weeks. our plan is to turn off basic authorization on the API by june 30, 2010 -- developers will have to switch over to OAuth by that time. between now and then, there will be a *lot* of information coming along with tips on how to use OAuth Echo, xAuth, etc. we really want to make this transition as easy as we can for everybody. as always, please feel free to reach out to this group, or to @twitterapi directly. if you need help remembering the date - http://bit.ly/twcountdown . -- Raffi Krikorian Twitter Platform Teamhttp://twitter.com/raffi -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en -- Raffi Krikorian Twitter Platform Team http://twitter.com/raffi -- Raffi Krikorian Twitter Platform Team http://twitter.com/raffi
Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
On 4/24/2010 3:44 PM, Raffi Krikorian wrote: hi tom! i will be sending more info about it - we've been working with yfrog, tweetphoto, and twitpic to get their services migrated - they are either finished or are nearly there. if there are others that you would like the @twitterapi team involved with to help them get migrated over as well, then feel free to drop me an e-mail asking me. Speaking on behalf of TwitterVB we use a lot of these services in our dll, so if any of the api's change dramatically we'd really love to hear about those changes. -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
On 4/24/2010 5:05 PM, Raffi Krikorian wrote: if there any applications / service providers that you would like the @twitterapi team to talk to - let me know. or, have the application / service provider come to us. i really want to make this transition as easy as possible. I'll probably be contacting those services. Right now we have interfaces for: *TweetPhoto *TwitPic *yFrog *FileSocial *Twic.li After I get my butt in gear and get xAuth support I'll probably next work on encapsulating all of these services (currently TweetPhoto, TwitPic and FileSocial are part of the main class) so that changes can be more easily worked on. -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse
first three are taken care of, just let me know if you need help coordinating with the others On Sat, Apr 24, 2010 at 4:34 PM, John Meyer john.l.me...@gmail.com wrote: On 4/24/2010 5:05 PM, Raffi Krikorian wrote: if there any applications / service providers that you would like the @twitterapi team to talk to - let me know. or, have the application / service provider come to us. i really want to make this transition as easy as possible. I'll probably be contacting those services. Right now we have interfaces for: *TweetPhoto *TwitPic *yFrog *FileSocial *Twic.li After I get my butt in gear and get xAuth support I'll probably next work on encapsulating all of these services (currently TweetPhoto, TwitPic and FileSocial are part of the main class) so that changes can be more easily worked on. -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en -- Raffi Krikorian Twitter Platform Team http://twitter.com/raffi