Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[Dave Sherohman]

On Mon, Apr 26, 2010 at 11:09:38AM -0400, Dean Collins wrote:
 Yeh but John, who is going to install MySQL for a desktop client?

1) John was responding to someone who said a database wouldn't work for
[him] since I do not have a desktop app, end I do not store anything in
a database.  If he doesn't have a desktop app, then he's talking about
a web app and, as John said, pretty much every web host out there gives
you MySQL, no installation required.

2) MySQL isn't the only RDBMS out there...  If I were writing a desktop
app which needed to handle significant amounts of data, I'd use SQLite.
The SQLite libraries in every language I'm aware of aren't just
interfaces to the database, but rather contain the entire database
engine, so there's no external application to install.  This is a well-
proven approach, with Firefox probably being the biggest-name
application using an embedded SQLite database engine to handle its data.

http://en.wikipedia.org/wiki/SQLite


-- 
Dave Sherohman


-- 
Subscription settings: 
http://groups.google.com/group/twitter-development-talk/subscribe?hl=en

Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[M. Edward (Ed) Borasky]

On 04/27/2010 12:11 AM, Dave Sherohman wrote:
 On Mon, Apr 26, 2010 at 11:09:38AM -0400, Dean Collins wrote:
 Yeh but John, who is going to install MySQL for a desktop client?
 
 1) John was responding to someone who said a database wouldn't work for
 [him] since I do not have a desktop app, end I do not store anything in
 a database.  If he doesn't have a desktop app, then he's talking about
 a web app and, as John said, pretty much every web host out there gives
 you MySQL, no installation required.
 
 2) MySQL isn't the only RDBMS out there...  If I were writing a desktop
 app which needed to handle significant amounts of data, I'd use SQLite.
 The SQLite libraries in every language I'm aware of aren't just
 interfaces to the database, but rather contain the entire database
 engine, so there's no external application to install.  This is a well-
 proven approach, with Firefox probably being the biggest-name
 application using an embedded SQLite database engine to handle its data.
 
 http://en.wikipedia.org/wiki/SQLite
 
 

Fortunately, SQLite is small enough that having dozens of applications,
each with its own embedded binary of SQLite, doesn't run you out of RAM. ;-)

-- 
M. Edward (Ed) Borasky
borasky-research.net/m-edward-ed-borasky

A mathematician is a device for turning coffee into theorems. ~ Paul Erdős


-- 
Subscription settings: 
http://groups.google.com/group/twitter-development-talk/subscribe?hl=en

Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[John Meyer]

On 4/27/2010 5:52 AM, Eoin wrote:

Hi,

This is probably a basic question - but what is the best option if you
have written an integration for a web-based application that is
installed on multiple sites?

The URL is going to change per installation (and won't be publicly
accessible), and I would really like to minimise the impact to the
application's administrators and users.

thanks,

Eoin



If the app stores twitter usernames/passwords in combo, one solution may 
be to use xAuth and run a batch job to convert.  Once you've converted 
over to tokens, ditch the passwords and you're done.



--
Subscription settings: 
http://groups.google.com/group/twitter-development-talk/subscribe?hl=en

Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[Raffi Krikorian]

 One solution, which I know won't win the popularity prize, is for
 Twitter to relax its XAuth restrictions and allow web apps to use full
 OAuth and/or XAuth, depending on what works best for them.

 In my case, I will still use full OAuth because it's so much better
 than dealing with Twitter credential issues. But, I will add a small
 link below the Twitter authorize button on my site that says something
 like, Can't get to Twitter.com? which then leads to a username-
 password entry form, and then triggers an XAuth authorization.


unfortunately, this defeats the purpose of oauth :(

http://mehack.com/xauth-and-perhaps-the-need-for-socializing-ap

-- 
Raffi Krikorian
Twitter Platform Team
http://twitter.com/raffi


-- 
Subscription settings: 
http://groups.google.com/group/twitter-development-talk/subscribe?hl=en

RE: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[Dean Collins]

One solution, which I know won't win the popularity prize, is
for
Twitter to relax its XAuth restrictions and allow web apps to
use full
OAuth and/or XAuth, depending on what works best for them.

In my case, I will still use full OAuth because it's so much
better
than dealing with Twitter credential issues. But, I will add a
small
link below the Twitter authorize button on my site that says
something
like, Can't get to Twitter.com? which then leads to a
username-
password entry form, and then triggers an XAuth authorization.

 

unfortunately, this defeats the purpose of oauth :(

 

http://mehack.com/xauth-and-perhaps-the-need-for-socializing-ap

 

-- 
Raffi Krikorian
Twitter Platform Team
http://twitter.com/raffi

 

 

 

 

But for a desktop client it doesn't really matter now does it?

 

I'm still not buying it that oauth is going add any value for desktop
clients with regards to password security. Basically you are now storing
token in the desktop client instead of password.

 

Same difference if you are worried about the end users pc getting
hacked.

 

 

 

 

Cheers,

Dean

 

 



-- 
Subscription settings: 
http://groups.google.com/group/twitter-development-talk/subscribe?hl=en

RE: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[Dean Collins]

 


 


-Original Message-
From: twitter-development-talk@googlegroups.com
[mailto:twitter-development-t...@googlegroups.com] On Behalf Of John
Meyer
Sent: Monday, April 26, 2010 10:48 AM
To: twitter-development-talk@googlegroups.com
Subject: Re: [twitter-dev] Re: countdown to OAuth / basic auth removal /
OAuthcalypse

On 4/26/2010 8:43 AM, jaronbarends wrote:
 @raffi thanks for your replies. I didn't mean to start a discussion
 about Twitter's policy here (although I can imagine some people would
 like to discuss it elsewhere). I'm mostly interested in finding a
 solution.

 @dean: I'm not sure I understand your suggestion about using oAuth for
 both the desktop and the web app. Did you mean letting the users allow
 access through the desktop app, then storing the username/token
 combination in a central database and using that database for the web
 app too? That wouldn't work for me since I do not have a desktop app,
 end I do not store anything in a database...


no I think he meant that you can use the oAuth for EITHER the desktop or

the web.  You wouldn't even need to store the username; just the token 
and the token_secret.  And the database can be anything from an actual 
RDBMS to a text file stored on the server (although with the fact that 
almost every web host that you pay for provides at least MySQL and the 
fact that text files are notoriously insecure you should be thinking 
about upgrading).


 

Yeh but John, who is going to install MySQL for a desktop client?

You're still thinking webapps instead of desktop (yes I realize I'm in
the minority here).



Cheers,

Dean



-- 
Subscription settings: 
http://groups.google.com/group/twitter-development-talk/subscribe?hl=en

Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[John Meyer]

On 4/26/2010 9:09 AM, Dean Collins wrote:









-Original Message-
From: twitter-development-talk@googlegroups.com
[mailto:twitter-development-t...@googlegroups.com] On Behalf Of John
Meyer
Sent: Monday, April 26, 2010 10:48 AM
To: twitter-development-talk@googlegroups.com
Subject: Re: [twitter-dev] Re: countdown to OAuth / basic auth removal /
OAuthcalypse

On 4/26/2010 8:43 AM, jaronbarends wrote:

@raffi thanks for your replies. I didn't mean to start a discussion
about Twitter's policy here (although I can imagine some people would
like to discuss it elsewhere). I'm mostly interested in finding a
solution.

@dean: I'm not sure I understand your suggestion about using oAuth for
both the desktop and the web app. Did you mean letting the users allow
access through the desktop app, then storing the username/token
combination in a central database and using that database for the web
app too? That wouldn't work for me since I do not have a desktop app,
end I do not store anything in a database...



no I think he meant that you can use the oAuth for EITHER the desktop or

the web.  You wouldn't even need to store the username; just the token
and the token_secret.  And the database can be anything from an actual
RDBMS to a text file stored on the server (although with the fact that
almost every web host that you pay for provides at least MySQL and the
fact that text files are notoriously insecure you should be thinking
about upgrading).




Yeh but John, who is going to install MySQL for a desktop client?

You're still thinking webapps instead of desktop (yes I realize I'm in
the minority here).




Um, not jaron since he said he didn't have a desktop app.



--
Subscription settings: 
http://groups.google.com/group/twitter-development-talk/subscribe?hl=en

Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[Raffi Krikorian]

i don't know very much about textpattern, however, might @anywhere be a
solution for this?

On Mon, Apr 26, 2010 at 11:08 AM, monkeyninja andy1...@gmail.com wrote:

 Hi Raffi,

 Not sure if I am following this correctly or not, but basically I have
 been developing a plugin for Textpattern for a while that uses basic
 authorisation to update a Twitter feed based on the username/password
 set for the plugin. Does this change mean that the user would now be
 temporarily passed back to Twitter before they would be authorised? I
 am hoping this isn't the case as it would make the plugin somewhat
 useless to the people using it.

 On Apr 24, 4:40 pm, Raffi Krikorian ra...@twitter.com wrote:
  hi all.
 
  you're going to be hearing a lot from me over the next 9 weeks.  our plan
 is
  to turn off basic authorization on the API by june 30, 2010 -- developers
  will have to switch over to OAuth by that time.  between now and then,
 there
  will be a *lot* of information coming along with tips on how to use OAuth
  Echo, xAuth, etc.  we really want to make this transition as easy as we
 can
  for everybody.
 
  as always, please feel free to reach out to this group, or to @twitterapi
  directly.  if you need help remembering the date -
 http://bit.ly/twcountdown
  .
 
  --
  Raffi Krikorian
  Twitter Platform Teamhttp://twitter.com/raffi
 
  --
  Subscription settings:
 http://groups.google.com/group/twitter-development-talk/subscribe?hl=en




-- 
Raffi Krikorian
Twitter Platform Team
http://twitter.com/raffi

Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[Raffi Krikorian]

not at all.  twitter.com is already setup completely for oauth echo.  at
this point, its just 3rd party providers, and end clients.  the @twitterapi
team is ready to help out any of those that need help.

On Sat, Apr 24, 2010 at 9:28 PM, Jaanus jaa...@gmail.com wrote:

 Is there any kind of special involvement needed from you every time
 someone wants to do OAuth Echo? I thought I'll make my own server for
 my own app for some purpose. Judging by the spec you posted on your
 blog a while ago (http://mehack.com/oauth-echo-delegation-in-identity-
 verificatio), it does not look like some special Twitter involvement
 is needed, as long as I implement all that's needed in my app and
 server?


 J


 On Apr 24, 5:44 pm, Raffi Krikorian ra...@twitter.com wrote:
  hi tom!
 
  i will be sending more info about it - we've been working with yfrog,
  tweetphoto, and twitpic to get their services migrated - they are either
  finished or are nearly there.  if there are others that you would like
 the
  @twitterapi team involved with to help them get migrated over as well,
 then
  feel free to drop me an e-mail asking me.
 
  On Sat, Apr 24, 2010 at 10:48 AM, Thomas Woolway tswool...@gmail.com
 wrote:
 
 
 
 
 
   Hi Raffi,
 
   Great that we've got a date for basic auth deprecation, but is there
 any
   news/timescales on OAuth Echo? We've got nine weeks and counting to get
 the
   spec, get the service providers to implement it, build it into clients
 and
   get our user-bases to upgrade if they want to be able to upload photos
 post
   June 30th. That's easier if you're web based, but not a huge amount of
 time
   if you are desktop or mobile based.
 
   Thanks,
 
   Tom
 
   On Sat, Apr 24, 2010 at 4:49 PM, Raffi Krikorian ra...@twitter.com
 wrote:
 
   there is a really good chance - now that oauth 2.0 has been submitted
 as a
   drafthttp://tools.ietf.org/html/draft-hammer-oauth2-00, we are going
 to
   spend some time catching up our oauth 2.0 implementation.  at that
 point,
   we'll evaluate letting it loose.
 
   On Sat, Apr 24, 2010 at 8:44 AM, Dewald Pretorius dpr...@gmail.com
 wrote:
 
   Raffi, that is super awesome. Thank you.
 
   Any chance that you will have OAuth 2.0 in production before then?
 
   On Apr 24, 12:40 pm, Raffi Krikorian ra...@twitter.com wrote:
hi all.
 
you're going to be hearing a lot from me over the next 9 weeks.
  our
   plan is
to turn off basic authorization on the API by june 30, 2010 --
   developers
will have to switch over to OAuth by that time.  between now and
 then,
   there
will be a *lot* of information coming along with tips on how to use
   OAuth
Echo, xAuth, etc.  we really want to make this transition as easy
 as we
   can
for everybody.
 
as always, please feel free to reach out to this group, or to
   @twitterapi
directly.  if you need help remembering the date -
  http://bit.ly/twcountdown
.
 
--
Raffi Krikorian
Twitter Platform Teamhttp://twitter.com/raffi
 
--
Subscription settings:
  
 http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
 
   --
   Raffi Krikorian
   Twitter Platform Team
  http://twitter.com/raffi
 
  --
  Raffi Krikorian
  Twitter Platform Teamhttp://twitter.com/raffi




-- 
Raffi Krikorian
Twitter Platform Team
http://twitter.com/raffi

Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[Marco Kaiser]

Did you whitelist your app for xAuth?

On Apr 25, 2010 1:22 PM, Craig Hockenberry craig.hockenbe...@gmail.com
wrote:

Hi Raffi!

Is there a delay/verification after a new app is created? I just
created a new app and am seeing problems getting the OAuth token with
a xAuth HTTP request that looks like this:

xAuth consumer key = N3fq77IdBT4qfglbcb4njg, consumer secret =
REDACTED
xAuth URL = https://api.twitter.com/oauth/access_token
xAuth HTTP method = POST, shouldHandleCookies = NO, cachePolicy =
NSURLRequestReloadIgnoringCacheData
xAuth HTTP headers = {
   Content-Length = 78;
   Content-Type = application/x-www-form-urlencoded;
}
xAuth HTTP body =
x_auth_mode=client_authx_auth_username=REDACTEDx_auth_password=REDACTED

I get back a status code of 0 and a response of Failed to validate
oauth signature and token.

For an older application with different consumer information (key =
5CAYV1DR5uwhVRJDBrepw) but the same username and password), I get back
a code of 200 and an empty response.

If there is indeed a delay for this information to propagate, you need
to let people know...

-ch




On Apr 24, 8:40 am, Raffi Krikorian ra...@twitter.com wrote:

 hi all.

 you're going to be hearing a lot from me over the next 9 weeks.  our plan
is
 to turn...

 Twitter Platform Teamhttp://twitter.com/raffi

 --
 Subscription settings:http://groups.google


-- 
Subscription settings: 
http://groups.google.com/group/twitter-development-talk/subscribe?hl=en

Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[Raffi Krikorian]

hi craig.

have you gotten access to xAuth?  applications are not, by default, given
access to xAuth - if you e-mail a...@twitter.com with

   - your client token; and
   - a description of your application

then we can grant it access.

On Sun, Apr 25, 2010 at 1:22 PM, Craig Hockenberry 
craig.hockenbe...@gmail.com wrote:

 Hi Raffi!

 Is there a delay/verification after a new app is created? I just
 created a new app and am seeing problems getting the OAuth token with
 a xAuth HTTP request that looks like this:

 xAuth consumer key = N3fq77IdBT4qfglbcb4njg, consumer secret =
 REDACTED
 xAuth URL = https://api.twitter.com/oauth/access_token
 xAuth HTTP method = POST, shouldHandleCookies = NO, cachePolicy =
 NSURLRequestReloadIgnoringCacheData
 xAuth HTTP headers = {
Content-Length = 78;
Content-Type = application/x-www-form-urlencoded;
 }
 xAuth HTTP body =
 x_auth_mode=client_authx_auth_username=REDACTEDx_auth_password=REDACTED

 I get back a status code of 0 and a response of Failed to validate
 oauth signature and token.

 For an older application with different consumer information (key =
 5CAYV1DR5uwhVRJDBrepw) but the same username and password), I get back
 a code of 200 and an empty response.

 If there is indeed a delay for this information to propagate, you need
 to let people know...

 -ch



 On Apr 24, 8:40 am, Raffi Krikorian ra...@twitter.com wrote:
  hi all.
 
  you're going to be hearing a lot from me over the next 9 weeks.  our plan
 is
  to turn off basic authorization on the API by june 30, 2010 -- developers
  will have to switch over to OAuth by that time.  between now and then,
 there
  will be a *lot* of information coming along with tips on how to use OAuth
  Echo, xAuth, etc.  we really want to make this transition as easy as we
 can
  for everybody.
 
  as always, please feel free to reach out to this group, or to @twitterapi
  directly.  if you need help remembering the date -
 http://bit.ly/twcountdown
  .
 
  --
  Raffi Krikorian
  Twitter Platform Teamhttp://twitter.com/raffi
 
  --
  Subscription settings:
 http://groups.google.com/group/twitter-development-talk/subscribe?hl=en




-- 
Raffi Krikorian
Twitter Platform Team
http://twitter.com/raffi

RE: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[Dean Collins]

Jaron,

Why not use oAuth on a desktop client as well as the web client?

This way your Chinese users can still use the app? We are thinking of enabling 
oauth for MyPostButler in the same format but haven't decided if it's worth the 
effort until we get the all clear from twitter they wont kill the application 
once we move to oauth..



 

Cheers,

Dean

 


-Original Message-
From: twitter-development-talk@googlegroups.com 
[mailto:twitter-development-t...@googlegroups.com] On Behalf Of jaronbarends
Sent: Sunday, April 25, 2010 3:50 AM
To: Twitter Development Talk
Subject: [twitter-dev] Re: countdown to OAuth / basic auth removal / 
OAuthcalypse

I moved my web based app from basic auth to oAuth just last week. I
subsequently got several pleas from Chinese users to put the old
version back up, as they could no longer use my app, since access to
Twitter.com is blocked in China.

This issue has discussed in this group before here:
https://groups.google.com/group/twitter-development-talk/browse_thread/thread/39b8b326d8b679c6

Being a frontend developer, I may have misunderstood the outcome of
that discussion (I certainly hope so). But from Raffi's last comment
there (understood, but, right now, not in the plan.  web apps will
have to use the standard oauth workflow.) I understand that web app
users in countries like China where twitter is blocked will simply no
longer be able to use Twitter via the web.

Have I understood this correctly? If not, how can I make sure users in
blocked countries can still use my web app? If my users can no longer
use my app, what do you suggest I recommend them?

Jaron

On Apr 24, 5:40 pm, Raffi Krikorian ra...@twitter.com wrote:
 hi all.

 you're going to be hearing a lot from me over the next 9 weeks.  our plan is
 to turn off basic authorization on the API by june 30, 2010 -- developers
 will have to switch over to OAuth by that time.  between now and then, there
 will be a *lot* of information coming along with tips on how to use OAuth
 Echo, xAuth, etc.  we really want to make this transition as easy as we can
 for everybody.

 as always, please feel free to reach out to this group, or to @twitterapi
 directly.  if you need help remembering the date -http://bit.ly/twcountdown
 .

 --
 Raffi Krikorian
 Twitter Platform Teamhttp://twitter.com/raffi

 --
 Subscription 
 settings:http://groups.google.com/group/twitter-development-talk/subscribe?hl=en

Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[Abraham Williams]

It is specified on the XAuth documentation.

On Sun, Apr 25, 2010 at 13:39, Craig Hockenberry 
craig.hockenbe...@gmail.com wrote:

 No, I didn't ask for access. I guess that's the bug: there's no place
 during the signup process that tells you that you need to go through a
 manual process to get xAuth access...

 -ch

 On Apr 25, 1:29 pm, Raffi Krikorian ra...@twitter.com wrote:
  hi craig.
 
  have you gotten access to xAuth?  applications are not, by default, given
  access to xAuth - if you e-mail a...@twitter.com with
 
 - your client token; and
 - a description of your application
 
  then we can grant it access.
 
  On Sun, Apr 25, 2010 at 1:22 PM, Craig Hockenberry 
 
 
 
 
 
  craig.hockenbe...@gmail.com wrote:
   Hi Raffi!
 
   Is there a delay/verification after a new app is created? I just
   created a new app and am seeing problems getting the OAuth token with
   a xAuth HTTP request that looks like this:
 
   xAuth consumer key = N3fq77IdBT4qfglbcb4njg, consumer secret =
   REDACTED
   xAuth URL =https://api.twitter.com/oauth/access_token
   xAuth HTTP method = POST, shouldHandleCookies = NO, cachePolicy =
   NSURLRequestReloadIgnoringCacheData
   xAuth HTTP headers = {
  Content-Length = 78;
  Content-Type = application/x-www-form-urlencoded;
   }
   xAuth HTTP body =
  
 x_auth_mode=client_authx_auth_username=REDACTEDx_auth_password=REDACTED
 
   I get back a status code of 0 and a response of Failed to validate
   oauth signature and token.
 
   For an older application with different consumer information (key =
   5CAYV1DR5uwhVRJDBrepw) but the same username and password), I get back
   a code of 200 and an empty response.
 
   If there is indeed a delay for this information to propagate, you need
   to let people know...
 
   -ch
 
   On Apr 24, 8:40 am, Raffi Krikorian ra...@twitter.com wrote:
hi all.
 
you're going to be hearing a lot from me over the next 9 weeks.  our
 plan
   is
to turn off basic authorization on the API by june 30, 2010 --
 developers
will have to switch over to OAuth by that time.  between now and
 then,
   there
will be a *lot* of information coming along with tips on how to use
 OAuth
Echo, xAuth, etc.  we really want to make this transition as easy as
 we
   can
for everybody.
 
as always, please feel free to reach out to this group, or to
 @twitterapi
directly.  if you need help remembering the date -
  http://bit.ly/twcountdown
.
 
--
Raffi Krikorian
Twitter Platform Teamhttp://twitter.com/raffi
 
--
Subscription settings:
  http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
 
  --
  Raffi Krikorian
  Twitter Platform Teamhttp://twitter.com/raffi




-- 
Abraham Williams | Developer for hire | http://abrah.am
@abraham | http://projects.abrah.am | http://blog.abrah.am
This email is: [ ] shareable [x] ask first [ ] private.

Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[Abraham Williams]

It is not twitter telling you it is China.

--
Little androids dreaming of Nexus Ones compiled this text.

On Apr 25, 2010 6:53 PM, Dewald Pretorius dpr...@gmail.com wrote:

Raffi,

We really need a resolution for this issue before Basic Auth is
deprecated.

It sounds as if Twitter is telling developers of web apps that they
cannot provide service to Chinese users, and other users behind
firewalls that block access to twitter.com. But that can't be right,
can it?


On Apr 25, 4:49 am, jaronbarends jaronbare...@gmail.com wrote:
 I moved my web based app from ba...
 This issue has discussed in this group before here:
https://groups.google.com/group/twitter-development-talk/browse_threa...


 Being a frontend developer, I may have misunderstood the outcome of
 that discussion (I certain...


-- 
Subscription settings: 
http://groups.google.com/group/twitter-development-talk/subscribe?hl=en

Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[Raffi Krikorian]

before this gets out of hand - i, personally, am very sensitive to these
issues.  i've been spending some brain power trying to come up with a
solution.  if people have suggestions, then please feel free to reach out to
me personally and off list.

On Sun, Apr 25, 2010 at 7:54 PM, Ron B rbther...@gmail.com wrote:

 China's policy didn't just recently change, Twitter's did.  So it is
 Twitter telling us that we may not be able to support China and other
 firewall blocked countries any longer.  It is, after all, within
 Twitter's power to continue to support Basic Auth.  It is their
 conscious decision not to, despite the significant negative
 ramifications being brought to their attention.

 In an earlier comment from Twitter:  twitter.com is trying to drive
 people to understand and discover what's going on in the world.  No
 one in the world needs to understand and discover what's going on
 more than the people of these communist-block countries that otherwise
 see only what their governments allow them to see.  It is unfortunate
 that Twitter plans to turn their back on them.  Then again, what's a
 billion people here or there?...

 On Apr 25, 9:04 pm, Abraham Williams 4bra...@gmail.com wrote:
  It is not twitter telling you it is China.
 
  --
  Little androids dreaming of Nexus Ones compiled this text.
 
  On Apr 25, 2010 6:53 PM, Dewald Pretorius dpr...@gmail.com wrote:
 
  Raffi,
 
  We really need a resolution for this issue before Basic Auth is
  deprecated.
 
  It sounds as if Twitter is telling developers of web apps that they
  cannot provide service to Chinese users, and other users behind
  firewalls that block access to twitter.com. But that can't be right,
  can it?
 
  On Apr 25, 4:49 am, jaronbarends jaronbare...@gmail.com wrote: I
 moved my web based app from ba...
   This issue has discussed in this group before here:
 
  https://groups.google.com/group/twitter-development-talk/browse_threa...
 
 
 
   Being a frontend developer, I may have misunderstood the outcome of
   that discussion (I certain...
 
  --
  Subscription settings:
 http://groups.google.com/group/twitter-development-talk/subscribe?hl=en




-- 
Raffi Krikorian
Twitter Platform Team
http://twitter.com/raffi

Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[Raffi Krikorian]

there is a really good chance - now that oauth 2.0 has been submitted as a
draft http://tools.ietf.org/html/draft-hammer-oauth2-00, we are going to
spend some time catching up our oauth 2.0 implementation.  at that point,
we'll evaluate letting it loose.

On Sat, Apr 24, 2010 at 8:44 AM, Dewald Pretorius dpr...@gmail.com wrote:

 Raffi, that is super awesome. Thank you.

 Any chance that you will have OAuth 2.0 in production before then?

 On Apr 24, 12:40 pm, Raffi Krikorian ra...@twitter.com wrote:
  hi all.
 
  you're going to be hearing a lot from me over the next 9 weeks.  our plan
 is
  to turn off basic authorization on the API by june 30, 2010 -- developers
  will have to switch over to OAuth by that time.  between now and then,
 there
  will be a *lot* of information coming along with tips on how to use OAuth
  Echo, xAuth, etc.  we really want to make this transition as easy as we
 can
  for everybody.
 
  as always, please feel free to reach out to this group, or to @twitterapi
  directly.  if you need help remembering the date -
 http://bit.ly/twcountdown
  .
 
  --
  Raffi Krikorian
  Twitter Platform Teamhttp://twitter.com/raffi
 
  --
  Subscription settings:
 http://groups.google.com/group/twitter-development-talk/subscribe?hl=en




-- 
Raffi Krikorian
Twitter Platform Team
http://twitter.com/raffi

Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[Thomas Woolway]

Hi Raffi,

Great that we've got a date for basic auth deprecation, but is there any
news/timescales on OAuth Echo? We've got nine weeks and counting to get the
spec, get the service providers to implement it, build it into clients and
get our user-bases to upgrade if they want to be able to upload photos post
June 30th. That's easier if you're web based, but not a huge amount of time
if you are desktop or mobile based.

Thanks,

Tom

On Sat, Apr 24, 2010 at 4:49 PM, Raffi Krikorian ra...@twitter.com wrote:

 there is a really good chance - now that oauth 2.0 has been submitted as a
 draft http://tools.ietf.org/html/draft-hammer-oauth2-00, we are going to
 spend some time catching up our oauth 2.0 implementation.  at that point,
 we'll evaluate letting it loose.


 On Sat, Apr 24, 2010 at 8:44 AM, Dewald Pretorius dpr...@gmail.comwrote:

 Raffi, that is super awesome. Thank you.

 Any chance that you will have OAuth 2.0 in production before then?

 On Apr 24, 12:40 pm, Raffi Krikorian ra...@twitter.com wrote:
  hi all.
 
  you're going to be hearing a lot from me over the next 9 weeks.  our
 plan is
  to turn off basic authorization on the API by june 30, 2010 --
 developers
  will have to switch over to OAuth by that time.  between now and then,
 there
  will be a *lot* of information coming along with tips on how to use
 OAuth
  Echo, xAuth, etc.  we really want to make this transition as easy as we
 can
  for everybody.
 
  as always, please feel free to reach out to this group, or to
 @twitterapi
  directly.  if you need help remembering the date -
 http://bit.ly/twcountdown
  .
 
  --
  Raffi Krikorian
  Twitter Platform Teamhttp://twitter.com/raffi
 
  --
  Subscription settings:
 http://groups.google.com/group/twitter-development-talk/subscribe?hl=en




 --
 Raffi Krikorian
 Twitter Platform Team
 http://twitter.com/raffi

Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[Raffi Krikorian]

hi tom!

i will be sending more info about it - we've been working with yfrog,
tweetphoto, and twitpic to get their services migrated - they are either
finished or are nearly there.  if there are others that you would like the
@twitterapi team involved with to help them get migrated over as well, then
feel free to drop me an e-mail asking me.

On Sat, Apr 24, 2010 at 10:48 AM, Thomas Woolway tswool...@gmail.comwrote:

 Hi Raffi,

 Great that we've got a date for basic auth deprecation, but is there any
 news/timescales on OAuth Echo? We've got nine weeks and counting to get the
 spec, get the service providers to implement it, build it into clients and
 get our user-bases to upgrade if they want to be able to upload photos post
 June 30th. That's easier if you're web based, but not a huge amount of time
 if you are desktop or mobile based.

 Thanks,

 Tom


 On Sat, Apr 24, 2010 at 4:49 PM, Raffi Krikorian ra...@twitter.comwrote:

 there is a really good chance - now that oauth 2.0 has been submitted as a
 draft http://tools.ietf.org/html/draft-hammer-oauth2-00, we are going to
 spend some time catching up our oauth 2.0 implementation.  at that point,
 we'll evaluate letting it loose.


 On Sat, Apr 24, 2010 at 8:44 AM, Dewald Pretorius dpr...@gmail.comwrote:

 Raffi, that is super awesome. Thank you.

 Any chance that you will have OAuth 2.0 in production before then?

 On Apr 24, 12:40 pm, Raffi Krikorian ra...@twitter.com wrote:
  hi all.
 
  you're going to be hearing a lot from me over the next 9 weeks.  our
 plan is
  to turn off basic authorization on the API by june 30, 2010 --
 developers
  will have to switch over to OAuth by that time.  between now and then,
 there
  will be a *lot* of information coming along with tips on how to use
 OAuth
  Echo, xAuth, etc.  we really want to make this transition as easy as we
 can
  for everybody.
 
  as always, please feel free to reach out to this group, or to
 @twitterapi
  directly.  if you need help remembering the date -
 http://bit.ly/twcountdown
  .
 
  --
  Raffi Krikorian
  Twitter Platform Teamhttp://twitter.com/raffi
 
  --
  Subscription settings:
 http://groups.google.com/group/twitter-development-talk/subscribe?hl=en




 --
 Raffi Krikorian
 Twitter Platform Team
 http://twitter.com/raffi





-- 
Raffi Krikorian
Twitter Platform Team
http://twitter.com/raffi

Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[John Meyer]

On 4/24/2010 3:44 PM, Raffi Krikorian wrote:

hi tom!

i will be sending more info about it - we've been working with yfrog,
tweetphoto, and twitpic to get their services migrated - they are either
finished or are nearly there.  if there are others that you would like
the @twitterapi team involved with to help them get migrated over as
well, then feel free to drop me an e-mail asking me.



Speaking on behalf of TwitterVB we use a lot of these services in our 
dll, so if any of the api's change dramatically we'd really love to hear 
about those changes.



--
Subscription settings: 
http://groups.google.com/group/twitter-development-talk/subscribe?hl=en

Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[John Meyer]

On 4/24/2010 5:05 PM, Raffi Krikorian wrote:

if there any applications / service providers that you would like the
@twitterapi team to talk to - let me know.  or, have the application /
service provider come to us.

i really want to make this transition as easy as possible.



I'll probably be contacting those services. Right now we have interfaces 
for:

*TweetPhoto
*TwitPic
*yFrog
*FileSocial
*Twic.li


After I get my butt in gear and get xAuth support I'll probably next 
work on encapsulating all of these services (currently TweetPhoto, 
TwitPic and FileSocial are part of the main class) so that changes can 
be more easily worked on.



--
Subscription settings: 
http://groups.google.com/group/twitter-development-talk/subscribe?hl=en

Re: [twitter-dev] Re: countdown to OAuth / basic auth removal / OAuthcalypse

[Raffi Krikorian]

first three are taken care of, just let me know if you need help
coordinating with the others

On Sat, Apr 24, 2010 at 4:34 PM, John Meyer john.l.me...@gmail.com wrote:

 On 4/24/2010 5:05 PM, Raffi Krikorian wrote:

 if there any applications / service providers that you would like the
 @twitterapi team to talk to - let me know.  or, have the application /
 service provider come to us.

 i really want to make this transition as easy as possible.



 I'll probably be contacting those services. Right now we have interfaces
 for:
 *TweetPhoto
 *TwitPic
 *yFrog
 *FileSocial
 *Twic.li


 After I get my butt in gear and get xAuth support I'll probably next work
 on encapsulating all of these services (currently TweetPhoto, TwitPic and
 FileSocial are part of the main class) so that changes can be more easily
 worked on.



 --
 Subscription settings:
 http://groups.google.com/group/twitter-development-talk/subscribe?hl=en




-- 
Raffi Krikorian
Twitter Platform Team
http://twitter.com/raffi