[twitter-dev] Re: Is the verifier pin required in OOB?

[Ali]

Full OAuth is not possible for desktop/mobile apps which is what I am
implementing.
The issue is this. After authenticating a request token a verifier is
supplied by Twitter to verify that the user allowed access. There are
a couple ways to send this verifier code back to the app.

1. For web apps, Twitter redirects to a developer supplied URL with
the verifier added in the query string. The app can easily grab the
verifier and use it in the request to exchange the request token for
an access token.

2. For desktop/mobile apps, there is really no good way to send it
back. Twitter offers the oob option which gives the user a pin number
that they would have to enter into the app. This pin acts like the
verifier.

What I am seeing is that this last step of getting the verifier is not
necessary. I am able to exchange the the request token for an access
token after it has been authorized by the resource owner without
passing the verifier pin.

What I want to know is whether this is a bug or temporary behavior or
this is the expected behavior. The verifier is really not that
essential because Twitter already knows the user has authorized the
app. The verifier more allows the app to continue with the process of
authentication.

I would like to hear from the Twitter dev team on what the long term
plans are in regards to the verifier. Is it okay to ignore the
verifier for desktop/mobile apps? It is working without it anyway.

Thanks,
@talrahem


On Apr 21, 8:35 am, Arnaud Meunier  wrote:
> Hey Ali,
>
> Out of band / PIN code authentication is just one of the OAuth
> authentication flows we are supporting. 
> Cfhttp://dev.twitter.com/pages/auth_overview
>
> If your app can handle the full OAuth process, stick to it and forget about
> OOB :)
>
> Arnaud / @rno 
>
>
>
>
>
>
>
> On Wed, Apr 20, 2011 at 10:23 PM, Ali  wrote:
> > Hi,
>
> > I've been experimenting with OAuth authentication with the Twitter API
> > for desktop/mobile apps and found out that the verifier pin is not
> > necessary. Once the the request token is authorized, I am able to
> > exchange it for an access token without providing the pin code.
>
> > Is this the official expected behavior? I couldn't find any info on
> > OOB in the API documentation. It is just barely mentioned and the link
> > for more info doesn't work.
>
> > Is there any documented behavior regarding the verifier pin and
> > whether requiring the user to enter the pin is recommended or
> > required?
>
> > Thanks
>
> > --
> > Twitter developer documentation and resources:http://dev.twitter.com/doc
> > API updates via Twitter:http://twitter.com/twitterapi
> > Issues/Enhancements Tracker:
> >http://code.google.com/p/twitter-api/issues/list
> > Change your membership to this group:
> >http://groups.google.com/group/twitter-development-talk

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] List Membership Add/Delete and 403 Error

[Arnaud Meunier]

Hey Shannon,

Only the list owner can add/remove members to it. If the "other account"
you're authenticating with is trying to add members to a list he doesn't
own, you'll receive a 403. Take a look to your HTTP body, the error message
is probably "You aren't allowed to add members to this list".

Arnaud / @rno 



On Thu, Apr 21, 2011 at 1:01 PM, Shannon Whitley
wrote:

> I'm able to add and delete list members using "list/members" for *my*
> account, but the same process is failing with another account.  I know
> that the oAuth tokens are good because I can retrieve the list
> members.
>
> A 403 error is generated when when I try to add or delete members for
> this other account.
>
> I can't seem to find any issues with the account or the lists.  I've
> tried several different lists and the don't have too many members.
> Again, I can retrieve the membership, but I can't add or delete any
> members.
>
> Is this a known Twitter bug?
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] i just want to automate status tweets using one twitter account...

[wilbcorp]

i have a twitter account...  i have a registered app with twitter...
all i want to do is automatically post status updates to my twitter
account using PHP...  unfortunately, i've gone through numerous
tutorials that don't seem to function...  to be clear, i don't want to
create an app that allows other users to post to their accounts, i
only want to post to my twitter account.

can anyone help me get started?

thanks

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] Re: HTTP API calls redirect to HTTPS?

[DustyReagan]

Yeah, you got it! That's exactly what's happening. Thanks Abraham!

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] HTTP API calls redirect to HTTPS?

[Abraham Williams]

Do you perhaps have HTTPS only enabled in your profile while you make
requests from your browser?

I found that the following request redirected in Chrome when I was logged
into twitter.com but it didn't in an incognito window.

http://api.twitter.com/1/users/show/abraham.json

Abraham
-
Abraham Williams | Hacker Advocate | abrah.am
 Just launched from Answerly :
InboxQfor Chrome
@abraham  | github.com/abraham | blog.abrah.am
This email is: [ ] shareable [x] ask first [ ] private.



On Thu, Apr 21, 2011 at 16:25, DustyReagan  wrote:

> I just noticed via Charles proxy that http://api.twitter.com Rest API
> calls are redirected to httpS://api.twitter.com. Is this the correct
> and permanent behavior?
>
> If so, a lot of unnecessary redirects could be trimmed if API
> developers knew to only request the HTTPS endpoint. I noticed in the
> developer documentation, the standard HTTP url is still used.
>
> Should we be using HTTPS?
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] HTTP API calls redirect to HTTPS?

[DustyReagan]

I just noticed via Charles proxy that http://api.twitter.com Rest API
calls are redirected to httpS://api.twitter.com. Is this the correct
and permanent behavior?

If so, a lot of unnecessary redirects could be trimmed if API
developers knew to only request the HTTPS endpoint. I noticed in the
developer documentation, the standard HTTP url is still used.

Should we be using HTTPS?

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] Issue with posting to twitter: http://twitter.com/home?status=doesnotworkifyouarenotloggedin

[Taylor Singletary]

Hi Manuel,

This form of passively passing tweet text to Twitter is quite outdated now.
I recommend using the Tweet web intent instead, which has optimized flows
for the web & mobile and handle the logging in process elegantly.

Example:

http://twitter.com/intent/tweet?status=Does%20work%20even%20if%20logged%20out

Read more about this at http://dev.twitter.com/pages/intents

Taylor

@episod  - Taylor Singletary


On Thu, Apr 21, 2011 at 1:51 PM, Manuel Romero  wrote:

> It looks like posting using
> http://twitter.com/home?status=doesnotworkifyouarenotloggedin
> does not worked unless you are already logged into Twitter.  I was
> test yesterday and it was work and now it is not.
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] Re: Site Streams beta update

[Taylor Singletary]

Hi Mohan,

It's unclear at this time if track/filter will become part of Site Streams
or not. Site Streams is really focused on the equivalent of home_timeline,
mentions, and associated social events for users. It's still best to use a
separate connection to the streaming API to perform long-term streamed
queries, and the Search API for servicing ad-hoc queries.

@episod  - Taylor Singletary


On Tue, Apr 19, 2011 at 8:42 PM, Mohan Arun  wrote:

> >Site Streams does not support any of the
> >search/track features of the User Streams, so if your application requires
> >these capabilities, Site Streams may not be the right fit.
>
> Are there plans for Site Streams to support search/track features
> in the future? What if you want to filter by a search query?
>
> - Mohan Arun
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] Issue with posting to twitter: http://twitter.com/home?status=doesnotworkifyouarenotloggedin

[Manuel Romero]

It looks like posting using 
http://twitter.com/home?status=doesnotworkifyouarenotloggedin
does not worked unless you are already logged into Twitter.  I was
test yesterday and it was work and now it is not.

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] List Membership Add/Delete and 403 Error

[Shannon Whitley]

I'm able to add and delete list members using "list/members" for *my*
account, but the same process is failing with another account.  I know
that the oAuth tokens are good because I can retrieve the list
members.

A 403 error is generated when when I try to add or delete members for
this other account.

I can't seem to find any issues with the account or the lists.  I've
tried several different lists and the don't have too many members.
Again, I can retrieve the membership, but I can't add or delete any
members.

Is this a known Twitter bug?

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] X-RateLimit-Remaining on @Anywhere Hovercards

[DustyReagan]

I see using Charles proxy that X-RateLimit-Remaining is returned after
requesting an @Anywhere Hovercard. Is there a good way to get that
data off the Hovercard?

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] Re: Prepackaged Twitter App in Handsets

[Taylor Singletary]

Not aware of any specifics, sorry.

On Thu, Apr 21, 2011 at 6:23 AM, sunderjs  wrote:

> If the application vendor maintains this proxy, there could be
> proprietary interface
> and the proxy itself eventually would use HTTP for Twitter access. Are
> you aware
> of any such vendor apps espl from handset OEMs ? This is precisely
> what i'm looking for.
>
> thanks
> Sunderjeet
>
> On Apr 20, 5:21 pm, Taylor Singletary 
> wrote:
> > While you'll find most applications on handsets communicate with
> > api.twitter.com, search.twitter.com, and twitter.com directly -- there
> are
> > likely a handful of applications that communicate with a proxy server of
> > some kind as an intermediary between the device and Twitter.
> >
> > If they're talking directly to Twitter though, they'll be doing so
> through
> > HTTP.
> >
> > @episod  - Taylor Singletary
> >
> > On Wed, Apr 20, 2011 at 12:35 PM, sunderjs  wrote:
> > > Hello,
> >
> > > I'm working on implementing mobile data plans for social networking
> > > sites including Twitter. Requirement is to identify Twitter traffic
> > > from mobile devices and charge distinctively from other data packets.
> > > Since there are different ways that Twitter can be accessed from a
> > > mobile device (browser, client app, embedded links etc), i would like
> > > to know the possible patterns that i should identify. Clients using
> > > standard Twitter APIs would be RESTful and generating HTTP traffic
> > > eventually. Question is does the prepackaged client apps (such as HTC
> > > Sense, SE Timescape, Moto Blur, Samsung Social Hub etc ) also use
> > > public Twitter APIs ? Or is it a different arrangement altogether.
> >
> > > thanks
> > > Sunderjeet
> >
> > > --
> > > Twitter developer documentation and resources:
> http://dev.twitter.com/doc
> > > API updates via Twitter:http://twitter.com/twitterapi
> > > Issues/Enhancements Tracker:
> > >http://code.google.com/p/twitter-api/issues/list
> > > Change your membership to this group:
> > >http://groups.google.com/group/twitter-development-talk
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] Re: What does tweet id means?

[Arnaud Meunier]

Hey Leo,

We're indeed using Snowflake (a Tweet ID generation service we developed).
Tweets IDs are no longer sequential (but k-sorted with k <= 1 second), and
there is no way to count the total number of tweet sent every day.

More info about Snowflake on our Engineering Blog:
http://engineering.twitter.com/2010/06/announcing-snowflake.html

Arnaud / @rno 



On Wed, Apr 20, 2011 at 10:22 PM, Leo  wrote:

> So that means we can not infer how many tweets are being sent  from
> tweet id.
>
> I was wondering who is counting daily number of tweets.
>
> Of course Twitter is doing this itself, but  the result goes public
> very late.
>
>
> On Apr 20, 8:24 pm, Tim Meadowcroft  wrote:
> > I think you can only really rely on IDs having different values.
> >
> > In general, at the moment with Twitter, you could assume they increase
> over
> > time, but (and I don't work for Twitter) typically ID allocation on large
> > multihost systems don't work by allocating strictly sequential IDs
> without
> > gaps - it's too hard to sequence and not really necessary.
> >
> > So, for example, one way is that you build a system that gives different
> > ID-assigning-hosts small blocks of IDs that they can use so they can
> > allocate a series of IDs knowing they're unique without having to take
> out
> > any kind of global lock (they only take the lock to ask for a new block
> > every now and then). Another approach might be to have clocks
> synchronised
> > to some known accuracy and have IDs calculated as "period-since-epoch *
> > some-suitable-multiplier + unique-offset-per-host +
> > incrementing-counter-for-this-host".
> >
> > I'm sure people can come up with other schemes as quick as we could type
> > them up, but in general you make your ID space many orders of magnitude
> > bigger than you strictly need, and in return you gain some flexibility in
> > the criteria needed for quick and cheap unique allocation in a
> distributed
> > system. But I wouldn't assume that every possible ID value is necessarily
> > allocated.
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] Is the verifier pin required in OOB?

[Arnaud Meunier]

Hey Ali,

Out of band / PIN code authentication is just one of the OAuth
authentication flows we are supporting. Cf
http://dev.twitter.com/pages/auth_overview

If your app can handle the full OAuth process, stick to it and forget about
OOB :)

Arnaud / @rno 



On Wed, Apr 20, 2011 at 10:23 PM, Ali  wrote:

> Hi,
>
> I've been experimenting with OAuth authentication with the Twitter API
> for desktop/mobile apps and found out that the verifier pin is not
> necessary. Once the the request token is authorized, I am able to
> exchange it for an access token without providing the pin code.
>
> Is this the official expected behavior? I couldn't find any info on
> OOB in the API documentation. It is just barely mentioned and the link
> for more info doesn't work.
>
> Is there any documented behavior regarding the verifier pin and
> whether requiring the user to enter the pin is recommended or
> required?
>
>
> Thanks
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] Is the verifier pin required in OOB?

[Ali]

Hi,

I've been experimenting with OAuth authentication with the Twitter API
for desktop/mobile apps and found out that the verifier pin is not
necessary. Once the the request token is authorized, I am able to
exchange it for an access token without providing the pin code.

Is this the official expected behavior? I couldn't find any info on
OOB in the API documentation. It is just barely mentioned and the link
for more info doesn't work.

Is there any documented behavior regarding the verifier pin and
whether requiring the user to enter the pin is recommended or
required?


Thanks

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] Re: What does tweet id means?

[Leo]

So that means we can not infer how many tweets are being sent  from
tweet id.

I was wondering who is counting daily number of tweets.

Of course Twitter is doing this itself, but  the result goes public
very late.


On Apr 20, 8:24 pm, Tim Meadowcroft  wrote:
> I think you can only really rely on IDs having different values.
>
> In general, at the moment with Twitter, you could assume they increase over
> time, but (and I don't work for Twitter) typically ID allocation on large
> multihost systems don't work by allocating strictly sequential IDs without
> gaps - it's too hard to sequence and not really necessary.
>
> So, for example, one way is that you build a system that gives different
> ID-assigning-hosts small blocks of IDs that they can use so they can
> allocate a series of IDs knowing they're unique without having to take out
> any kind of global lock (they only take the lock to ask for a new block
> every now and then). Another approach might be to have clocks synchronised
> to some known accuracy and have IDs calculated as "period-since-epoch *
> some-suitable-multiplier + unique-offset-per-host +
> incrementing-counter-for-this-host".
>
> I'm sure people can come up with other schemes as quick as we could type
> them up, but in general you make your ID space many orders of magnitude
> bigger than you strictly need, and in return you gain some flexibility in
> the criteria needed for quick and cheap unique allocation in a distributed
> system. But I wouldn't assume that every possible ID value is necessarily
> allocated.

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] Re: Streaming API statuses/fileter method, "follow" parameter

[Kumar]

Thanks, Arnaud. Didn't think about the 'track' parameter. Will use it
now.


On Apr 21, 1:32 am, Arnaud Meunier  wrote:
> With the "follow" parameter, you should only get "real" replies & retweets.
> If you need to track all mentions, try the "track" parameter (i.e.
> track=@user)
>
> Arnaud / @rno 
>
>
>
>
>
>
>
> On Tue, Apr 19, 2011 at 9:35 PM, Kumar  wrote:
> > Hi All,
>
> > The streaming api documentation says that mentions, implicit retweets
> > and implicit replies will NOT be returned. However, it looks like they
> > are being returned. For our application we do need to keep track of
> > mentions and the streaming api seems to work fine. Can we rely on it
> > being present always? Is the documentation dated and need to be
> > updated?
>
> > Thanks,
> > Kumar.
>
> > -
> >http://dev.twitter.com/pages/streaming_api_methods#follow
>
> > References unmatched are statuses that were:
> > Mentions (“Hello @user!”)
> > Implicit retweets (“RT @user Says Helloes” without pressing a retweet
> > button)
> > Implicit replies (“@user Hello!”, created without pressing a reply
> > “swoosh” button to set the in_reply_to field)
>
> > ---
>
> > --
> > Twitter developer documentation and resources:http://dev.twitter.com/doc
> > API updates via Twitter:http://twitter.com/twitterapi
> > Issues/Enhancements Tracker:
> >http://code.google.com/p/twitter-api/issues/list
> > Change your membership to this group:
> >http://groups.google.com/group/twitter-development-talk

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] Re: Prepackaged Twitter App in Handsets

[sunderjs]

If the application vendor maintains this proxy, there could be
proprietary interface
and the proxy itself eventually would use HTTP for Twitter access. Are
you aware
of any such vendor apps espl from handset OEMs ? This is precisely
what i'm looking for.

thanks
Sunderjeet

On Apr 20, 5:21 pm, Taylor Singletary 
wrote:
> While you'll find most applications on handsets communicate with
> api.twitter.com, search.twitter.com, and twitter.com directly -- there are
> likely a handful of applications that communicate with a proxy server of
> some kind as an intermediary between the device and Twitter.
>
> If they're talking directly to Twitter though, they'll be doing so through
> HTTP.
>
> @episod  - Taylor Singletary
>
> On Wed, Apr 20, 2011 at 12:35 PM, sunderjs  wrote:
> > Hello,
>
> > I'm working on implementing mobile data plans for social networking
> > sites including Twitter. Requirement is to identify Twitter traffic
> > from mobile devices and charge distinctively from other data packets.
> > Since there are different ways that Twitter can be accessed from a
> > mobile device (browser, client app, embedded links etc), i would like
> > to know the possible patterns that i should identify. Clients using
> > standard Twitter APIs would be RESTful and generating HTTP traffic
> > eventually. Question is does the prepackaged client apps (such as HTC
> > Sense, SE Timescape, Moto Blur, Samsung Social Hub etc ) also use
> > public Twitter APIs ? Or is it a different arrangement altogether.
>
> > thanks
> > Sunderjeet
>
> > --
> > Twitter developer documentation and resources:http://dev.twitter.com/doc
> > API updates via Twitter:http://twitter.com/twitterapi
> > Issues/Enhancements Tracker:
> >http://code.google.com/p/twitter-api/issues/list
> > Change your membership to this group:
> >http://groups.google.com/group/twitter-development-talk

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] Unable to retweet using statuses/retweet

[Adam Green]

I found the answer here:
http://stackoverflow.com/questions/4674240/how-do-i-format-a-retweet-request-through-the-abraham-twitteroauth-php-class

Funny that the "try it"  example in the dev.twitter.com/doc page made
the same mistake I did and delivers the same error.
http://dev.twitter.com/doc/post/statuses/retweet/:id


On Wed, Apr 20, 2011 at 8:55 PM, Adam Green <140...@gmail.com> wrote:
> I'm trying to build some retweeting code and am unable to get /
> statuses/retweet to work. I keep getting an error of:
> {"request":"\/1\/statuses\/retweet.json","error":"Not found"}
>
> I thought I may have been doing something incorrect, even though I
> used exactly the same code format that I use for other OAuth REST
> calls that worked correctly, such as statuses/destroy.
>
> I then tried the API console example in the API docs, and got the same
> error, and this was with the canned arguments, so it couldn't be my
> code.
>
> So I'm wondering if there is some documentation error and this API
> call has changed. The fact that the doc page incorrectly says
> authentication isn't needed doesn't give me a lot of confidence as
> well.
>
> Can someone tell me what API call they use to do a retweet?
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group: 
> http://groups.google.com/group/twitter-development-talk
>



-- 
Adam Green
Twitter API Consultant and Analyst
http://140dev.com, @140dev
http://2012twit.com, @2012twit
781-879-2960

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] Re: error 401 failed oauth_signature and token / javascript - qml

[galeyte]

Hi Matt,

Thanks for answering me. It now works hope to you.
There's plainty off things i put in signature etc etc just to debug !

Thanks,

On 20 avr, 21:06, Matt Harris  wrote:
> Hey,
>
> Looking at your example basestring it looks like you have your OAuth steps 
> confused. In your example you are sending an oauth_token with your request to 
> /oauth/request_token when you shouldn't be.
>
> You can read more on the OAuth flow on our developer site:
>    http://dev.twitter.com/pages/auth
>
> The specific section about request_token is here:
>    http://dev.twitter.com/pages/auth#request-token
>
> Best
> @themattharris
>
> On Apr 20, 2011, at 9:10, galeyte  wrote:
>
>
>
>
>
>
>
> > Is it possible to have any help ?
> > here is the base string i'm generating :
>
> > POST&https%3A%2F%2Fapi.twitter.com%2Foauth
> > %2Frequest_token&oauth_callback%3Dhttp%253A%252F%252Flocalhost
> > %253A3005%252Fthe_dance%252Fprocess_callback%253Fservice_provider_id
> > %253D11%26oauth_consumer_key%3DVqqupffO63SXe1pt70gqDA%26oauth_nonce
> > %3DbIMeZu%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp
> > %3D1303315938%26oauth_token%3D278460982-
> > BLIgYJ81sbHYUYg9JYodKM75fxCM1v1NrG9GuzIJ%26oauth_version%3D1.0
>
> > the signature :
> > 2sxwv2R1Q+taksgof+QGFlUwqmw=
>
> > and the "AUTHORIZATION" header field i'm transmiting to
> >https://api.twitter.com/oauth/request_token:
>
> > OAuth oauth_nonce="bIMeZu",oauth_callback="http%3A%2F%2Flocalhost
> > %3A3005%2Fthe_dance%2Fprocess_callback%3Fservice_provider_id
> > %3D11",oauth_signature_method="HMAC-
> > SHA1",oauth_timestamp="1303315938",oauth_consumer_key="VqqupffO63SXe1pt70gq 
> > DA",oauth_signature="2sxwv2R1Q
> > %2Btaksgof%2BQGFlUwqmw%3D",oauth_version="1.0"
>
> > I'm still getting the same response whereas the tools i check my work
> > with say my basestring and signature are ok.
>
> > Thanks.
>
> > On 19 avr, 18:01, galeyte  wrote:
> >> Hi again,
>
> >> So i've deleted my previous code, and started again to respect
> >> twitter's doc and oauth thing i've seen before.
> >> Here is my new code, header-based, calling the good endpoint url :
>
> >> function getSignature() {
> >>     var nonce = OAuth.nonce(31);
> >>     var time = OAuth.timestamp();
> >>     var parameters = ["oauth_token="+oauth_token,
> >> "oauth_consumer_key="+consumer_key, "oauth_nonce="+nonce,
> >> "oauth_signature_method=HMAC-SHA1",
> >> "oauth_timestamp="+time,"oauth_version=1.0"];
> >>     parameters = parameters.sort();
> >>     var join = parameters.join("&");
> >>     var joindparameters = encodeURIComponent(join);
> >>     var baseString = "POST&"+encodeURIComponent(request_token_url)+
> >> "&" + joindparameters;
> >>     var signature = b64_hmac_sha1(consumer_secret + "&" +
> >> oauth_token_secret, baseString);
> >>     console.log(signature);
> >>     request_maker = new XMLHttpRequest();
> >>     request_maker.open("POST", request_token_url);
> >>     request_maker.setRequestHeader("Content-Type", "application/x-www-
> >> form-urlencoded");
> >>     request_maker.onreadystatechange = oth_func;
> >>     var data = "OAuth oauth_nonce=\""+nonce+"\",
> >> oauth_signature_method=\"HMAC-SHA1\", oauth_timestamp=\""+time+"\",
> >> oauth_consumer_key=\""+consumer_key+"\", oauth_signature=
> >> \""+encodeURIComponent(signature)+"\", oauth_version=\"1.0\"";
> >>     console.log(data);
> >>     request_maker.setRequestHeader("Authorization", data);
> >>     request_maker.send();
>
> >> }
>
> >> I'm totally sure about my basestring and my signature (checked 
> >> withhttp://oauth.googlecode.com/svn/code/javascript/example/signature.html)
> >> I've tried with 2 composite signing key :
> >> first : consumer_secret + "&" + oauth_token_secret
> >> second: consumer_secret + "&"
> >> but it did not change anything.
>
> >> On Apr 19, 3:47 pm, galeyte  wrote:
>
> >>> And i stop using OAuth javascript library, and i'm getting the same
> >>> basestring and signature as oauth library examples
>
> >>> Here is the authorization header i send :
> >>> OAuth realm='', oauth_nonce=1W3hagbtydTy8GBfkqxS3imJUDUfINi,
> >>> oauth_timestamp=1303220837, oauth_consumer_key=[CONSUMER_KEY],
> >>> oauth_signature_method=HMAC-SHA1, oauth_version=1.0,
> >>> oauth_signature=ik0d0OV6JzLxQ/yeddowfSQCQgg=
>
> >>> On 19 avr, 14:44, galeyte  wrote:
>
>  Ok so i've stopped using OAuth javascript library
>
>  Here is my new code :
>  function getSignature() {
>      var nonce = OAuth.nonce(31);
>      var time = OAuth.timestamp();
>      var parameters = [encodeURIComponent("oauth_token="+oauth_token),
>  encodeURIComponent("oauth_consumer_key="+consumer_key),
>  encodeURIComponent("oauth_nonce="+nonce),
>          encodeURIComponent("oauth_signature_method=HMAC-
>  SHA1"),encodeURIComponent("oauth_timestamp="+time),
>  encodeURIComponent("oauth_version=1.0")];
>      parameters = parameters.sort();
>      var join = parameters.join("&");
>      var joindparameters = encodeURIComponent(