I assume from this then it is still a sortable incremental number
(albeit not sequential) and we can insert id's in an order. For
example if you want to create a combined timeline of two users you
grab both timelines, compare status id's and insert in the order of
them
On Jun 2, 5:22 am,
I didn't see this mentioned explicitly in the documentation, but it
seems that calling statuses/home_timeline?since_id=XYZ only returns
~20 statuses.
I'm developing an app that is intended to be able to list all tweets
(respecting the limit of 200 statuses, of course). As far as I can
tell, the
Hello
I'm trying to do the following: I created an account on twitter and
I'm following certain friends. On my site I would like to show my
friends_timeline. This needs authentication. As basic authentication
will be turned off, I need to use oauth.
How can I do this. It is my account, and I
Hello,
based on API doc there is a limit of 3,200 statuses for home timeline:
'Clients may access up to 3,200 statuses via the page and count
parameters for timeline REST API methods'
I noticed today that I can only fetch last 800 statuses only.
Anyone else experiencing same issue?
Thanks
Thanks for finding that, but twitter still refuses it
basestring:
POSThttp%3A%2F%2Fapi.twitter.com
%2Foauth%2Frequest%5Ftokenoauth_consumer_key%3DdHbWZ6idD9VEuQ5tNUufA%26oauth_nonce%3D6739551275477403%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1275477403%26oauth_version%3D1.0
Just thinking about the 30h of June, is there anyway to pull the last
x number of API requests and see if they were authenticated from Oauth/
basic.
I have a fairly large number of projects some I know are using Oauth
some are not, but all have 1 or 2 test accounts in common so if I
could look at
I'm getting up to speed on OAuth and I haven't found a clear answer in
the existing threads; In my desktop app I request an access token and
get a key and secret back from Twitter. For storage, is it necessary
to encrypt both of those, or simply the secret?
Thanks
+Clint
Encrypting your consumer secret is the most important, but encrypting your
access token secret isn't a bad idea at all -- I would recommend it.
There's no need to encrypt your consumer key and access token though, as
they are already either sent as query parameters or within HTTP headers on
every
Hi Arthur,
Unrelated: recommend using SSL for all the OAuth dance operations like
request_token, access_token, and authorize
Is there any chance you are providing the OAuth-related parameters as query
parameters in addition to providing them in the HTTP header? Have you
compared the timestamp
Hi Craig,
It looks like you are passing oauth_* parameters in your POST body in
addition to the OAuth HTTP headers. It's really a choice between one or the
other -- either you send the oauth_* parameters in a HTTP header or you send
them in either a POST body or querystring.
When using HTTP
You are right, the encoded _ was the problem.
Thank you very much, now i can move to the other requests ^^
Arthur.
2010/6/2 Taylor Singletary taylorsinglet...@twitter.com
Hi Arthur,
Unrelated: recommend using SSL for all the OAuth dance operations like
request_token, access_token, and
On Wed, 2 Jun 2010 07:06:54 -0700
Taylor Singletary taylorsinglet...@twitter.com wrote:
You can either go ahead and implement the flow, protect it in your
application such that only you have access to it, and then persist the
access token you receive until the end of time (or whenever you
Today, the only means to expire an access token is by the granting user
going to their Account Settings page and severing the permission granted to
your application. There is merit in what you propose but we're not pursuing
those kind of expiration features at this time.
On Wed, Jun 2, 2010 at
Hi,
It was a lot of fun and thanks to the Twitter folks for hosting it and
giving
us api access. Here are a few of my takeaways
1. The hashtag is dead http://bit.ly/ct8orP
2. custom annotation renderers and micro-html tweets are coming to a
client near you.
3. hello new world
S. Sriram
@565labs
I'm using both Twitter OAuth and Twitter Anywhere's connect button in my site.
I'd like to know whether Twitter Anywhere's connected user is someone
who is already authenticated
by Twitter OAuth. But I haven't find how to make it possible.
Please help me solve this problem.
Andy Matsubara
This isn't possible at this time but we'd like to enable some of these
cross-polinated integrations long-term. Stay tuned. It is possible to use
@Anywhere to determine the current user's screen name or member id, then use
AJAX to send that data to your back end and make a comparison, but the
Yes. Sending screen name or id by AJAX is possible. But it doesn't
certify the user. Any program can send the info. I cannot avoid
spoofing. I need more secure way to communicate between server and
Anywhere Javascript.
Andy Matsubara
On Thu, Jun 3, 2010 at 2:35 AM, Taylor Singletary
We are seeing the same behavior on http://www.mapleprimes.com
Any chance this will be fixed in @anywhere? If not, we'll likely need
to remove @anywhere from our site.
On Jun 1, 10:57 am, Steve C st...@twitpic.com wrote:
Right, I understand that it's not supported on older browsers but I
think
We just updated our Twitter plugin for WordPress to use the new OAuth
API. Someone just asked if it was safe to store the consumer key and
consumer secret in plain text (which it basically has to be as I
understand it, since ultimately it needs to be sent to the server in a
plain text form). I
After some work (and some help from the group) my implementation works,
but...
The QUEST to get an access token
1. app gets a request token from twitter
2. user clicks a button on the ap
3. app opens a twitter page, user types username/password
4. twitter gives user a PIN
5. user
We just updated our Twitter plugin for WordPress to use the new OAuth
API. Someone just asked if it was safe to store the consumer key and
consumer secret in plain text (which it basically has to be as I
understand it, since ultimately it needs to be sent to the server in a
plain text form).
Hi Arthur,
Indeed it is a Quest.
You don't need to do this entire round trip every single time. In Twitter's
OAuth implementation, when we respond with the access token to you in the
access token step, we also include the screen_name and id of the user. You
in turn should store the id,
On Wed, 2 Jun 2010 13:23:34 -0700 (PDT)
Cameron Kaiser spec...@floodgap.com wrote:
We just updated our Twitter plugin for WordPress to use the new
OAuth API. Someone just asked if it was safe to store the consumer
key and consumer secret in plain text (which it basically has to be
as I
It really ends up just being a case of best-effort security. A desktop
application makes its best effort to keep the secrets concealed, obfuscated,
or stored.
The last thing you want is for those with malicious intent to masquerade as
your application, giving it a bad name, and possibly getting
I guess I'm getting terminology confused.
My application is a desktop Mac applications. When I registered my app I
got a Consumer Key and a Consumer Secret. These belong to my app.
For a given user I go though the xAuth process and get back an Access Token,
consisting of a key and secret. These
Hi Clint,
No Worries. I'm really not familiar with the way things like the Keychain
store and persist these things.
I'll be more verbose:
You are absolutely safe in storing the token part of the user's access
token and your consumer key unencrypted.
Encrypting both the consumer secret and
Hey Clint,
There is a lot of terminology to get your head round so don't worry about
asking for clarification. To add to Taylor's comment it may also be helpful
to know that the user token and secret you get back is unique to your
application. This means that user token and secret won't work with
You can't really encrypt it or anything, since as someone else pointed
out, it eventually needs to be in plain text and therefore can be
intercepted in the code. Plus, it's my understanding that many
servers with PHP don't have OpenSSL extensions installed.
On Jun 2, 1:58 pm, Taylor Singletary
Hello,
We are looking at getting city based search results for 14 major
cities.
The current method we use is to plug in a cities Geo Coordinates into
the search API and then include a 25KM radius around the city. This
works well and allows us to get true results of people inside or
around a
Thanks for posting this
Thanks for the validation... imho this is a serious issue and based on
extensive google searches, it's obvious its happening to a lot of
people plus, its obvious that, in general, none of the users has a
clue on what's happening and how to address it.
Further
Sorry about the mess. We hope to have a deploy out for this this week.
On Wed, Jun 2, 2010 at 2:39 PM, BevHoward bevhow...@gmail.com wrote:
Thanks for posting this
Thanks for the validation... imho this is a serious issue and based on
extensive google searches, it's obvious its happening
Have you considered using the Streaming API for this purpose?
http://apiwiki.twitter.com/Streaming-API-Documentation#locations -- we
encourage those with heavy search needs to use it as an alternative. Search
is meant much more for servicing search results based off of user-initiated
queries, and
thanks Taylor for the reply.
I am referring to user-initiated queries.
We have users that type in a keyword to a search box, and we then
return results from the Search API with the corresponding Geo
Coordinates included with the request
On Jun 2, 5:51 pm, Taylor Singletary
As Taylor said, the Streaming API sounds like it would be a good option for
you to consider but for a user driven search like yours you would probably
need to build a caching layer.
Whilst the near operator works well on the search.twitter.com website it
isn't supported through the search API.
We just updated our Twitter plugin for WordPress to use the new
OAuth API. Someone just asked if it was safe to store the consumer
key and consumer secret in plain text (which it basically has to be
as I understand it, since ultimately it needs to be sent to the
server in a plain
I am building a RSS native mobile app that pull Twitter feeds using
Search API. I am experiencing similar behavior. Sometimes it has fewer
results.
Could you advise me? If I would have to use Twitter to report real-
time events such as Earthquake alerts? for Medical Emergency alerts?
Should I use
Thanks for clarifying ^^
Arthur.
2010/6/2 Taylor Singletary taylorsinglet...@twitter.com
Hi Arthur,
Indeed it is a Quest.
You don't need to do this entire round trip every single time. In Twitter's
OAuth implementation, when we respond with the access token to you in the
access token
Awesome. I have earlybird ready to receive the annotations and dump them to the
console as they are received when these changes go live. I will push it to
github after it hits for some sample code for anyone that wants to play.
http://github.com/zbowling/earlybird/
(The version in master
38 matches
Mail list logo
