That's not so bad. So you're saying search is going to consider
either user loc or tweet loc (and I assume pick the closest)?
On Nov 20, 4:57 pm, Raffi Krikorian wrote:
> that is currently unsupported -- right now you will get both. you
> could, once receiving the search results, filter on th
How does this interact with the search mechanism, if at all? i.e. when
I do a near search, I *don't* want tweets that come from people who's
profile sets them near that place, but instead only for *tweets*
marked as near that place.
On Nov 19, 4:51 pm, Raffi Krikorian wrote:
> As you may have see
Our OAuth-based sign-in and API-using service is up:
https://tools.povo.com/Profile/Signin/
Noticed another thing - Twitter isn't sending screen_name on the
redirect anymore.
On Apr 24, 1:33 pm, djMax wrote:
> This is a nifty idea, I assume it's going to break when the use
This is a nifty idea, I assume it's going to break when the user has
to do something other than click "Allow" right? e.g. login...
On Apr 24, 10:47 am, Shannon Whitley
wrote:
> Thanks for all your hard work, Matt.
>
> In one of my solutions, I am getting around the absence of the
> oauth_callbac
I understand killing oauth_callback, but I would propose that you
shouldn't kill the ability for the app to send info that will be
returned to it upon redirecting. Is this possible? For example, you
could simply pass oauth_callback back to the calling app even though
you're not going to listen t
What does this really mean these days? Clearly your desktop app is
connected to the internet in some way at some point, otherwise you
wouldn't need Twitter. So are you just saying that you never want to
have to display an HTML page? What about a web based "activation
stage" that yielded some cu
That's an interesting one. It's basically a federation question. It
would definitely not be possible (AFAIK, and it'd be a terrible thing
if it was) to use my OAuth tokens for some other service to
authenticate to the Twitter API. Do those sites have well defined
APIs? In theory the user of yo
Hi Jay, very interesting project. I run a hyperlocal wiki in Boston:
http://boston.povo.com. How are you pulling these, are you going
after specific users who set their location to Boston (or whichever
city)?
On Apr 17, 4:20 pm, jayb wrote:
> I've been collecting tweets for about a week for a
nd more details once the
> code is reviewed and we're sure it won't be delayed for some reason.
>
> Thanks;
> — Matt Sanford
>
> On Apr 17, 2009, at 06:26 AM, djMax wrote:
>
>
>
> > I believe this flow is not secure (or not "as" secure) becaus
http://drop.io
On Apr 17, 12:07 pm, Nick Arnett wrote:
> Michele, djMax and anybody else interested... It is a 128MB file after
> gzipping (291MB uncompressed). Any thoughts on a place to put it for
> download? I'm reluctant to sacrifice a lot of my own bandwidth for this and
I believe this flow is not secure (or not "as" secure) because that
URL that is "transmitted" via the browser is permanently reusable by
anyone to login to my service as that twitter user. In the
authorization flow, I don't believe any such URL ever goes through the
browser.
So basically I think
This thread is kind of a dupe of
http://groups.google.com/group/twitter-development-talk/browse_thread/thread/a27298269b429a15
I'd suggest we move the convo over there? My last post in that thread
describes why I think the current flow is not secure, which is
essentially what Dossy says I think
If this is true, this is broken from a security perspective, IMHO.
Basically it says that if anyone guesses an oauth_token, they can
login to any site without having any idea who the user that maps to
that token is.
I've wondered about a distributed version of this... If those of us
who want to sift through the "entire" stream were to pool our API
usage, in theory we could do it w/o knocking over twitter right?
My particular usage is mining for geo content, either lat/lng or NLP
based feature extraction.
Ok, I've dug into some basics of OAuth and also the code of Tweet#.
After authorization, I'm armed with my user record and a map of it to
an OAuth token (A) and secret (T1). Now, weeks later, the user
returns to my site with no cookies (let's say). So I show them the
Twitter signin button. They
I'm not sure you don't have the secret for it. I'm still trying to
understand the tweet# code, but you were supposed to have saved the
"new" secret for that token when you got the original request token
right? Right now when trying to exchange that secondary oauth_token
for an access token, twee
Did this stop working? All of the sudden I'm getting 500 server
errors back. Was working ok 15 minutes ago.
On Apr 16, 12:52 pm, Doug Williams wrote:
> Matt has deployed our answer for one click login. It requires only a small
> change to the normal Twitter OAuth workflow and is documented her
another round trip for the screen_name.
>
> Thanks;
> — Matt Sanford
>
> On Apr 16, 2009, at 02:11 PM, djMax wrote:
>
>
>
> > Sorry if this is a noob question, but how can we verify the
> > screen_name of an OAuth token? It would seem that having it only ou
Sorry if this is a noob question, but how can we verify the
screen_name of an OAuth token? It would seem that having it only out
of band as a query arg means it's subject to spoofing right? Not sure
how I build secure site login with the core identifier may not match
the token I'm given.
I see it now, I'm all over it. First one to get single signin working
wins. :)
On Apr 15, 5:56 pm, Doug Williams wrote:
> Yes, we are working on something that will make what you are asking for,
> djMax, a working feature. I'm writing the documentation now.
>
> Doug
I want to use OAuth via Twitter for login to our site. The first time
I get the flow, user clicks allow. But is there a method that I use
given the token and secret for the next time, so that if they're
already logged in they see nothing but if they're not they have to
login?
ords specifically ...
>
> On Tue, Apr 14, 2009 at 11:59 AM, djMax wrote:
>
> > And there's no way for me to get all posts to try and do this myself
> > right?
>
> > On Apr 14, 11:43 am, Abraham Williams <4bra...@gmail.com> wrote:
> > > As far as I
side note: Laconi.ca is working on adding geolocations for each notice.
> This could be incredibly useful information especially with the increased
> penetration of geo aware phones.
>
> On Mon, Apr 13, 2009 at 22:26, djMax wrote:
>
> > How does Twitter GeoCode tweets OTHER t
How does Twitter GeoCode tweets OTHER than the users location (if at
all)? I'd like to include short urls for geolocation, but want to
understand how Twitter uses them. Thanks.
24 matches
Mail list logo
