[twitter-dev] id_str not present in User Streams delete events
I just discovered what I believe to be an issue (or an oversight) in the User Streams API as pertains to the recent Snowflake changes. There is no id_str property in this delete event from a User Stream: {delete:{status:{id:7102620514648064,user_id:16357089}}} Thanks, Jonathon Hill http://rainmakerapp.com -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
[twitter-dev] User Streams count parameter
Per http://dev.twitter.com/pages/user_streams_suggestions: If disconnected for just a few minutes, use the streaming count parameter to backfill missing events. Note: count is currently disabled May 22, 2010 Why was count disabled for User Streams, and is there any plan to make it available once again? Thanks, Jonathon Hill http://rainmakerapp.com -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
[twitter-dev] Re: User Streaming API and use of OAuth from web browser
Have you looked at xAuth? It was designed for desktop clients but it may work well with Javascript clients. Jonathon Hill On Oct 6, 4:54 pm, Tim Bull tim.b...@binaryplex.com wrote: Hi, We are building an application client that is browser based. We're very comfortable with using OAuth from our server side code and are using it fine with the REST API (users sign in, authenticate with Twitter, we store their access tokens and reuse as requested - at the moment we mimic the required Twitter API on our server and when a user does something like a POST, we call our stub, use their token to then make the call via OAuth to Twitter). So far so good, but we'd like to implement User Streaming directly into the client side application. I've been browsing the Twitter Development documentation and there's a couple of points I'd like clarification on: *http://dev.twitter.com/pages/auth_overviewsays Streaming supports Basic and OAuth. *http://dev.twitter.com/pages/user_streamssays that the user streams supports OAuth only HTTPS, OAuth and JSON only. No problems here, I just raise it to point out the auth_overview doco is slightly out of date. *http://dev.twitter.com/pages/oauth_librariestalks about a JS library but says Javascript really shouldn't be used for OAuth 1.0A with respect to websites in web browsers. Ideally, you'll only use Javascript to perform OAuth operations when using server-side. The points I'd like some clarification on: 1. Given user_streams API is the intended way for clients to access Twitter going forwards, I presume it's intended not just for desktop, but also web clients too? 2. If 1 is correct, then is it OK to use JavaScript for the OAuth? If it's not, what is the recommended approach for a client side web application to connect and authenticate to the user_stream? Thanks, Tim -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
[twitter-dev] Need help with PayPal security requirements
I'm trying to get approval from PayPal to use their Preapproval API, and to do so my application must meet several requirements. I won't post the entire list here, because it isn't applicable to Twitter, however since users log in to my application via Twitter OAuth several of them are applicable: A1. User passwords must conform to industry best practices for content Generally, the length should be at least 6 characters, and contain at least one alpha and one numeric. Candidate passwords which meet the static syntactical requirements should also be passed across a dictionary of common passwords, and rules – no passwords of “blink182”, or passwords which are the same as the user-ID, for example. A6. A control must be implemented that prevents the brute force attack of login credentials. A common attack against web sites is to attempt to login in with a variety of different commonly used passwords for a given login id. There must be some method used to ensure that one is unable to perform this sort of attack. A common solution is to lock login attempts on an account for some period of time. In order to ensure that these mechanisms do not generate a means of denial of service attacks against accounts, these lockouts should cancel after a period of time (a few hours is typical). A7. A control must be implemented that prevents brute force guessing of passwords, especially if the attack is originating from a botnet. Typically, this will require collecting metadata about logons, logging them into a central log store, and then performing real-time analytics against that data. If a brute force attack is detected, a strong CAPTCHA (resistant against machine/scripted attacks) would be switched on. There are other implementation techniques, but this is the least invasive from a user experience perspective. Note – this is conceptually and functionally different from A6. B1. Login credentials must only be collected on pages that implement https with Extended Validation (EV) certificates. In order to allow customers to verify that they are truly connected to the partner site and to encourage general good practices, login credentials must be collected on pages that are https enabled, and using Extended Validation (EV) certificates. So, my questions are: 1. Would you guys be willing to add to your API to allow enforcing tighter password requirements as needed? 2. Will you upgrade your SSL certificate on api.twitter.com to one with Extended Validation? It seems like this would be relatively easy and inexpensive to do, and beneficial to all. 3. How does https://api.twitter.com/oauth/authenticate respond to brute-force attacks on login credentials? Thanks! Jonathon Hill @compwright @rainmakerapp
[twitter-dev] Re: Stream API - which one to use
There is only one streaming API that is live currently. The user streaming is for a completely different usage than the regular streaming API. User streaming allows your application to be notified on events specific to a particular user such as direct messages, follows/unfollows, list creation, etc. That is what the chirpstream is all about. You can't yet build apps on it, it will be released sometime after July. Earlybird is the name of a small demo app someone wrote to demonstrate user streaming at the Chirp hack day (day two of the conference). Jonathon Hill @compwright On May 30, 3:10 pm, bear bea...@gmail.com wrote: I'm getting some code ready for delivery to a customer and I need to settle on the best way to get twitter data into their app. I've been using the official Stream API up till now but that has all kinds of problems for me because it's basically the search results delivered as a stream, so I have to do all kinds of post processing on it to remove the extra stuff. During the Chirp conference I saw that there was a chirpstream preview of a user's data - has that been released to us non-sanfran devs yet? or is it still special? I'm also seeing in the dev group postings things like betastream, earlybird, and some others - is there any chance of even me being able to figure out which stream api will eventually get used at all? So yea, looking to get some answers on which stream api to use or if good old polling is still the best way to get clean, accurate user data?
[twitter-dev] Re: Streaming API OAuth explanation?
Hey we need documentation! Jonathon On May 24, 4:50 pm, Mark McBride mmcbr...@twitter.com wrote: OAuth is now enabled on stream.twitter.com. I'll also send a note out to the announce list ---Mark http://twitter.com/mccv On Mon, May 24, 2010 at 12:30 PM, Aaron Rankin aran...@gmail.com wrote: Hi, Is there an ETA for enabling oauth on stream.twitter.com? Thanks, Aaron On May 13, 1:11 pm, John Kalucki j...@twitter.com wrote: OAuthis not enabled on stream.twitter.com. You can try on chirpstream.twitter.com. On Thu, May 13, 2010 at 10:53 AM, Lucas Vickers lucasvick...@gmail.com wrote: I am writing my own c++ basedOAuthlibrary. I know there is liboauth but I like to do things myself to learn. Anyhow I am trying to accesshttp://stream.twitter.com/1/statuses/sample.xml and I keep getting 401. I have verified pretty much every parameter, and used the tool on http://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iv-signin... to verify my signature is correct. I used twurl to obtain the user access tokens to my account. After doing some reading I'm no longer convinced that thestreaming server even supportsoauth. can you fill me in on the current status of stream.twitter.com and oauth? thanks! Lucas On Apr 20, 11:02 pm, Jonathon Hill jhill9...@gmail.com wrote: Thanks Taylor for the very detailed and helpful response! Jonathon On Apr 20, 1:17 pm, Taylor Singletary taylorsinglet...@twitter.com wrote: Hi Jonathon, ForStreamingAPI access that isn't from the perspective of a user's account, you would use two-leggedOAuthto establish authentication instead of basic auth. A two-leggedOAuthrequest is very similar to otherOAuthrequests: you have a specific resource you are trying to access, you have some parameters you want to pass to that resource, and you have anOAuthconsumer key andOAuth consumer secret. Which is unlike three-leggedOAuthwhere you also have oauth_tokens representing either a user/access_token or a request token in addition to the rest. But the rules remain the same. You take all theOAuthparameters and the parameters you are sending to the resource, organize them, build a signature base string, then sign that with your consumer secret and send the request on to Twitter properly signed. The only difference is that there is no oauth_token and oauth_token_secret getting involved in the mix. This is essentially what a two-legged request to thestreamingAPI would look like: Signature Base String GEThttp%3A%2F%2Fstream.twitter.com %2F1%2Fstatuses%2Fsample.jsonoauth_consumer_key%3Dri8JxYK2zzwSV5xIUfNNvQ%26oauth_nonce%3DSJJqJPdaZrYuIogToapS6ueJRyWB4Rs2ox4HEbu4nW8%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1271783743%26oauth_version%3D1.0 Signature Xi5jfuw2XqtU5KpNX9ZCtTptJS0= Authorization Header OAuthoauth_nonce=SJJqJPdaZrYuIogToapS6ueJRyWB4Rs2ox4HEbu4nW8, oauth_signature_method=HMAC-SHA1, oauth_timestamp=1271783743, oauth_consumer_key=ri8JxYK2zzwSV5xIUfNNvQ, oauth_signature=Xi5jfuw2XqtU5KpNX9ZCtTptJS0%3D, oauth_version=1.0 Taylor Singletary Developer Advocate, Twitterhttp://twitter.com/episod On Tue, Apr 20, 2010 at 10:05 AM, Jonathon Hill jhill9...@gmail.com wrote: One thing I meant to find out @chirp last week--what willoauthlook like for theStreamingAPI? I'm having a hard time visualizing how that will work. Thanks, Jonathon Hill @compwright Company52 http://company52.com -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
[twitter-dev] Re: Intermittent 401 Errors
I don't have the timestamp of a request that I can get an exact measurement from, but it is 30 seconds. Jonathon On May 18, 9:57 am, Taylor Singletary taylorsinglet...@twitter.com wrote: Jonathon, When you get that error in the access token step, how much time has passed since when the request token was issued before attempting to be exchanged for an access token? Taylor Singletary Developer Advocate, Twitterhttp://twitter.com/episod On Mon, May 17, 2010 at 6:00 PM, Jonathon Hill jhill9...@gmail.com wrote: I too am experiencing this issue with OAuth calls. At random times / oauth/access_token results in a response similar to the following: Date: Mon, 17 May 2010 21:27:26 GMT Server: hi Status: 401 Unauthorized WWW-Authenticate: Basic realm=Twitter API X-Transaction: 1274131646-92315-8359 Last-Modified: Mon, 17 May 2010 21:27:26 GMT Content-Type: text/html; charset=utf-8 Content-Length: 136 Pragma: no-cache X-Revision: DEV Expires: Tue, 31 Mar 1981 05:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post- check=0 Set-Cookie: _twitter_sess=BAh7CToPY3JlYXRlZF9hdGwrCFEJKqgoAToHaWQiJTE5Y2ZhYjRmZDAzNDhi %250AYzQ4OGIwZDI1YjVmZDlkNWQ5IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy %250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsAOhF0cmFuc19wcm9tcHQw--3f410249b56aa9a5ce6c444e7f36dfe6fb446a58; domain=.twitter.com; path=/ Vary: Accept-Encoding Connection: close ?xml version=1.0 encoding=UTF-8? hash request/oauth/access_token/request errorInvalid / expired Token/error /hash Jonathon Hill @compwright @rainmakerapp On May 11, 10:15 am, Dewald Pretorius dpr...@gmail.com wrote: In fact, the API seems to be really borked at the moment. I've been running more tests on friends_timeline.json, and the following happens: 1) Sometimes the connection is refused. 2) Sometimes I get a 200 OK with an empty JSON array, and seconds later with the very next call on the same Twitter account I get a 200 OK with a fully populated JSON array. 3) On some accounts I get 401Invalid / expired token, where the token on my side has not changed and the connection is present in the Twitter account's Connections tab.
[twitter-dev] Re: Intermittent 401 Errors
I too am experiencing this issue with OAuth calls. At random times / oauth/access_token results in a response similar to the following: Date: Mon, 17 May 2010 21:27:26 GMT Server: hi Status: 401 Unauthorized WWW-Authenticate: Basic realm=Twitter API X-Transaction: 1274131646-92315-8359 Last-Modified: Mon, 17 May 2010 21:27:26 GMT Content-Type: text/html; charset=utf-8 Content-Length: 136 Pragma: no-cache X-Revision: DEV Expires: Tue, 31 Mar 1981 05:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post- check=0 Set-Cookie: _twitter_sess=BAh7CToPY3JlYXRlZF9hdGwrCFEJKqgoAToHaWQiJTE5Y2ZhYjRmZDAzNDhi %250AYzQ4OGIwZDI1YjVmZDlkNWQ5IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy %250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsAOhF0cmFuc19wcm9tcHQw--3f410249b56aa9a5ce6c444e7f36dfe6fb446a58; domain=.twitter.com; path=/ Vary: Accept-Encoding Connection: close ?xml version=1.0 encoding=UTF-8? hash request/oauth/access_token/request errorInvalid / expired Token/error /hash Jonathon Hill @compwright @rainmakerapp On May 11, 10:15 am, Dewald Pretorius dpr...@gmail.com wrote: In fact, the API seems to be really borked at the moment. I've been running more tests on friends_timeline.json, and the following happens: 1) Sometimes the connection is refused. 2) Sometimes I get a 200 OK with an empty JSON array, and seconds later with the very next call on the same Twitter account I get a 200 OK with a fully populated JSON array. 3) On some accounts I get 401Invalid / expired token, where the token on my side has not changed and the connection is present in the Twitter account's Connections tab.
[twitter-dev] Re: which PHP libraries will still be ok to use with OAuth (Jun 30th)
The message we got at Chirp was that *none* of them do everything exactly right, so you still need to understand how OAuth works. Jonathon Hill Company52 @compwright On May 12, 7:38 am, alex alex.urdea.fi...@gmail.com wrote: Hi guys, Now that twitter will deprecate the the Basic Auth and OAuth will be the standard (http://apiwiki.twitter.com/OAuth-FAQ#WhenareyougoingtoturnoffBasicAuth ) which PHP libraries in this list http://dev.twitter.com/pages/libraries#php are ok to use? (Also, which one do you consider to be the best?) Thank you
[twitter-dev] User Streaming API development status
John, I know you guys are busy, understaffed on the Streaming API team, etc. But, I'm developing an app that really could benefit a lot from this new API, and it is very near beta launch. Could you give us some sort of idea of what the current status is, what hurdles you guys still have to overcome, and some sort of rough idea of how long it would be? Are we talking days, weeks, or months out? Thanks! Jonathon Hill Company52 @compwright
[twitter-dev] Re: Chirp Streaming API Slides -- Streaming API Architecture Thinking In Streams
Awesome! I've been looking forward to it. Any word on the other's slides? I was told they would all be posted after @chirp. Jonathon On Apr 27, 1:29 pm, John Kalucki j...@twitter.com wrote: I've posted the slides from my two #chirp talks on the Streaming API on slideshare.net: Twitter Streaming API Architecture:http://bit.ly/chirpstreamarch Thinking In Streams:http://bit.ly/chirpthinkstream2 -John Kaluckihttp://twitter.com/jkalucki Infrastructure, Twitter Inc. -- Subscription settings:http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
[twitter-dev] dev.twitter.com usability - FAIL
The new dev.twitter.com website that launched at Chirp a few weeks ago is very nice and attractive but there are several major usability issues: * The new API documentation does not provide return values of the API calls. The old wiki provided this information, along with usage notes that are not present either on the new site. * It is difficult to look up API endpoints required for a given type of functionality. If you don't remember the exact endpoint to look for, it can be frustrating trying to find the right one. This would easily be fixed using a more descriptive list of endpoints, and/or more visual contrast between headings and list items. * I tend to overlook the endpoint description in the blue header section. My eyes expect it in the white area below. Please move it, and make it stand out more. * The Supported formats, Supported request methods, Requires Authentication, and Rate Limited sections use up an awful lot of vertical space on the page unnecessarily. Making each one of these a heading also dilutes the visual hierarchy on the page and takes away from more detailed and important information on the page, from a reference standpoint. I think these would be more effectively presented as a list under a Metadata heading, or as a small table. * The API console is very restricted without login and registration of an app. I think this is a mistake. Login should be required only for those calls that require authentication. * The API console would be much easier to use if there were parameter hints for each call on the page somewhere. Prepopulating the parameter list would be awesome! These are all things that have been kindof in my face as I've tried to use dev.twitter.com in my day to day development work. I would be delighted if you would address these issues. Thanks! Jonathon Hill Company52 http://company52.com @compwright
[twitter-dev] Re: How to end user session?
Taylor, The problem with that is when I get my request token and redir to the authorization page, if I'm logged in to Twitter.com it skips right on by and redirects back to my app, so there's no opportunity to register on my site as a *different* Twitter user, except for deliberately going to twitter.com and logging out. Abraham's suggestion of forcing login helps, but a more elegant solution would be to provide a way to kill the authorization in the browser somehow at will, instead of forcing it each time. I'm really dealing with an edge case here, as most users won't have more than one account, but attention to edge cases is what separates average apps to excellent apps, as I'm sure you well know. Thanks, Jonathon On Apr 20, 3:55 pm, Taylor Singletary taylorsinglet...@twitter.com wrote: Hi Jonathon, You'd handle this on your own back end. Using OAuth a user is never logged in -- there is no concept of a session or persistence -- it's all stateless. The association between your user and an access token is your own. If you want a user to be able to use multiple twitter accounts on your site, you would design a model relationship between access tokens and users such that a user can have many access tokens -- you'd then use context shifting of some kind in your application that establishes one of the access tokens belonging to the user is the current access token. This will let your users context shift seamlessly. You'd obviously also have to ensure that the security of your application is such that a user never has access to access tokens that don't belong to them. Taylor Singletary Developer Advocate, Twitterhttp://twitter.com/episod On Tue, Apr 20, 2010 at 12:48 PM, Jonathon Hill jhill9...@gmail.com wrote: Hello, I'm building an app that uses OAuth for registration and authentication. Is there any way to log an authenticated user out of twitter, so that he/she can log in with a different twitter account? Calling the REST endpoint /account/end_session.json doesn't work. Thanks, Jonathon Hill Company52 http://company52.com @compwright -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
[twitter-dev] Re: Streaming API OAuth explanation?
Thanks Taylor for the very detailed and helpful response! Jonathon On Apr 20, 1:17 pm, Taylor Singletary taylorsinglet...@twitter.com wrote: Hi Jonathon, For Streaming API access that isn't from the perspective of a user's account, you would use two-legged OAuth to establish authentication instead of basic auth. A two-legged OAuth request is very similar to other OAuth requests: you have a specific resource you are trying to access, you have some parameters you want to pass to that resource, and you have an OAuth consumer key and OAuth consumer secret. Which is unlike three-legged OAuth where you also have oauth_tokens representing either a user/access_token or a request token in addition to the rest. But the rules remain the same. You take all the OAuth parameters and the parameters you are sending to the resource, organize them, build a signature base string, then sign that with your consumer secret and send the request on to Twitter properly signed. The only difference is that there is no oauth_token and oauth_token_secret getting involved in the mix. This is essentially what a two-legged request to the streaming API would look like: Signature Base String GEThttp%3A%2F%2Fstream.twitter.com %2F1%2Fstatuses%2Fsample.jsonoauth_consumer_key%3Dri8JxYK2zzwSV5xIUfNNvQ%26oauth_nonce%3DSJJqJPdaZrYuIogToapS6ueJRyWB4Rs2ox4HEbu4nW8%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1271783743%26oauth_version%3D1.0 Signature Xi5jfuw2XqtU5KpNX9ZCtTptJS0= Authorization Header OAuth oauth_nonce=SJJqJPdaZrYuIogToapS6ueJRyWB4Rs2ox4HEbu4nW8, oauth_signature_method=HMAC-SHA1, oauth_timestamp=1271783743, oauth_consumer_key=ri8JxYK2zzwSV5xIUfNNvQ, oauth_signature=Xi5jfuw2XqtU5KpNX9ZCtTptJS0%3D, oauth_version=1.0 Taylor Singletary Developer Advocate, Twitterhttp://twitter.com/episod On Tue, Apr 20, 2010 at 10:05 AM, Jonathon Hill jhill9...@gmail.com wrote: One thing I meant to find out @chirp last week--what will oauth look like for the Streaming API? I'm having a hard time visualizing how that will work. Thanks, Jonathon Hill @compwright Company52 http://company52.com -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
[twitter-dev] Re: User Stream's API usage
I would like to request the addition of another piece of information to the user stream: user profile changes. Anytime the user changes any part of their profile data, it would be helpful to stream that change. Also will there be any way to consume user streams for multiple users? Thanks, Jonathon Hill Company52 http://company52.com @compwright On Apr 15, 7:46 pm, Dewald Pretorius dpr...@gmail.com wrote: John, I know it is still some ways off into the future, but would you consider segmenting out the areas ofuserstreams that don't have privacy implications, to make those parts of the stream available to services as a higher priority compared with the rest? For me, social graph changes are the biggest pain point in terms of processing and delays (and in some cases impracticality) in providing services to users. I can imagine that there will be scalability issues, because a service will have to be able to subscribe to the streams of hundreds of thousands or more users. Nonetheless, consideration will be much appreciated. On Apr 15, 8:32 pm, John Kalucki j...@twitter.com wrote: Once the conference is over, we'll open the preview up to developers everywhere. A few more hours to go... -John Kaluckihttp://twitter.com/jkalucki Infrastructure, Twitter Inc. On Thu, Apr 15, 2010 at 3:49 PM, Isaiah Carew isa...@me.com wrote: Any chance on getting access to a beta of these from outside chirp? I had to come home this afternoon and didn't get to play too much while i was there, but would be really interested in playing more. I understand it's not ready for roll out. Just looking to start the development process. isaiah http://twitter.com/isaiah On Apr 14, 2010, at 9:26 PM, John Kalucki wrote: I should have encouraged folks to understand theStreamingAPI first. You can read up on all the details here: http://apiwiki.twitter.com/Streaming-API-Documentation But, for a prototype, just dive right in. -John On Wed, Apr 14, 2010 at 9:15 PM, Mark McBride mmcbr...@twitter.comwrote: Some sample APIs... curl -uyouruser:yourpasshttp://chirpstream.twitter.com/2b/user.jsohttp://chirpstream.twitter.com/2b/user.json n Will give you a stream of your home timeline, social activity from your friends, and direct messages. curl -uyouruser:yourpass http://chirpstream.twitter.com/2b/user.jsohttp://chirpstream.twitter.com/2b/user.json n?track=#chirp Will give you all of the above, plus any tweets matching #chirp Does that clear it up? If not, I'm currently near The Coop. ---Mark http://twitter.com/mccv On Wed, Apr 14, 2010 at 6:37 PM, Kovas Boguts kovas.bog...@gmail.comwrote: Hi, Is there any description of how to use this? I don't understand how to use track with this or what is generally available for hack day. Thanks! On Apr 14, 2010, at 4:17 PM, John Kalucki j...@twitter.com wrote: Email me your account name. You are in, but not getting data. Also, is this account following anyone? Typos by iPhone. On Apr 14, 2010, at 4:11 PM, Jud jvale...@gmail.com wrote: I'm in the chrip conference IP address range, but http://chirpstream.twitter.com/2b/user.jsonusageisn't clear. - the follow predicate in a POST doesn't work (should it?) - track as a predicate gets accepted, but no data comes through (I get a single '{friends:[]}', but that's it) - am I supposed to be tracking userids or names or keywords? is the resource simply not turned on until later at/on the hackathon's network? -- To unsubscribe, reply using remove me as the subject.- Hide quoted text - - Show quoted text -
[twitter-dev] Re: User Stream's API usage
What's wrong with Qwitter? I don't get it. Jonathon Hill On Apr 21, 4:30 pm, Cameron Kaiser spec...@floodgap.com wrote: Also, unfollows should be treated the same as follows. I know its sad when an unfollow happens, but this is important information too. I disagree. I think unfollows should be totally without penalty, and making them visible/exposed could depending on the situation assign them a very heavy social penalty. Qwitter comes to mind. -- personal:http://www.cameronkaiser.com/-- Cameron Kaiser * Floodgap Systems *www.floodgap.com* ckai...@floodgap.com -- EH! STEVE! --- -- Subscription settings:http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
[twitter-dev] Streaming API OAuth explanation?
One thing I meant to find out @chirp last week--what will oauth look like for the Streaming API? I'm having a hard time visualizing how that will work. Thanks, Jonathon Hill @compwright Company52 http://company52.com -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
[twitter-dev] How to end user session?
Hello, I'm building an app that uses OAuth for registration and authentication. Is there any way to log an authenticated user out of twitter, so that he/she can log in with a different twitter account? Calling the REST endpoint /account/end_session.json doesn't work. Thanks, Jonathon Hill Company52 http://company52.com @compwright -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
[twitter-dev] What are reasonably focused track predicates?
From the streaming API documentation: Reasonably focused track predicates will return all occurrences in the full Firehose stream of public statuses. Overly broad track predicates will cause the output to be periodically limited. After the limitation period expires, all matching statuses will once again be delivered, along with a limit message that enumerates the total number of statuses that have been eliminated from the stream. Limit messages are described in Parsing Responses. My use case is tracking a set of users (follow), and in addition monitoring a list of hashtags (filter). Several questions: a) Does this qualify? b) How many hashtags and/or followers would I have to track to unqualify and start getting rate limited? c) Do follow predicates get a higher priority? If I get rate limited temporarily, what will be limited - the hashtags, the followers, or a random combination of both? d) If one of my hashtags becomes a trending topic, how does that affect the streaming api limit? Thanks! Jonathon Hill http://twitter.com/compwright
[twitter-dev] Re: Streaming API (filtered) missing Tweets
What do you guys consider low quality? Jonathon On Mar 16, 9:46 am, John Kalucki j...@twitter.com wrote: Do those same users show in search? If not, chances are that those users are filtered for quality from both Search and Streaming. If the users do show in Search, there's probably something wrong with your filter predicates. Note that track only searches on status text, not on the entire status object. If you want to follow given users directly, you need to also specify them with the follow parameter. -John Kaluckihttp://twitter.com/jkalucki Infrastructure, Twitter Inc. On Tue, Mar 16, 2010 at 3:13 AM, stevew stevewhite...@gmail.com wrote: Hi I am using the PHP library Phirehose to consume the streaming API, however I don't seem to receive the tweets from the people I am interested in - I am connecting to the url: http://stream.twitter.com/1/statuses/filter.json - Connecting without the filter I get about 27 tweets a second, with it is only about 1 a second, implying the filter is working - manually checking the tweets with the filter they all seem to mention or be @ the people I am interested in, but not from them - I can see that some of the users have tweeted by visiting the website Is this a limitation of the garden hose access or is it likely there is something wrong with my code?