[twitter-dev] Re: Streaming API Basics ...

[M. Edward (Ed) Borasky]

On Jan 18, 8:03 pm, John Kalucki  wrote:
> 3) You should have two accounts (and thus streams) at elevated access
> levels, one for follow and one for track, that perform the bulk of your
> work. You should also use two accounts at default access level for follow
> and track to find recent deltas without disrupting your main streams too
> often. Once the default streams are "full", you'll have to cycle the main
> streams.

So that's four accounts? Is that part of the EULA we'd need to sign -
that we'll have four connections open?

> 5) You can use the geo tag feature, but the volume is so low. We don't have
> a feature in the Streaming API that allows selecting statuses by the
> self-reported profile information yet.

Is that in the works? I'm not sure I can think of a use case for it,
given that the marketing analytics folks are going to be going all out
to encourage at least smart-phone users to enable automatic
geotagging. For lower-frequency / lower-accuracy use cases, I'm pretty
sure I can build a list of people who are based in PDX without
resorting to high-powered technologies. Especially once I get 1500
REST API calls per hour with oAuth. ;-)

The non-profits are also interested in promoting geotagging. I was in
a meeting on the subject last Tuesday. (some of the slides are at
http://maps2.humaninet.org/2010/01/18/january-12th-mapping-presentations/).
In short, I think geotagging is going to grow as fast as smart-phones
and other location-aware Twitter clients grow. (As an aside, those in
the meeting were unaware that the earthquake in Haiti had happened
during the meeting.)

--
M. Edward (Ed) Borasky
http://borasky-research.net/smart-at-znmeb

I've never met a happy clam. In fact, most of them were pretty
steamed.

Re: [twitter-dev] Re: Using OAuth keys in an open source application

[Julio Biason]

On Tue, Jan 19, 2010 at 3:03 AM, ryan alford  wrote:
> Raffi's answer in the third post was under the impression that the OP was
> referring to releasing his consumer keys as part of his open source code for
> others to download his CODE and use for their own applications.  This is
> what Raffi was referring to when he said to use a configuration file to
> store the consumer keys and have a README file for the "end user".  The "end
> user" being the developer that downloaded the code.

Not all applications will be run by developers. Mitter is run by end
users, on their desktops. If I have to force every open source user to
go and register a new application to be able to update their status on
Twitter, they will simply use the website 'cause it's way easier than
doing the whole process.

Yes, security is important. But when security is a burden to the user
experience, people will not use your application.

I'm kinda worried about the work end-users will have when they try to
run Mitter on their N800.

-- 
Julio Biason 
Twitter: http://twitter.com/juliobiason

[twitter-dev] Re: TwitVid upload function

[Rich]

I've discovered the same thing, it seems TwitVid is doing some weird
manual parsing of variables and/or HTTP headers and everything needs
to be exactly spaced as they would expect it.

I had to tweak almost everything that works for other services to get
it to work with TwitVid.

On Jan 18, 9:03 pm, John Meyer  wrote:
> I'm part of the TwitterVB library project. Part of my effort is to write
> an object that encapsulates a connection to TwitVid.com  I'm currently
> testing the upload function but am having problems:
>
>      Upload = String.Empty
>
>              If DateTime.Now > m_dtTL Then
>                  Me.Authenticate()
>              End If
>              Try
>                  Dim bMovieFile() As Byte =
> System.IO.File.ReadAllBytes(p_strFileName)
>                  Dim strBoundary As String = Guid.NewGuid.ToString()
>                  Dim strHeader As String = String.Format("--{0}",
> strBoundary)
>                  Dim strFooter As String = String.Format("--{0}--",
> strBoundary)
>                  Dim rqUpload As HttpWebRequest =
> DirectCast(WebRequest.Create(TWITVID_UPLOAD_URL), HttpWebRequest)
>                  With rqUpload
>                      .PreAuthenticate = True
>                      .AllowWriteStreamBuffering = True
>                      .ContentType = String.Format("multipart/form-data;
> boundary={0}", strBoundary)
>                      .Method = "POST"
>                  End With
>                  Dim strFileType As String = "application/octet-stream"
>
>                  Dim strFileHeader As String =
> [String].Format("Content-Disposition: file; name=""{0}"";
> filename=""{1}""", "media", p_strFileName)
>                  Dim strFileData As String =
> Encoding.GetEncoding("iso-8859-1").GetString(bMovieFile)
>                  Dim strContents As New StringBuilder()
>                  With strContents
>                      .AppendLine(strHeader)
>
>                      .AppendLine(strFileHeader)
>                      .AppendLine([String].Format("Content-Type: {0}",
> strFileType))
>                      .AppendLine()
>                      .AppendLine(strFileData)
>                      .AppendLine(strHeader)
>                      .AppendLine([String].Format("Content-Disposition:
> form-data; name=""{0}""", "token"))
>                      .AppendLine()
>                      .AppendLine(m_strOauth)
>                      .AppendLine(strHeader)
>                      .AppendLine([String].Format("Content-Disposition:
> form-data; name=""{0}""", "message"))
>                      .AppendLine()
>                      .AppendLine(p_strMessage)
>
>                      .AppendLine(strFooter)
>                  End With
>
>                  Dim bContents() As Byte =
> Encoding.GetEncoding("iso-8859-1").GetBytes(strContents.ToString())
>                  rqUpload.ContentLength = bContents.Length
>
>                  Dim rqStreamFile As Stream = rqUpload.GetRequestStream()
>                  rqStreamFile.Write(bContents, 0, bContents.Length)
>                  Dim rspFileUpload As HttpWebResponse =
> DirectCast(rqUpload.GetResponse, HttpWebResponse)
>                  Dim rdrResponse As New
> StreamReader(rspFileUpload.GetResponseStream())
>                  Dim strResponse As String = rdrResponse.ReadToEnd()
>                  Dim xResponse As New XmlDocument
>                  xResponse.LoadXml(strResponse)
>                  Dim xnRSP As XmlNode = xResponse.SelectSingleNode("//rsp")
>                  If xnRSP.Attributes("stat").Value = "ok" Then
>                      Upload = xnRSP.SelectSingleNode("//mediaurl").InnerText
>                  Else
>                      Upload = strResponse
>
>                  End If
>
>              Catch ex As Exception
>                  MsgBox(ex.Message)
>              End Try
>              Return Upload
>
>          End Function
>
> Calling this function gives me this error:
>
> 
> 
>
> 
> 
>
> if anybody has any ideas I'd appreciate it (note I've put the file on
> the front and in the back. Both return the same error).

[twitter-dev] Re: UPDATE: Social Graph API Deprecation

[jay jay]

Our application requires full social graph dump. One thing that I am
not clear from the 
http://groups.google.com/group/twitter-api-announce/browse_thread/thread/a0ba66db0e86941d
- is only pagination is depreciated or the use of cursors is made
mandatory?

Suppose if I want full social graph of followers - will the
announcement affect it?

Regards,
Jagir

On Jan 9, 1:29 am, Wilhelm Bierbaum  wrote:
> On December 22, 2009 we announced that the social graph method pagination of
> the followers/ids and friends/ids would finally be removed. We announced
> deprecation in September (http://bit.ly/46x1iL), November 
> (http://bit.ly/3UQ0LU) and December (http://bit.ly/5VPWk7) of last year. The
> page parameter will be completely removed 1/11/2010. However, the behavior
> of assuming that you want the first cursor page when passing no cursor
> parameter will not.
>
> In the December 2009 announcement, I explained that:
>
> You should always pass a cursor parameter. Starting soon, if you fail to
> pass a cursor, the data returned will be that of the first cursor (-1) and
> the next_cursor and previous_cursor elements will be included.
>
> In response to the feedback we received in 
> ahttp://bit.ly/longDiscussionAboutTheSocialGraphwe have decided not to
> immediately remove support for unreliably retrieving a complete friend or
> follower list (by passing neither page nor cursor parameters) on 1/11/2010.
> We understand that too many applications still depend on it. We're working
> on a better way to pull this data; expect another updated announcement on
> this list soon with further details.
>
> We know that the cursor-based social graph APIs can be improved -- we can
> provide richer functionality than we currently expose. To do this, we need
> your help; contribute your use cases for the social graph in response to
> this message onhttp://bit.ly/TwitterDevelopmentTalk. With better
> understanding of how you use the graph data, we can improve the quality and
> variety of APIs that we provide.
>
> Thanks!

[twitter-dev] about calls automatically reduction.

[Rushikesh Bhanage]

Hello Sir,
   I am facing problem regarding calls to twitter api. Sometimes it happens
that calls start reducing one by one , though none of the program is
running. it takes calls for update or what?

   Can anybody help me  please?

Thank you in advance.

with regards
Rushikesh.

Re: [twitter-dev] Re: Using OAuth keys in an open source application

[Cameron Kaiser]

> Not all applications will be run by developers. Mitter is run by end
> users, on their desktops. If I have to force every open source user to
> go and register a new application to be able to update their status on
> Twitter, they will simply use the website 'cause it's way easier than
> doing the whole process.
> 
> Yes, security is important. But when security is a burden to the user
> experience, people will not use your application.

What Julio said.

-- 
 personal: http://www.cameronkaiser.com/ --
  Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckai...@floodgap.com
-- Intel outside -- 6502 inside! --

Re: [twitter-dev] Re: TwitVid upload function

[John Meyer]

I've changed it back to where the media file goes last and I still get 
that error so if anybody has an idea of what I'm doing wrong there I 
would appreciate it.



On 1/19/2010 4:54 AM, Rich wrote:

I've discovered the same thing, it seems TwitVid is doing some weird
manual parsing of variables and/or HTTP headers and everything needs
to be exactly spaced as they would expect it.

I had to tweak almost everything that works for other services to get
it to work with TwitVid.

On Jan 18, 9:03 pm, John Meyer  wrote:

I'm part of the TwitterVB library project. Part of my effort is to write
an object that encapsulates a connection to TwitVid.com  I'm currently
testing the upload function but am having problems:

  Upload = String.Empty

  If DateTime.Now>  m_dtTL Then
  Me.Authenticate()
  End If
  Try
  Dim bMovieFile() As Byte =
System.IO.File.ReadAllBytes(p_strFileName)
  Dim strBoundary As String = Guid.NewGuid.ToString()
  Dim strHeader As String = String.Format("--{0}",
strBoundary)
  Dim strFooter As String = String.Format("--{0}--",
strBoundary)
  Dim rqUpload As HttpWebRequest =
DirectCast(WebRequest.Create(TWITVID_UPLOAD_URL), HttpWebRequest)
  With rqUpload
  .PreAuthenticate = True
  .AllowWriteStreamBuffering = True
  .ContentType = String.Format("multipart/form-data;
boundary={0}", strBoundary)
  .Method = "POST"
  End With
  Dim strFileType As String = "application/octet-stream"

  Dim strFileHeader As String =
[String].Format("Content-Disposition: file; name=""{0}"";
filename=""{1}""", "media", p_strFileName)
  Dim strFileData As String =
Encoding.GetEncoding("iso-8859-1").GetString(bMovieFile)
  Dim strContents As New StringBuilder()
  With strContents
  .AppendLine(strHeader)

  .AppendLine(strFileHeader)
  .AppendLine([String].Format("Content-Type: {0}",
strFileType))
  .AppendLine()
  .AppendLine(strFileData)
  .AppendLine(strHeader)
  .AppendLine([String].Format("Content-Disposition:
form-data; name=""{0}""", "token"))
  .AppendLine()
  .AppendLine(m_strOauth)
  .AppendLine(strHeader)
  .AppendLine([String].Format("Content-Disposition:
form-data; name=""{0}""", "message"))
  .AppendLine()
  .AppendLine(p_strMessage)

  .AppendLine(strFooter)
  End With

  Dim bContents() As Byte =
Encoding.GetEncoding("iso-8859-1").GetBytes(strContents.ToString())
  rqUpload.ContentLength = bContents.Length

  Dim rqStreamFile As Stream = rqUpload.GetRequestStream()
  rqStreamFile.Write(bContents, 0, bContents.Length)
  Dim rspFileUpload As HttpWebResponse =
DirectCast(rqUpload.GetResponse, HttpWebResponse)
  Dim rdrResponse As New
StreamReader(rspFileUpload.GetResponseStream())
  Dim strResponse As String = rdrResponse.ReadToEnd()
  Dim xResponse As New XmlDocument
  xResponse.LoadXml(strResponse)
  Dim xnRSP As XmlNode = xResponse.SelectSingleNode("//rsp")
  If xnRSP.Attributes("stat").Value = "ok" Then
  Upload = xnRSP.SelectSingleNode("//mediaurl").InnerText
  Else
  Upload = strResponse

  End If

  Catch ex As Exception
  MsgBox(ex.Message)
  End Try
  Return Upload

  End Function

Calling this function gives me this error:







if anybody has any ideas I'd appreciate it (note I've put the file on
the front and in the back. Both return the same error).

Re: [twitter-dev] Using OAuth keys in an open source application

[Jeff Enderwick]

Y'all should look at what Facebook connect does:

http://wiki.developers.facebook.com/index.php/Session_Proxy

You can keep the secret on a server, and the server acts as a proxy for the
agent. Naturally, this raises the question of how the server knows that the
agent is legit. That said, this is 'better', not 'perfect'.

With a proxy, you can implement a two-layer auth scheme, where perishable or
revocable credentials are shipped with the app (not secure). such
credentials can be invalidated at the proxy if there is a problem associated
with them. If the credentials are okay, then the proxy does the deed on
behalf of the agent.

ALL this stuff, oauth included, is not likely to be used in banking security
or by the military. but it is decent enough (at least right now) to prevent
a set of bad things from happening, most of the time. 'better' is better
than 'bad', by a long shot.

On Mon, Jan 18, 2010 at 9:51 PM, Ryan McCue  wrote:

> John Meyer wrote:
>
>> No, the point I was trying to make was that you don't HAVE to distribute
>> the key.  Nothing in the open source license requires you to give that
>> information to another person.  You can distribute it if you want to, but
>> you are perfectly free to give them the source code and tell them that if
>> they want it to work they need to go get their own consumer keypair.  In
>> short, once you are done unit testing the product you can delete out those
>> variables and tell them where to fill in their own information.  Nothing in
>> the open source license requires you to give that information anymore than
>> it requires you to publicize what the root password on your mysql database
>> server is.
>>
>>
>>
> I'm aware of this, but the point is that it should actually work. This is
> made for end-users, not for developers to modify, and I'd rather not have
> everyone register separate API keys just to use it.
>
>
> --
> Ryan McCue
> 
>
>

Re: [twitter-dev] Re: Streaming API Basics ...

[John Kalucki]

It wouldn't be part of the EULA that you'd need to sign, it would be the
only practical way to get the data on the current system.

Streaming doesn't have a way to search on user-reported location in the
profile, but you can do this with the near: parameter in search. There are
clear use cases for this functionality, demonstrated by the popularity of
this search feature.

I wouldn't be so confident in Geo Tagging uptake. I can geo tag all of my
tweets, yet I only do when it would add to the content.


On Tue, Jan 19, 2010 at 12:38 AM, M. Edward (Ed) Borasky
wrote:

> On Jan 18, 8:03 pm, John Kalucki  wrote:
> > 3) You should have two accounts (and thus streams) at elevated access
> > levels, one for follow and one for track, that perform the bulk of your
> > work. You should also use two accounts at default access level for follow
> > and track to find recent deltas without disrupting your main streams too
> > often. Once the default streams are "full", you'll have to cycle the main
> > streams.
>
> So that's four accounts? Is that part of the EULA we'd need to sign -
> that we'll have four connections open?
>
> > 5) You can use the geo tag feature, but the volume is so low. We don't
> have
> > a feature in the Streaming API that allows selecting statuses by the
> > self-reported profile information yet.
>
> Is that in the works? I'm not sure I can think of a use case for it,
> given that the marketing analytics folks are going to be going all out
> to encourage at least smart-phone users to enable automatic
> geotagging. For lower-frequency / lower-accuracy use cases, I'm pretty
> sure I can build a list of people who are based in PDX without
> resorting to high-powered technologies. Especially once I get 1500
> REST API calls per hour with oAuth. ;-)
>
> The non-profits are also interested in promoting geotagging. I was in
> a meeting on the subject last Tuesday. (some of the slides are at
> http://maps2.humaninet.org/2010/01/18/january-12th-mapping-presentations/
> ).
> In short, I think geotagging is going to grow as fast as smart-phones
> and other location-aware Twitter clients grow. (As an aside, those in
> the meeting were unaware that the earthquake in Haiti had happened
> during the meeting.)
>
> --
> M. Edward (Ed) Borasky
> http://borasky-research.net/smart-at-znmeb
>
> I've never met a happy clam. In fact, most of them were pretty
> steamed.
>
>

[twitter-dev] Re: Streaming API Basics ...

[M. Edward (Ed) Borasky]

On Jan 19, 6:36 am, John Kalucki  wrote:

> I wouldn't be so confident in Geo Tagging uptake. I can geo tag all of my
> tweets, yet I only do when it would add to the content.

Maybe I'm optimistic because I live in PDX and am surrounded by
location geeks, iPhone fanatics, Android developers, social media
marketing gurus and am the Mayor of the Original Coffee Brake. ;-) But
if you're selling something and need people to find you physically and
you're tweeting out coupons, you'll geotag every tweet, you'll ask
your best customers to geotag as part of telling their friends how
wonderful you are, you'll have them checking in with FourSquare,
Gowalla and Yelp, etc.

There's a lot of cash flowing into this location stuff and analytics
built around it, augmented reality, localized search, hyper-local
"journalism", etc. And if the "Apple Tablet" actually exists and you
can actually type on it and use it as a mobile workstation, there'd be
little reason for its users not to geotag. That's what it looks like
here, anyhow.

Don't get me wrong - I use the "near:" search and its Search API
geocode equivalent, even though it's seriously broken even for people
who have specified their locations. (http://code.google.com/p/twitter-
api/issues/detail?id=1348) And yes, if the Search relevance / ranking
filters remove non-geotagged tweets before Streaming can filter on
profile-declared location, the monitoring tools are going to break.
But IMHO the people building the monitoring tools are going to be in
the front row encouraging everyone to geotag. ;-)

--
M. Edward (Ed) Borasky
http://borasky-research.net/smart-at-znmeb

I've never met a happy clam. In fact, most of them were pretty steamed.

[twitter-dev] callback URl locked out??

[eco_bach]

working on a twitter client using OAuth, had it working up to the
authorize and callback point

Now getting a 403 error
403 Forbidden: The server understood the request, but is refusing to
fulfill it.

Is it possible my callback URL has been locked out?

If so, how do I reset it?

[twitter-dev] Re: Using OAuth keys in an open source application

[M. Edward (Ed) Borasky]

On Jan 18, 7:57 pm, Marc Mims  wrote:
> * John Meyer  [100118 19:38]:
>
> > But you still control your own keys.  If you find that somebody has
> > compromised your program, you can revoke those consumer keys through
> > twitter and regenerate them.
>
> That isn't reasonable.  If my desktop app has 10,000 users, and one user
> extracts and uses the consumer key pair, regenerating a new pair and
> distributing them is a huge burden on the developer and the 9,999 other
> users.  And that single malicious user will have the new pair extracted
> and in use before you can finish pushing out the update.
>
> Like I said earlier, Twitter needs to revoke access for malicious
> activity per user, not per app.

Yes, but I'm guessing in the stress of an active attack against the
Twitter infrastructure, they'll shut the app down first so they can
breathe and figure out who the malicious users are. And in the case of
botnets, there could be thousands of malicious users. Yet another
reason for building server apps, preferably server apps that will work
on a ChromeOS netbook and iPhone/Apple Tablet/Android browser. Oops -
did I just give away my business strategy? ;-)

--
M. Edward (Ed) Borasky
http://borasky-research.net/smart-at-znmeb

I've never met a happy clam. In fact, most of them were pretty steamed.

[twitter-dev] Re: TwitVid upload function

[Sam Street]

I don't understand that code. I'm a PHP/MySQL kinda guy

... but if you're having problems with TwitVid - just use Twicli's
API. http://twic.li/api - support for photos/videos/audio/sets

I don't see the point in separating content over various different
sites. The internet is enough of a mess already :)

-Sam

On Jan 19, 1:42 pm, John Meyer  wrote:
> I've changed it back to where the media file goes last and I still get
> that error so if anybody has an idea of what I'm doing wrong there I
> would appreciate it.
>
> On 1/19/2010 4:54 AM, Rich wrote:
>
> > I've discovered the same thing, it seems TwitVid is doing some weird
> > manual parsing of variables and/or HTTP headers and everything needs
> > to be exactly spaced as they would expect it.
>
> > I had to tweak almost everything that works for other services to get
> > it to work with TwitVid.
>
> > On Jan 18, 9:03 pm, John Meyer  wrote:
> >> I'm part of the TwitterVB library project. Part of my effort is to write
> >> an object that encapsulates a connection to TwitVid.com  I'm currently
> >> testing the upload function but am having problems:
>
> >>       Upload = String.Empty
>
> >>               If DateTime.Now>  m_dtTL Then
> >>                   Me.Authenticate()
> >>               End If
> >>               Try
> >>                   Dim bMovieFile() As Byte =
> >> System.IO.File.ReadAllBytes(p_strFileName)
> >>                   Dim strBoundary As String = Guid.NewGuid.ToString()
> >>                   Dim strHeader As String = String.Format("--{0}",
> >> strBoundary)
> >>                   Dim strFooter As String = String.Format("--{0}--",
> >> strBoundary)
> >>                   Dim rqUpload As HttpWebRequest =
> >> DirectCast(WebRequest.Create(TWITVID_UPLOAD_URL), HttpWebRequest)
> >>                   With rqUpload
> >>                       .PreAuthenticate = True
> >>                       .AllowWriteStreamBuffering = True
> >>                       .ContentType = String.Format("multipart/form-data;
> >> boundary={0}", strBoundary)
> >>                       .Method = "POST"
> >>                   End With
> >>                   Dim strFileType As String = "application/octet-stream"
>
> >>                   Dim strFileHeader As String =
> >> [String].Format("Content-Disposition: file; name=""{0}"";
> >> filename=""{1}""", "media", p_strFileName)
> >>                   Dim strFileData As String =
> >> Encoding.GetEncoding("iso-8859-1").GetString(bMovieFile)
> >>                   Dim strContents As New StringBuilder()
> >>                   With strContents
> >>                       .AppendLine(strHeader)
>
> >>                       .AppendLine(strFileHeader)
> >>                       .AppendLine([String].Format("Content-Type: {0}",
> >> strFileType))
> >>                       .AppendLine()
> >>                       .AppendLine(strFileData)
> >>                       .AppendLine(strHeader)
> >>                       .AppendLine([String].Format("Content-Disposition:
> >> form-data; name=""{0}""", "token"))
> >>                       .AppendLine()
> >>                       .AppendLine(m_strOauth)
> >>                       .AppendLine(strHeader)
> >>                       .AppendLine([String].Format("Content-Disposition:
> >> form-data; name=""{0}""", "message"))
> >>                       .AppendLine()
> >>                       .AppendLine(p_strMessage)
>
> >>                       .AppendLine(strFooter)
> >>                   End With
>
> >>                   Dim bContents() As Byte =
> >> Encoding.GetEncoding("iso-8859-1").GetBytes(strContents.ToString())
> >>                   rqUpload.ContentLength = bContents.Length
>
> >>                   Dim rqStreamFile As Stream = rqUpload.GetRequestStream()
> >>                   rqStreamFile.Write(bContents, 0, bContents.Length)
> >>                   Dim rspFileUpload As HttpWebResponse =
> >> DirectCast(rqUpload.GetResponse, HttpWebResponse)
> >>                   Dim rdrResponse As New
> >> StreamReader(rspFileUpload.GetResponseStream())
> >>                   Dim strResponse As String = rdrResponse.ReadToEnd()
> >>                   Dim xResponse As New XmlDocument
> >>                   xResponse.LoadXml(strResponse)
> >>                   Dim xnRSP As XmlNode = 
> >> xResponse.SelectSingleNode("//rsp")
> >>                   If xnRSP.Attributes("stat").Value = "ok" Then
> >>                       Upload = 
> >> xnRSP.SelectSingleNode("//mediaurl").InnerText
> >>                   Else
> >>                       Upload = strResponse
>
> >>                   End If
>
> >>               Catch ex As Exception
> >>                   MsgBox(ex.Message)
> >>               End Try
> >>               Return Upload
>
> >>           End Function
>
> >> Calling this function gives me this error:
>
> >> 
> >> 
>
> >> 
> >> 
>
> >> if anybody has any ideas I'd appreciate it (note I've put the file on
> >> the front and in the back. Both return the same error).

[twitter-dev] twitter whitelisting

[Cube Whidden]

Hi,

I have submitted a request to be whitelisted by twitter almost two
weeks
ago.  I googled around and found that it normally takes 1 week in the
past.  Does anyone
know the average time it takes to get whitelisted these days?  Also,
if you
get rejected, will I get an email with the reason so that I can
correct what is lacking?

thanks,

Cube Whidden

Re: [twitter-dev] twitter whitelisting

[RoNaK tOsHnIwAl]

sorry buddybut i donno..

On Tue, Jan 19, 2010 at 10:06 PM, Cube Whidden wrote:

> Hi,
>
> I have submitted a request to be whitelisted by twitter almost two
> weeks
> ago.  I googled around and found that it normally takes 1 week in the
> past.  Does anyone
> know the average time it takes to get whitelisted these days?  Also,
> if you
> get rejected, will I get an email with the reason so that I can
> correct what is lacking?
>
> thanks,
>
> Cube Whidden
>

[twitter-dev] streaming api results?

[joelkeepup]

Hi,

Hi, reading documentation at:
http://apiwiki.twitter.com/Streaming-API-Documentation#statuses/filter

says returns a list of status elements, when I click they hyper link
it takes me to this page:

http://apiwiki.twitter.com/REST+API+Documentation#Statuselement

which says the documentation has moved, when I click that link, it
takes me to:

http://apiwiki.twitter.com/Twitter-API-Documentation

where I cant find the status/filter api results.

Can someone point me to where I can read & understand the results of
this call?

To be specific, I have been watching the json returned and here is
what I see:

- always returns user data - great no problems
- seems to return at least one "text"  but sometimes multiple ones.
(maybe only in retweeted_status???)
- sometimes contains "retweeted_status" which contains a user and text
- docs say it could contain delete status

Is this it, anything else that can come through?

Any examples of any language parsing the json/xml of the various stuff
that can come through? (I have a java api example that creats a json
object, im more looking for something that shows the various types of
api results that could come through and buckets them into their
various types. (tweet, retweet, delete etc)

thanks
Joel

[twitter-dev] Twitter visualization tool

[Carl Knott]

Hi, I have written an application for the iPhone that sends a request
to the Twitter search API every 2 seconds, I am concerned that this is
too frequent. I have looked on the internet and I cant find a definite
answer - How many search requests can I make per minute and is
limiting imposed on the application or the IP address of the user?
Thanks, Carl.

Re: [twitter-dev] Re: TwitVid upload function

[John Meyer]

On 1/19/2010 8:54 AM, Sam Street wrote:

I don't understand that code. I'm a PHP/MySQL kinda guy

... but if you're having problems with TwitVid - just use Twicli's
API. http://twic.li/api - support for photos/videos/audio/sets

I don't see the point in separating content over various different
sites. The internet is enough of a mess already :)

-Sam



Thanks. I may just add that API on in.

[twitter-dev] cannot edit registered application

[twittme_mobi]

Hello,

every time i try to edit my application settings , i would get Unable
to register this application. Check your registration settings.

Isn't it supposed to point me to the exact value that might be
wrong.If i new what is it i wouldn't put wrong value in the first
place.

Is this page working at all.I really think that this basic auth
deprecation in june is a very bad idea

Re: [twitter-dev] Twitter visualization tool

[John Kalucki]

If you are doing repeated automated searches, you must be on the Streaming
API, not the Search API.

http://groups.google.com/group/twitter-api-announce/browse_thread/thread/c8c713bb63fac24c

-John Kalucki
http://twitter.com/jkalucki
Infrastructure, Twitter Inc.


On Tue, Jan 19, 2010 at 6:11 AM, Carl Knott  wrote:

> Hi, I have written an application for the iPhone that sends a request
> to the Twitter search API every 2 seconds, I am concerned that this is
> too frequent. I have looked on the internet and I cant find a definite
> answer - How many search requests can I make per minute and is
> limiting imposed on the application or the IP address of the user?
> Thanks, Carl.
>
>
>

Re: [twitter-dev] Streaming API - Partial word match

[Mark McBride]

In the short term there are no plans to support partial matching.
It's considerably more expensive than the current implementation.

   ---Mark

http://twitter.com/mccv



On Mon, Jan 18, 2010 at 1:05 PM, vivekpuri  wrote:
> Search API team is recommending developers to migrate over to
> Streaming API. To get started with this, i was looking at the
> Streaming API docs and they state that if using Track for query
> parameter, "Terms are exact-matched, and also exact-matched ignoring
> punctuation". From what i can figure out from that statement and
> running couple of tests, Streaming API is not returning partial word
> matches, which Searce API does. For example - keyword bit.ly returns
> all results on Search API with *bit.ly*, while Streaming API returns
> only results with exact bit.ly. Are there any plans to support partial
> word matches in the Streaming API?
>

[twitter-dev] Can you post a status update through a url?

[Graham Smallwood]

Posting an update to Facebook is dead simple:

http://www.facebook.com/sharer.php?u=%@&t=%@

Where u is the url and t is the title to display.  What is the
equivalent for Twitter?

[twitter-dev] Re: Any iPhone Twitter apps with OAuth login ?

[joepwro]

We are also developing an iPhone app that uses Twitter's OAuth.

Posting this just to add more momentum to the request that the Twitter
OAuth login page should be made mobile friendly.  I believe doing so
would have a significant usability impact.

Raffi, can you provide input is this thread if this is something
Twitter is considering
doing in the short term?  Long term?

Thanks,
Joe

On Jan 17, 3:12 am, "jeff.enderw...@gmail.com"
 wrote:
> Hi, we're releasing an app that has a twitter-based sharing component
> in a couple of weeks.
>
> Does Twitter have any interest in making a mobile friendly version of
> theoauthallow/deny/pin pages?
> Could one of us on the outside just gin it up and give it to Twitter?
>
> On Jan 12, 7:15 am, funkatron  wrote:
>
> > Just FWIW, this isn't really aniPhone-specific issue – there are a
> > lot of rich mobile devices out there. One reason (excuse?) for not
> > usingOAuthin Spaz on webOS is the poor functionality on mobile.
>
> > I'm really reluctant to move toOAuthuntil the flow for mobile is
> > improved. The data from heypic.me is just what I was afraid of.
>
> > --
> > Ed Finklerhttp://funkatron.com
> > Twitter:@funkatron
> > AIM: funka7ron
> > ICQ: 3922133
> > XMPP:funkat...@gmail.com
>
> > On Dec 6 2009, 3:08 am, Ram  wrote:
>
> > > As a followup to the mobileOAuthdiscussions from October 
> > > (seehttp://groups.google.com/group/twitter-development-talk/browse_thread...)
> > > 
>
> > > Does anyone know of any (publicly released)iPhoneor other mobile
> > > Twitter apps that useOAuth?
>
> > > I'm partly curious to know/confirm whether our app is the onlyiPhone
> > > (or mobile) app that uses TwitterOAuthlogin for posting
> > > tweets, but I also want to know what you think of the UI, if
> > > you've used TwitterOAuthlogin in any publicly released mobile app.
>
> > > Thanks Ram

[twitter-dev] Fail whale on account edit

[Simon]

Hi. For some odd reason, every time I want to edit my application I
get a lot more fail whale than usual.

Is there a reason for this? Am I the only one?

-Simon

[twitter-dev] Sample Stream API - Fault tolerance with redundancy

[Santiago Perez]

Hi,

I'm currently using the statuses/sample streaming API to store the
sample tweets for later processing by different applications that mine
the data. It is crucial for my applications to avoid data losses as
much as possible. Since the API consumer and the applications all run
in the cloud, a simple solution to prevent data losses on server
failures would be to have two servers redundantly consuming the API
and performing de-duplication at a later stage. Is this usage pattern
(duplicate consumption of the sample stream) considered abusive? Do I
risk being banned for having two clients consuming the same stream?

Regards,
Santiago

Re: [twitter-dev] Can you post a status update through a url?

[Raffi Krikorian]

http://apiwiki.twitter.com/Twitter-REST-API-Method:-statuses update

On Tue, Jan 19, 2010 at 11:07 AM, Graham Smallwood <
grahamsmallw...@gmail.com> wrote:

> Posting an update to Facebook is dead simple:
>
> http://www.facebook.com/sharer.php?u=%@&t=%@
>
> Where u is the url and t is the title to display.  What is the
> equivalent for Twitter?
>



-- 
Raffi Krikorian
Twitter Platform Team
http://twitter.com/raffi

Re: [twitter-dev] streaming api results?

[Mark McBride]

I'll update the doc.  The best place to look right now is here
http://apiwiki.twitter.com/Twitter-REST-API-Method:-statuses show, which has
a sample status return.

  ---Mark

http://twitter.com/mccv


On Tue, Jan 19, 2010 at 7:25 AM, joelkeepup  wrote:

> Hi,
>
> Hi, reading documentation at:
> http://apiwiki.twitter.com/Streaming-API-Documentation#statuses/filter
>
> says returns a list of status elements, when I click they hyper link
> it takes me to this page:
>
> http://apiwiki.twitter.com/REST+API+Documentation#Statuselement
>
> which says the documentation has moved, when I click that link, it
> takes me to:
>
> http://apiwiki.twitter.com/Twitter-API-Documentation
>
> where I cant find the status/filter api results.
>
> Can someone point me to where I can read & understand the results of
> this call?
>
> To be specific, I have been watching the json returned and here is
> what I see:
>
> - always returns user data - great no problems
> - seems to return at least one "text"  but sometimes multiple ones.
> (maybe only in retweeted_status???)
> - sometimes contains "retweeted_status" which contains a user and text
> - docs say it could contain delete status
>
> Is this it, anything else that can come through?
>
> Any examples of any language parsing the json/xml of the various stuff
> that can come through? (I have a java api example that creats a json
> object, im more looking for something that shows the various types of
> api results that could come through and buckets them into their
> various types. (tweet, retweet, delete etc)
>
> thanks
> Joel
>
>
>

[twitter-dev] Deleting a list...

[Tunde Ashafa]

I can't seem to get authenticated to perform a list destroy using
OAuth with POST and "_method=DELETE", within my app and using 'curl'.

Anyone else experience this?

Thanks in advance for any help, Tunde.

Re: [twitter-dev] Can you post a status update through a url?

[shaik ali]

Thanks for the mail.




On Tue, Jan 19, 2010 at 10:56 PM, Raffi Krikorian  wrote:

> http://apiwiki.twitter.com/Twitter-REST-API-Method:-statuses update
>
> On Tue, Jan 19, 2010 at 11:07 AM, Graham Smallwood <
> grahamsmallw...@gmail.com> wrote:
>
>> Posting an update to Facebook is dead simple:
>>
>> http://www.facebook.com/sharer.php?u=%@&t=%@
>>
>> Where u is the url and t is the title to display.  What is the
>> equivalent for Twitter?
>>
>
>
>
> --
> Raffi Krikorian
> Twitter Platform Team
> http://twitter.com/raffi
>

Re: [twitter-dev] Deleting a list...

[Mark McBride]

This is a known issue

http://code.google.com/p/twitter-api/issues/detail?id=1239&can=1&q=oauth%20delete&colspec=ID%20Stars%20Type%20Status%20Priority%20Owner%20Summary%20Opened%20Modified%20Component

  ---Mark

http://twitter.com/mccv


On Tue, Jan 19, 2010 at 12:13 PM, Tunde Ashafa wrote:

> I can't seem to get authenticated to perform a list destroy using
> OAuth with POST and "_method=DELETE", within my app and using 'curl'.
>
> Anyone else experience this?
>
> Thanks in advance for any help, Tunde.
>

Re: [twitter-dev] Can you post a status update through a url?

[Abraham Williams]

Try https://twitter.com/?status=text+here

On Tue, Jan 19, 2010 at 11:07, Graham Smallwood
wrote:

> Posting an update to Facebook is dead simple:
>
> http://www.facebook.com/sharer.php?u=%@&t=%@
>
> Where u is the url and t is the title to display.  What is the
> equivalent for Twitter?
>



-- 
Abraham Williams | Moved to Seattle | May cause email delays
Project | Intersect | http://intersect.labs.poseurtech.com
Hacker | http://abrah.am | http://twitter.com/abraham
This email is: [ ] shareable [x] ask first [ ] private.
Sent from Seattle, WA, United States

Re: [twitter-dev] Deleting a list...

[Xavier Grosjean]

looks like this bug :
http://code.google.com/p/twitter-api/issues/detail?id=1239
twitter team keeps ignoring it's a blocking bug...


2010/1/19 Tunde Ashafa 

> I can't seem to get authenticated to perform a list destroy using
> OAuth with POST and "_method=DELETE", within my app and using 'curl'.
>
> Anyone else experience this?
>
> Thanks in advance for any help, Tunde.
>

[twitter-dev] Sign in with Twitter and oauth/authenticate

[eco_bach]

I've registered a new application and trying to get the sign in with
twitter workflow working.
I've defined my application type as 'Browser' since I want Twiiter to
automatically redirect the user back to the application URL after sign-
in and user authorization (ie NO PIN handshake). Ive also defined my
Callback URL as being the same as my Application Website URL.

In the wiki it mentions that
'To take advantage of Sign in with Twitter, applications should send
request tokens in the oauth_token parameter to oauth/authenticate
instead.'
http://apiwiki.twitter.com/Sign-in-with-Twitter

But in my application settings I see the Authorize URL as being
http://twitter.com/oauth/authorize

with no option for changing...
Can someone clarify if this is an error in the wiki, or should I
simply use
'http://twitter.com/oauth/authenticate' and ignore what it says in my
Application Details page?

Thanks in advance!

[twitter-dev] Re: Follow Limit Frustrations

[James Buckingham]

Is anyone able to help me with this or should I be asking this
question somewhere else?

Thanks,
James

Re: [twitter-dev] Sample Stream API - Fault tolerance with redundancy

[John Kalucki]

Sample streams are just that, samples. You should be comfortable with the
occasional small gap in your data. You must consume only one sample stream
for your app. If you have a hardware failure, you can fail over to another
client box, but don't consume the stream twice.

-John Kalucki
http://twitter.com/jkalucki
Infrastructure, Twitter Inc.





On Tue, Jan 19, 2010 at 11:40 AM, Santiago Perez wrote:

> Hi,
>
> I'm currently using the statuses/sample streaming API to store the
> sample tweets for later processing by different applications that mine
> the data. It is crucial for my applications to avoid data losses as
> much as possible. Since the API consumer and the applications all run
> in the cloud, a simple solution to prevent data losses on server
> failures would be to have two servers redundantly consuming the API
> and performing de-duplication at a later stage. Is this usage pattern
> (duplicate consumption of the sample stream) considered abusive? Do I
> risk being banned for having two clients consuming the same stream?
>
> Regards,
> Santiago
>

Re: [twitter-dev] Re: Follow Limit Frustrations

[Mark McBride]

Rapid following and unfollowing is characteristic of some shady behavior.
 Send me your twitter userid off list and I'll see what I can do.

  ---Mark

http://twitter.com/mccv


On Tue, Jan 19, 2010 at 2:06 PM, James Buckingham wrote:

> Is anyone able to help me with this or should I be asking this
> question somewhere else?
>
> Thanks,
> James
>

[twitter-dev] OAuth workflow and verify_credentials (http://twitter.com/account/verify_credentials)

[eco_bach]

Slowly making my way to Twiter-OAuth mastery

Broken down into 4 steps and 3 server requests, this is my
understanding of the OAuth workflow
1 user/consumer obtains request token
  http://twitter.com/oauth/request_token

2 user/consumer is redirected to twitter-OAuth  url
  http://twitter.com/oauth/authorize

3 after authorization, user is redirected back to consumer
(application) previously defined as callback URL in aplication details
page, along with user authorized request token.

4 consumer(application) exchanges user authorized request token for an
access token
  http://twitter.com/oauth/access_token


NOW the user can make updates to his her twitter account
http://twitter.com/statuses/update.json


My question is, when is verify_credentials necessary?
Does it need to be called immediatley AFTER obtaining the access
token, or is it optional?
http://twitter.com/account/verify_credentials.json

[twitter-dev] Encode problems.

[Nailson]

Hi all,

I think that there's a problem with the twitter API somewhere.
If I write the link
http://www.twitter.com/home?status=...@nailson_imgn:++ç+-+http://tinyurl.com/yje38no
then the message I get in the tweet box is

RT @nailson_imgn:  %E7 - http://tinyurl.com/yjr38no

It looks like the URL is ENCODING the values instead of DECODING.
Therefore, if I encode the "ç" value first the url will be:
http://www.twitter.com/home?status=...@nailson_imgn:++%E7+-+http://tinyurl.com/yje38no
and the text in the tweet box will still be
RT @nailson_imgn:  %E7 - http://tinyurl.com/yjr38no

This is happening with any characters like àáé...
Please, tell me if there's a sollution for this. Thanks in advance.

Re: [twitter-dev] twitter whitelisting

[Julio Biason]

On Tue, Jan 19, 2010 at 2:36 PM, Cube Whidden  wrote:
> I have submitted a request to be whitelisted by twitter almost two
> weeks
> ago.  I googled around and found that it normally takes 1 week in the
> past.  Does anyone
> know the average time it takes to get whitelisted these days?  Also,
> if you
> get rejected, will I get an email with the reason so that I can
> correct what is lacking?

(Note: I'm not related to Twitter or the approval of whitelists in any way.)

For what I read in this list, yes, you should get an email saying why
your application was rejected. Or, at least, get an email, since the
rejection app was buggy a few weeks ago (so you get an email, but it
didn't say why it was rejected.)

Also, as far as I know, the approval or rejection is a manual process,
so it should be someone at the twoffice to check it. Raffi (I think)
mentioned that the twitter team was in holidays last week, so that may
explain the delay.

-- 
Julio Biason 
Twitter: http://twitter.com/juliobiason

Re: [twitter-dev] cannot edit registered application

[Abraham Williams]

I've been getting some fail whales while viewing my application pages but
not when editing them.

Try http://twitter.com/oauth_clients/edit/27 instead of
http://twitter.com/oauth_clients/details/27

Abraham

On Tue, Jan 19, 2010 at 09:32, twittme_mobi  wrote:

> Hello,
>
> every time i try to edit my application settings , i would get Unable
> to register this application. Check your registration settings.
>
> Isn't it supposed to point me to the exact value that might be
> wrong.If i new what is it i wouldn't put wrong value in the first
> place.
>
> Is this page working at all.I really think that this basic auth
> deprecation in june is a very bad idea
>



-- 
Abraham Williams | Moved to Seattle | May cause email delays
Project | Intersect | http://intersect.labs.poseurtech.com
Hacker | http://abrah.am | http://twitter.com/abraham
This email is: [ ] shareable [x] ask first [ ] private.
Sent from Seattle, WA, United States

Re: [twitter-dev] Sign in with Twitter and oauth/authenticate

[Abraham Williams]

To use Sign in with Twitter simple change:

https://twitter.com/oauth/authorize?oauth_token=zjcbxxGtMisqhJNWRFP7ofA5jYAcxZqVkSTks0e5sRY

to

https://twitter.com/oauth/authenticate?oauth_token=zjcbxxGtMisqhJNWRFP7ofA5jYAcxZqVkSTks0e5sRY

Abraham

On Tue, Jan 19, 2010 at 12:57, eco_bach  wrote:

> I've registered a new application and trying to get the sign in with
> twitter workflow working.
> I've defined my application type as 'Browser' since I want Twiiter to
> automatically redirect the user back to the application URL after sign-
> in and user authorization (ie NO PIN handshake). Ive also defined my
> Callback URL as being the same as my Application Website URL.
>
> In the wiki it mentions that
> 'To take advantage of Sign in with Twitter, applications should send
> request tokens in the oauth_token parameter to oauth/authenticate
> instead.'
> http://apiwiki.twitter.com/Sign-in-with-Twitter
>
> But in my application settings I see the Authorize URL as being
> http://twitter.com/oauth/authorize
>
> with no option for changing...
> Can someone clarify if this is an error in the wiki, or should I
> simply use
> 'http://twitter.com/oauth/authenticate' and ignore what it says in my
> Application Details page?
>
> Thanks in advance!
>



-- 
Abraham Williams | Moved to Seattle | May cause email delays
Project | Intersect | http://intersect.labs.poseurtech.com
Hacker | http://abrah.am | http://twitter.com/abraham
This email is: [ ] shareable [x] ask first [ ] private.
Sent from Seattle, WA, United States

Re: [twitter-dev] Fail whale on account edit

[Abraham Williams]

Try going to the edit page directly like
http://twitter.com/oauth_clients/edit/27

Notice "edit" instead of "details".

Abraham

On Tue, Jan 19, 2010 at 11:00, Simon  wrote:

> Hi. For some odd reason, every time I want to edit my application I
> get a lot more fail whale than usual.
>
> Is there a reason for this? Am I the only one?
>
> -Simon
>



-- 
Abraham Williams | Moved to Seattle | May cause email delays
Project | Intersect | http://intersect.labs.poseurtech.com
Hacker | http://abrah.am | http://twitter.com/abraham
This email is: [ ] shareable [x] ask first [ ] private.
Sent from Seattle, WA, United States

[twitter-dev] Re: OAuth workflow and verify_credentials (http://twitter.com/account/verify_credentials)

[eco_bach]

Thanks Abraham!
In that case I will call it automatically after obtaining the access
token.

[twitter-dev] Re: Sign in with Twitter and oauth/authenticate

[eco_bach]

yeah thanks
Just curious why that isn't displayed as an option in my Application
details page...
Might cause some confusion for anyone who hasn't read the wiki in
detail.

Re: [twitter-dev] Twitter visualization tool

[Abraham Williams]

For an iPhone application Streaming does not make much sense. You would have
to run your own server and have your application check for updates from it.
Which might make sense depending on your app. You should be able to just
display a notice to users if they run into rate limiting.

Abraham

On Tue, Jan 19, 2010 at 09:35, John Kalucki  wrote:

> If you are doing repeated automated searches, you must be on the Streaming
> API, not the Search API.
>
>
> http://groups.google.com/group/twitter-api-announce/browse_thread/thread/c8c713bb63fac24c
>
> -John Kalucki
> http://twitter.com/jkalucki
> Infrastructure, Twitter Inc.
>
>
> On Tue, Jan 19, 2010 at 6:11 AM, Carl Knott  wrote:
>
>> Hi, I have written an application for the iPhone that sends a request
>> to the Twitter search API every 2 seconds, I am concerned that this is
>> too frequent. I have looked on the internet and I cant find a definite
>> answer - How many search requests can I make per minute and is
>> limiting imposed on the application or the IP address of the user?
>> Thanks, Carl.
>>
>>
>>
>


-- 
Abraham Williams | Moved to Seattle | May cause email delays
Project | Intersect | http://intersect.labs.poseurtech.com
Hacker | http://abrah.am | http://twitter.com/abraham
This email is: [ ] shareable [x] ask first [ ] private.
Sent from Seattle, WA, United States

Re: [twitter-dev] Re: Sign in with Twitter and oauth/authenticate

[Abraham Williams]

Oauth/authenticate was added later and I guess the application detail page
was never updated.

Abraham

On Tue, Jan 19, 2010 at 17:29, eco_bach  wrote:

> yeah thanks
> Just curious why that isn't displayed as an option in my Application
> details page...
> Might cause some confusion for anyone who hasn't read the wiki in
> detail.
>



-- 
Abraham Williams | Moved to Seattle | May cause email delays
Project | Intersect | http://intersect.labs.poseurtech.com
Hacker | http://abrah.am | http://twitter.com/abraham
This email is: [ ] shareable [x] ask first [ ] private.
Sent from Seattle, WA, United States

Re: [twitter-dev] OAuth workflow and verify_credentials (http://twitter.com/account/verify_credentials)

[Abraham Williams]

Account/verify_credentials is not needed for OAuth. You could use it to get
the users profile information if you don't want take a hit to your rate
limit.

Abraham

On Tue, Jan 19, 2010 at 14:21, eco_bach  wrote:

> Slowly making my way to Twiter-OAuth mastery
>
> Broken down into 4 steps and 3 server requests, this is my
> understanding of the OAuth workflow
> 1 user/consumer obtains request token
>  http://twitter.com/oauth/request_token
>
> 2 user/consumer is redirected to twitter-OAuth  url
>  http://twitter.com/oauth/authorize
>
> 3 after authorization, user is redirected back to consumer
> (application) previously defined as callback URL in aplication details
> page, along with user authorized request token.
>
> 4 consumer(application) exchanges user authorized request token for an
> access token
>  http://twitter.com/oauth/access_token
>
>
> NOW the user can make updates to his her twitter account
> http://twitter.com/statuses/update.json
>
>
> My question is, when is verify_credentials necessary?
> Does it need to be called immediatley AFTER obtaining the access
> token, or is it optional?
> http://twitter.com/account/verify_credentials.json
>



-- 
Abraham Williams | Moved to Seattle | May cause email delays
Project | Intersect | http://intersect.labs.poseurtech.com
Hacker | http://abrah.am | http://twitter.com/abraham
This email is: [ ] shareable [x] ask first [ ] private.
Sent from Seattle, WA, United States

[twitter-dev] oauth/authenticate authorize broken?

[eco_bach]

Puzzled by a recurring , but sporadic problem.

When trying to sign in at the Twitter Oauth url

http://twitter.com/oauth/authenticate
or

http://twitter.com/oauth/authorize

even if I leave my input form fields blank, when clicking 'Sign In' I
get a browser error message
403 Forbidden: The server understood the request, but is refusing to
fulfill it.

instead of an 'incorrect username, password' message.

Anyone else experience this?

[twitter-dev] Re: OAuth workflow and verify_credentials (http://twitter.com/account/verify_credentials)

[Jaanus]

You don't actually _need_ to call it after obtaining the access token.
It does not _do_ anything, it simply returns a "yes/no" type of answer
to you (200 OK if the credentials are valid, 401 Unauthorized if not).
When you manage to obtain the access token, it implies that the
credentials are already verified. But it does not hurt anything to
call it, so you can call it if you really want to be extra sure.

The verify_credentials simply lets you check whether some previously
issued access token is still valid or not. For example, if the user
deauthorizes your app, you can detect this with verify_credentials...
but at the same time, all other API calls would also start to respond
with "401 Unauthorized".


rgds,
Jaanus


On Jan 19, 8:27 pm, eco_bach  wrote:
> Thanks Abraham!
> In that case I will call it automatically after obtaining the access
> token.

[twitter-dev] Re: Tweets with !, ', and other characters refused..

[Rejeev]

I was also facing the same issue beforeit was sorted now by
properly encoding the tweet message we send. Please see the code below
done in Flex.


public function getSignedURI( method:String, url:String,
postData:String = "" ):String
{

if( method.toUpperCase() != "GET" && 
method.toUpperCase() !=
"POST" )
{
throw new ArgumentError("Invalid method passed. 
Only GET and POST
supported");
}
if( url.length == 0 )
{
throw new ArgumentError("Empty url passed");
}
if( consumerKey.length == 0 )
{
throw new ArgumentError("consumerKey property 
not set");
}
if( _consumerSecret.length == 0 )
{
throw new ArgumentError("consumerSecret 
property not set");
}
var timeStamp:String = Math.round( new Date().getTime() 
/
1000 ).toString();
var nonce:String = Math.round(Math.random() * 9 
).toString();

 var args:Array = [];
 if( _usePinWorkflow )
{
 args.push({name: "oauth_callback", value: "oob"});
}
 args.push({name: "oauth_consumer_key", value:
consumerKey});
 args.push({name: "oauth_nonce", value: nonce});
 args.push({name: "oauth_signature_method", value: "HMAC-
SHA1"});
 args.push({name: "oauth_timestamp", value: timeStamp});
 args.push({name: "oauth_version", value: "1.0"});

if( _accessToken.length )
{
  args.push({name: "oauth_token", value: 
_accessToken});
}
else if( _authorizationToken.length )
{
  args.push({name: "oauth_token", value:
_authorizationToken});
}
if( _accessPin )
{
args.push({name: "oauth_verifier", value: 
_accessPin.toString
()});
}
if(method.toUpperCase() == "POST" && postData.length)
{

args.push({name: "status", value:  
encode(postData)});
}
args.sortOn("name");
var n:int = args.length;
var vars:String = "";
for (var i:int = 0; i < n; i++)
{
if (args[i]["name"] != "_method")
{
vars += args[i]["name"]+"="+args[i]["value"];
if (i != n-1)
vars += "&";
}
}
var signString:String = method.toUpperCase() +"&" +
encodeURIComponent(url) + "&" + encodeURIComponent(vars);
var hmac:HMAC =  Crypto.getHMAC("sha1");
var key:ByteArray = Hex.toArray( Hex.fromString
(encodeURIComponent(_consumerSecret) + "&" + encodeURIComponent
(_accessTokenSecret)));
var data:ByteArray = Hex.toArray( Hex.fromString
( signString ) );
var sha:String = Base64.encodeByteArray( hmac.compute
( key, data ) );
vars += "&oauth_signature="+encodeURIComponent(sha);
trace ("Returned "+vars )
return vars;
}

Re: [twitter-dev] Twitter visualization tool

[Mark McBride]

Why would you have to run your own server to use the streaming API from the
iPhone?  ChirpFlow seems to be doing just fine with iPhone+Streaming

  ---Mark

http://twitter.com/mccv


On Tue, Jan 19, 2010 at 5:29 PM, Abraham Williams <4bra...@gmail.com> wrote:

> For an iPhone application Streaming does not make much sense. You would
> have to run your own server and have your application check for updates from
> it. Which might make sense depending on your app. You should be able to just
> display a notice to users if they run into rate limiting.
>
> Abraham
>
>
> On Tue, Jan 19, 2010 at 09:35, John Kalucki  wrote:
>
>> If you are doing repeated automated searches, you must be on the Streaming
>> API, not the Search API.
>>
>>
>> http://groups.google.com/group/twitter-api-announce/browse_thread/thread/c8c713bb63fac24c
>>
>> -John Kalucki
>> http://twitter.com/jkalucki
>> Infrastructure, Twitter Inc.
>>
>>
>> On Tue, Jan 19, 2010 at 6:11 AM, Carl Knott  wrote:
>>
>>> Hi, I have written an application for the iPhone that sends a request
>>> to the Twitter search API every 2 seconds, I am concerned that this is
>>> too frequent. I have looked on the internet and I cant find a definite
>>> answer - How many search requests can I make per minute and is
>>> limiting imposed on the application or the IP address of the user?
>>> Thanks, Carl.
>>>
>>>
>>>
>>
>
>
> --
> Abraham Williams | Moved to Seattle | May cause email delays
> Project | Intersect | http://intersect.labs.poseurtech.com
> Hacker | http://abrah.am | http://twitter.com/abraham
> This email is: [ ] shareable [x] ask first [ ] private.
> Sent from Seattle, WA, United States
>