[twitter-dev] Re: Can our twitter app call /oauth/revoke?
While I may not want to revoke access for a key, I don't want to leave folks logged into twitter if they use my application from a shared computer. (And no, asking them to log out from twitter isn't reasonable.) It used to be that oauth/authorize did NOT leave users logged into twitter, now it does. http://code.google.com/p/twitter-api/issues/detail?id=1453 On Apr 20, 6:36 pm, Abraham Williams 4bra...@gmail.com wrote: There is no oauth/revoke method. Personally I don't see much utility in one except for keeping /settings/connections less cluttered. Abraham On Tue, Apr 20, 2010 at 18:15, Robbie Coleman rob...@gravity.com wrote: I do not see it documented, and dev.twitter.com/doc is throwing 403's on searches, but I do see that your own http://twitter.com/settings/connections; Revoke Access links call this on the click event. I am trying to provide our users a clean UI for managing all of their OAuth enabled networks/sites, and twitter is one of those. Both Facebook and Google (their OAuth contact API) provide API calls to revoke a user's access_token/session_key. Thanks, Robbie Coleman Software Cleric Social Shaman Gravity -- Abraham Williams | Developer for hire |http://abrah.am PoseurTech Labs | Projects |http://labs.poseurtech.com This email is: [ ] shareable [x] ask first [ ] private. -- Subscription settings:http://groups.google.com/group/twitter-development-talk/subscribe?hl=en- Hide quoted text - - Show quoted text -
[twitter-dev] Re: How to end user session?
While oauth/authenticate with force_login=true does force users to provide credentials, oauth/authenticate leaves them logged into twitter, which is somewhat dangerous from a shared or public computer. oauth/authorize used to behave differently - it didn't leave users logged in. However, that changed - see http://code.google.com/p/twitter-api/issues/detail?id=1453 . On Apr 20, 5:55 pm, Abraham Williams 4bra...@gmail.com wrote: You can add send users tohttps://twitter.com/oauth/authenticate?oauth_token=xyzforce_login=tr... the force_login=true) to have users always prompted for username and password on twitter.com. http://apiwiki.twitter.com/Twitter-REST-API-Method:-oauth-authenticate http://apiwiki.twitter.com/Twitter-REST-API-Method:-oauth-authenticate Abraham On Tue, Apr 20, 2010 at 12:48, Jonathon Hill jhill9...@gmail.com wrote: Hello, I'm building an app that uses OAuth for registration and authentication. Is there any way to log an authenticated user out of twitter, so that he/she can log in with a different twitter account? Calling the REST endpoint /account/end_session.json doesn't work. Thanks, Jonathon Hill Company52 http://company52.com @compwright -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en -- Abraham Williams | Developer for hire |http://abrah.am PoseurTech Labs | Projects |http://labs.poseurtech.com This email is: [ ] shareable [x] ask first [ ] private.- Hide quoted text - - Show quoted text -
[twitter-dev] Re: 403 on statuses longer than 140 characters
I don't suppose that the API documentation will be updated and made complete On Mar 19, 9:52 am, Mark McBride mmcbr...@twitter.com wrote: Abraham is correct. We only truncate text in the case of SMS tweets. We won't chop text off of tweets when posted via the API, however we will shorten URLs if it will get the tweet to fit into 140 characters. ---Mark http://twitter.com/mccv On Fri, Mar 19, 2010 at 8:52 AM, Abraham Williams 4bra...@gmail.com wrote: The URLs might be shortened not the text of the status itself. Abraham On Thu, Mar 18, 2010 at 22:03, Andy Freeman ana...@earthlink.net wrote: What in the return JSON tells us that you've shortened? For example, are you setting/returning truncate? Are you returning the shortened tweet in status? On Mar 18, 12:30 pm, Mark McBride mmcbr...@twitter.com wrote: I should clarify. Returning a 403 is what we do right now. Later today (hopefully) we will correct the behavior to return a 200 in this case. So short story: we'll be doing what you want us to do. ---Mark http://twitter.com/mccv On Thu, Mar 18, 2010 at 11:57 AM, Dewald Pretorius dewaldpub...@gmail.comwrote: In the announcement, Mark said, ...in the case that a long status can be reduced to under 140 characters by shortening URLs. In this case we return a 403 but successfully create the status. Any chance that you can instead return a 200? Returning a 403 while you actually created the status will cause confusion.- Hide quoted text - - Show quoted text - To unsubscribe from this group, send email to twitter-development-talk+ unsubscribegooglegroups.com or reply to this email with the words REMOVE ME as the subject. -- Abraham Williams | Community Advocate |http://abrah.am TwitterOAuth |http://github.com/abraham/twitteroauth This email is: [ ] shareable [x] ask first [ ] private. To unsubscribe from this group, send email to twitter-development-talk+ unsubscribegooglegroups.com or reply to this email with the words REMOVE ME as the subject.- Hide quoted text - - Show quoted text - To unsubscribe from this group, send email to twitter-development-talk+unsubscribegooglegroups.com or reply to this email with the words REMOVE ME as the subject.
[twitter-dev] Re: 403 on statuses longer than 140 characters
What in the return JSON tells us that you've shortened? For example, are you setting/returning truncate? Are you returning the shortened tweet in status? On Mar 18, 12:30 pm, Mark McBride mmcbr...@twitter.com wrote: I should clarify. Returning a 403 is what we do right now. Later today (hopefully) we will correct the behavior to return a 200 in this case. So short story: we'll be doing what you want us to do. ---Mark http://twitter.com/mccv On Thu, Mar 18, 2010 at 11:57 AM, Dewald Pretorius dewaldpub...@gmail.comwrote: In the announcement, Mark said, ...in the case that a long status can be reduced to under 140 characters by shortening URLs. In this case we return a 403 but successfully create the status. Any chance that you can instead return a 200? Returning a 403 while you actually created the status will cause confusion.- Hide quoted text - - Show quoted text - To unsubscribe from this group, send email to twitter-development-talk+unsubscribegooglegroups.com or reply to this email with the words REMOVE ME as the subject.
[twitter-dev] Re: Permanent Profile URL
However, there's still no way to reference a tweet using the user id. See http://code.google.com/p/twitter-api/issues/detail?id=1242 On Feb 23, 2:47 pm, Paul Tarjan ptar...@gmail.com wrote: Perfect, Marc hit the nail on the head. Thank you. http://twitter.com/account/redirect_by_id?id=14757201 On Feb 23, 10:53 am, Marc Mims marc.m...@gmail.com wrote: * Lil Peck lilp...@gmail.com [100223 10:48]: On Mon, Feb 22, 2010 at 11:10 PM, Paul Tarjan ptar...@gmail.com wrote: Is there a permanent profile URL for users? Something like http://twitter.com/account/profile?user_id=14757201 I'd like something that is ID based (since users can change their short form) but is guaranteed to resolve for a while. Possibly even 302ing to thehttp://twitter.com/name I could use http://api.twitter.com/1/users/show.xml?user_id=14757201 but it is rather long and doesn't return any nice HTML You could make a custom TinyURL. http://twitter.com/account/redirect_by_id?id=14757201 -Marc- Hide quoted text - - Show quoted text -
[twitter-dev] Re: How to show An application would like to connect to your account EACH TIME users login into my service?
Huh? http://apiwiki.twitter.com/Twitter-REST-API-Method:-oauth-authorize does not mention force_login. http://apiwiki.twitter.com/Twitter-REST-API-Method:-oauth-authenticate does. However, /oauth/authenticate leaves the user logged into twitter. On Feb 2, 12:00 pm, lalit goklani lgokl...@gmail.com wrote: You can also use 'force_login=true' parameter passed along with token while you are getting the authorization url for the link. That will always make user to login to twitter irrespective of they are logged in. -- Thanks. Lalit Twitter Facebook Application -http://www.twitsfb.com Article Directory -http://www.ezinearticles.biz Indian Mutual Funds -http://www.mutualfundsnavindia.com
[twitter-dev] Re: Possibility to link to the user page not by the name but by the id.
I starred 1412 and commented on 1242 that they're basically the same. On Jan 30, 11:46 pm, Ivan Glushkov gli.w...@gmail.com wrote: Oh, no! I haven't found it! I added comment in my issue that it's duplicate, but i don't know how to close it. On Sun, Jan 31, 2010 at 3:44 AM, Andy Freeman ana...@earthlink.net wrote: Argh! I opened such a feature request late last November AND you commented on it late last December. Seehttp://code.google.com/p/twitter-api/issues/detail?id=1242. On Jan 30, 11:17 am, Abraham Williams 4bra...@gmail.com wrote: There does not appear to be. You could open an feature request and maybe Twitter will augment ithttp://code.google.com/p/twitter-api/issues/entry. Abraham On Sat, Jan 30, 2010 at 02:06, Ivan Glushkov gli.w...@gmail.com wrote: Oh, thanks, Abraham! That's great! But why isn't it documented anywhere? And is there any way to redirect to some status of this user? I mean smth like http://twitter.com/account/redirect_by_id?id=9436992status=3 ??? Thanks once more, Ivan. On Fri, Jan 29, 2010 at 11:37 PM, Abraham Williams 4bra...@gmail.com wrote: Actually Twitter does support it. http://twitter.com/account/redirect_by_id?id=9436992 Abraham On Wed, Jan 27, 2010 at 06:42, Ivan gli.w...@gmail.com wrote: Hi. I don't need an application that is able to handle this. Instead i need changes in the twitter API so i can refer to the users and their statuses using the user id, not the username. This is a problem for the aggregator, and there users (so it become also a problem for the twitter users). Is there any plan in this direction? Ivan. On 21 янв, 06:03, Abraham Williams 4bra...@gmail.com wrote: I remember this topic coming up before and it seems like someone built an application that handled this but I can't find any references to it. Maybe somebody else can? Abraham On Wed, Jan 20, 2010 at 06:29, Ivan gli.w...@gmail.com wrote: Hi. I tried to find the similar question here (in google groups), in the FAQ and in the API, but couldn't find anything. The problem: Cross-posting the links to the user page and to some his statuses in the web become more and more popular. But, as i understood, you can't guarantee that this links not long after would not change the logical destination. For example I create some post about some twitter-user aaa and give the link twitter.com/aaa After that user “aaa” changed name to bbb and user ddd changed name to aaa. So my old link now points to the different person. This problem becomes more serious for the aggregators that don't know what content they might approve after a while. The simplest decision would be providing the possibility to link to the user not by name but also by id. That pages might be just redirections to the original user pages, it doesn't matter. For example if the user “aaa” have id 11, the following two links should point to the same page: twitter.com/aaa and twitter.com/id/11 This mechanism should also be applied for the statuses: twitter.com/id/11/statuses/22 Ivan. -- Abraham Williams | Moved to Seattle | May cause email delays Project | Intersect |http://intersect.labs.poseurtech.com Hacker |http://abrah.am|http://twitter.com/abraham This email is: [ ] shareable [x] ask first [ ] private. Sent from Seattle, WA, United States -- Abraham Williams | Moved to Seattle | May cause email delays Project | Out Loud |http://outloud.labs.poseurtech.com Hacker |http://abrah.am|http://twitter.com/abraham This email is: [ ] shareable [x] ask first [ ] private. Sent from Seattle, WA, United States -- Abraham Williams | Community Advocate |http://abrah.am Project | Out Loud |http://outloud.labs.poseurtech.com This email is: [ ] shareable [x] ask first [ ] private. Sent from Seattle, WA, United States- Hide quoted text - - Show quoted text -- Hide quoted text - - Show quoted text -
[twitter-dev] Re: Possibility to link to the user page not by the name but by the id.
Argh! I opened such a feature request late last November AND you commented on it late last December. See http://code.google.com/p/twitter-api/issues/detail?id=1242 . On Jan 30, 11:17 am, Abraham Williams 4bra...@gmail.com wrote: There does not appear to be. You could open an feature request and maybe Twitter will augment ithttp://code.google.com/p/twitter-api/issues/entry. Abraham On Sat, Jan 30, 2010 at 02:06, Ivan Glushkov gli.w...@gmail.com wrote: Oh, thanks, Abraham! That's great! But why isn't it documented anywhere? And is there any way to redirect to some status of this user? I mean smth like http://twitter.com/account/redirect_by_id?id=9436992status=3 ??? Thanks once more, Ivan. On Fri, Jan 29, 2010 at 11:37 PM, Abraham Williams 4bra...@gmail.com wrote: Actually Twitter does support it. http://twitter.com/account/redirect_by_id?id=9436992 Abraham On Wed, Jan 27, 2010 at 06:42, Ivan gli.w...@gmail.com wrote: Hi. I don't need an application that is able to handle this. Instead i need changes in the twitter API so i can refer to the users and their statuses using the user id, not the username. This is a problem for the aggregator, and there users (so it become also a problem for the twitter users). Is there any plan in this direction? Ivan. On 21 янв, 06:03, Abraham Williams 4bra...@gmail.com wrote: I remember this topic coming up before and it seems like someone built an application that handled this but I can't find any references to it. Maybe somebody else can? Abraham On Wed, Jan 20, 2010 at 06:29, Ivan gli.w...@gmail.com wrote: Hi. I tried to find the similar question here (in google groups), in the FAQ and in the API, but couldn't find anything. The problem: Cross-posting the links to the user page and to some his statuses in the web become more and more popular. But, as i understood, you can't guarantee that this links not long after would not change the logical destination. For example I create some post about some twitter-user aaa and give the link twitter.com/aaa After that user “aaa” changed name to bbb and user ddd changed name to aaa. So my old link now points to the different person. This problem becomes more serious for the aggregators that don't know what content they might approve after a while. The simplest decision would be providing the possibility to link to the user not by name but also by id. That pages might be just redirections to the original user pages, it doesn't matter. For example if the user “aaa” have id 11, the following two links should point to the same page: twitter.com/aaa and twitter.com/id/11 This mechanism should also be applied for the statuses: twitter.com/id/11/statuses/22 Ivan. -- Abraham Williams | Moved to Seattle | May cause email delays Project | Intersect |http://intersect.labs.poseurtech.com Hacker |http://abrah.am|http://twitter.com/abraham This email is: [ ] shareable [x] ask first [ ] private. Sent from Seattle, WA, United States -- Abraham Williams | Moved to Seattle | May cause email delays Project | Out Loud |http://outloud.labs.poseurtech.com Hacker |http://abrah.am|http://twitter.com/abraham This email is: [ ] shareable [x] ask first [ ] private. Sent from Seattle, WA, United States -- Abraham Williams | Community Advocate |http://abrah.am Project | Out Loud |http://outloud.labs.poseurtech.com This email is: [ ] shareable [x] ask first [ ] private. Sent from Seattle, WA, United States- Hide quoted text - - Show quoted text -
[twitter-dev] Re: Search API: new HTTP response code 420 for rate limiting starting 1/18/2010
(1) When will http://apiwiki.twitter.com/HTTP-Response-Codes-and-Errors be updated? (2) How does 420 differ from 400? On Dec 22 2009, 4:19 pm, Wilhelm Bierbaum wilh...@twitter.com wrote: Eventually the REST API will return the same 420 response code to indicate rate limiting. We wanted to change as little as possible to get people comfortable with the new response code. On Dec 22, 4:07 pm, Marco Kaiser kaiser.ma...@gmail.com wrote: yeah, doesn't make much sense to have two different codes indicating that the limit is exceeded... 2009/12/23 DustyReagan dustyrea...@gmail.com Will you be changing the REST API error code to match the Search API? RE: 420 = rate limit exceeded. On Dec 22, 4:44 pm, Wilhelm Bierbaum wilh...@twitter.com wrote: We're changing the response code sent back by the Search API when the rate limit has been exceeded. At present, it is impossible to distinguish rate limit responses from other error conditions in responses from the Search API -- this is what we're trying to fix. Starting Monday, January 18th, 2010 the Search API will respond with error code 420 in the event that the number of requests you have made exceeds the quota afforded by your assigned rate limit. Please update your response your response handler to accommodate this new behavior. Apologies for the false start last time this change was announced. If you have any questions, please feel free to post them on twitter-development-talk. Thanks!- Hide quoted text - - Show quoted text -
[twitter-dev] Re: Search API: new HTTP response code 420 for rate limiting now in effect
1) When will http://apiwiki.twitter.com/HTTP-Response-Codes-and-Errors be updated? (2) How does 420 differ from 400? On Jan 23, 4:21 pm, Wilhelm Bierbaum wilh...@twitter.com wrote: In accordance with our previous announcement, we have completed the change to Search API rate limiting response code. This change allows downstream systems to more appropriately respond to rate limiting. The original announcement follows: We're changing the response code sent back by the Search API when the rate limit has been exceeded. At present, it is impossible to distinguish rate limit responses from other error conditions in responses from the Search API -- this is what we're trying to fix. Starting Monday, January 18th, 2010 the Search API will respond with error code 420 in the event that the number of requests you have made exceeds the quota afforded by your assigned rate limit. If you have any questions, please feel free to post them on twitter-development-talk. Thanks!
[twitter-dev] Re: Sent URLs received incompletely if not urlencoded - how to fix?
I suspect that you're sending something like 'text ' + urlencode (url). Note that sending involves urlencoding. On the other end, twitter url urldecodes the status as a whole, but try to figure out what's url encoded in the status. Don't do that. Instead, send 'text ' + url. Your send routine should urlencode the whole thing. On the other end, twitter will urldecode that whole thing and you'll get what you want. Note that you do have to do something about '' and ''. . On Jan 18, 2:15 am, Tinobee tino...@googlemail.com wrote: hi ed, as i already stated 2 times i used urlencoding. i wanted to prevent my tweets looking like this http%3A%2F%2Fwww%2Fmydomain%2F.xyz %2Findex.php%3Fkey1%3Dvalue1%26key2%3Dvalue2%26%3Dvalue3 . this looks pretty ugly. i am basically wondering why there isn't a solution to wrap these ugly urls like hrefs in html using a title for the link name and a/a tags to wrap!? regards, tino On 17 Jan., 04:19, Ed Costello epcoste...@gmail.com wrote: Are you absolutely certain that the entireURLis being posted to twitter? Is it possible that some filter is interpreting the “” character and stripping off the remainingURLbefore you post it to twitter? Do you have a log of what is being transmitted to twitter? Are you transmitting through any proxies which could potentially be stripping the data off? Is twitter the only site with which this problem is occuring? I can’t reproduce the problem, including posting theURLyou listed, but I amURLencoding “” to “%26”. By definition (seehttp://apiwiki.twitter.com/Things-Every-Developer-Should-Know#5Parame...) tweets are supposed to beURLencoded before transmitting to twitter, so I don’t understand what you mean byURLencoding. If you want the “” to have meaning within your tweet (regardless of whether it’s in aURLor just text), you MUST convert it to %26 otherwise it will appear to twitter as a variable on par with source, geo, status and in_reply_to_status_id. If you are notURLencoding the tweet then start doing so. -- -ed costello- Hide quoted text - - Show quoted text -
[twitter-dev] Re: oAuth Authenticate vs. Authorize (force_login)
Then use authenticate. It accomplishes the same effect of authorize. Does it? My notes say that authenticate leaves the user logged into twitter if they weren't before and that authorize doesn't. For my purposes, I'd like to force the user to specify their twitter account and password even if they're already logged in and not change their login state (as far as twitter is concerned) at all. I can imagine folks who'd like to allow users to quickly authorize the use of the logged in account (if any) I can't imagine anyone who'd want to change the user's logged in state. On Dec 27, 6:08 pm, Abraham Williams 4bra...@gmail.com wrote: Then use authenticate. It accomplishes the same effect of authorize. On Sun, Dec 27, 2009 at 17:42, Justyn justyn.how...@gmail.com wrote: Thanks Abraham - I understand this is the current limitation, however I think there is a need for the foce_login to be available with the authorize function. The authorize landing page is confusing to users who want to sign-in with an account that is different from their latest session. The sign-out option is not obvious to users. This is based on user feedback, and I don't think we're the only ones having this issue. On Dec 27, 3:39 pm, Abraham Williams 4bra...@gmail.com wrote: force_login=true only works onhttps://twitter.com/oauth/authenticatenot onhttps://twitter.com/oauth/authorize. On Sat, Dec 26, 2009 at 23:23, el moro axel.sachm...@googlemail.com wrote: Hi, i'd like to use force_login too in my new Rails application. This parameter seems to be buggy. For me it' s not working too. On 24 Dez., 05:18, Justyn justyn.how...@gmail.com wrote: Hi guys - just wanted to make sure this stayed on the radar. I imagine others would like to use force_login for the Authorize function? On Dec 22, 4:46 pm, Justyn justyn.how...@gmail.com wrote: We've found it necessary to use the force_login method for Authorize because of the confusion many users have with the splash page shown on Authorize (many times they want to authorize a different account than their latest session), however Authorize does not support force_login. Is there a way around this, or can we get a version of authorize that bypasses the sign-out link to get the full credential input for our users? Many users have trouble with this. Thanks in advance! Justyn -- Abraham Williams | Awesome Lists |http://awesomeli.st Project | Intersect |http://intersect.labs.poseurtech.com Hacker |http://abrah.am|http://twitter.com/abraham This email is: [ ] shareable [x] ask first [ ] private. Sent from Madison, WI, United States -- Abraham Williams | Awesome Lists |http://awesomeli.st Project | Intersect |http://intersect.labs.poseurtech.com Hacker |http://abrah.am|http://twitter.com/abraham This email is: [ ] shareable [x] ask first [ ] private. Sent from Madison, WI, United States- Hide quoted text - - Show quoted text -
[twitter-dev] Re: oAuth Authenticate vs. Authorize (force_login)
Then use authenticate. It accomplishes the same effect of authorize.
Does it? My notes say that authenticate leaves the user logged into
twitter if they weren't before and that authorize doesn't.
For my purposes, I'd like to force the user to specify their twitter
account and password even if they're already logged in and not change
their login state (as far as twitter is concerned) at all.
I can imagine folks who'd like to allow users to quickly authorize
the
use of the logged in account (if any)
I can't imagine anyone who'd want to change the user's logged in
state.
Then again, my notes also say that
onhttps://twitter.com/oauth/authenticate?force_login=true?{signed
args} works.
On Dec 27, 6:08 pm, Abraham Williams 4bra...@gmail.com wrote:
Then use authenticate. It accomplishes the same effect of authorize.
On Sun, Dec 27, 2009 at 17:42, Justyn justyn.how...@gmail.com wrote:
Thanks Abraham - I understand this is the current limitation, however
I think there is a need for the foce_login to be available with the
authorize function. The authorize landing page is confusing to users
who want to sign-in with an account that is different from their
latest session. The sign-out option is not obvious to users. This is
based on user feedback, and I don't think we're the only ones having
this issue.
On Dec 27, 3:39 pm, Abraham Williams 4bra...@gmail.com wrote:
force_login=true only works onhttps://twitter.com/oauth/authenticatenot
onhttps://twitter.com/oauth/authorize.
On Sat, Dec 26, 2009 at 23:23, el moro axel.sachm...@googlemail.com
wrote:
Hi, i'd like to use force_login too in my new Rails application. This
parameter seems to be buggy. For me it' s not working too.
On 24 Dez., 05:18, Justyn justyn.how...@gmail.com wrote:
Hi guys - just wanted to make sure this stayed on the radar. I
imagine
others would like to use force_login for the Authorize function?
On Dec 22, 4:46 pm, Justyn justyn.how...@gmail.com wrote:
We've found it necessary to use the force_login method for
Authorize
because of the confusion many users have with the splash page shown
on
Authorize (many times they want to authorize a different account
than
their latest session), however Authorize does not support
force_login.
Is there a way around this, or can we get a version of authorize
that
bypasses the sign-out link to get the full credential input for
our
users?
Many users have trouble with this.
Thanks in advance!
Justyn
--
Abraham Williams | Awesome Lists |http://awesomeli.st
Project | Intersect |http://intersect.labs.poseurtech.com
Hacker |http://abrah.am|http://twitter.com/abraham
This email is: [ ] shareable [x] ask first [ ] private.
Sent from Madison, WI, United States
--
Abraham Williams | Awesome Lists |http://awesomeli.st
Project | Intersect |http://intersect.labs.poseurtech.com
Hacker |http://abrah.am|http://twitter.com/abraham
This email is: [ ] shareable [x] ask first [ ] private.
Sent from Madison, WI, United States- Hide quoted text -
- Show quoted text -
[twitter-dev] Re: oAuth Authenticate vs. Authorize (force_login)
The difference (to my understanding) is that Authenticate does not authorize the app. Huh? Whether I use authorize or authenticate, my app can tweet etc on the user's behalf. What, exactly, do you think that authenticate and authorize do? I think that both can give my application a token that I can use to take actions on the user's behalf. I think that both do some sort of login or check before doing so. The difference that I see is in how twitter presents its questions regarding the account that is allowing my application to do its thing. That, and the bit that authenticate leaves folks logged in to twitter. On Dec 28, 5:27 pm, Justyn justyn.how...@gmail.com wrote: The difference (to my understanding) is that Authenticate does not authorize the app. We need to have the app authorized but want to give the user the chance to choose which account to login with (and Authorize). Ideally, twitter state would not be effected, and user could authorize an app with desired account (regardless of session) without clicking sign out. Justyn On Dec 28, 5:36 pm, Abraham Williams 4bra...@gmail.com wrote: That is true. Authenticate currently leaves the user logged in. I would prefer that get fixed rather then adding force_login to authorize as I view leaving users logged in as a security risk. Apparently Twitter does not: http://code.google.com/p/twitter-api/issues/detail?id=1070 On Mon, Dec 28, 2009 at 17:13, Andy Freeman ana...@earthlink.net wrote: Then use authenticate. It accomplishes the same effect of authorize. Does it? My notes say that authenticate leaves the user logged into twitter if they weren't before and that authorize doesn't. For my purposes, I'd like to force the user to specify their twitter account and password even if they're already logged in and not change their login state (as far as twitter is concerned) at all. I can imagine folks who'd like to allow users to quickly authorize the use of the logged in account (if any) I can't imagine anyone who'd want to change the user's logged in state. On Dec 27, 6:08 pm, Abraham Williams 4bra...@gmail.com wrote: Then use authenticate. It accomplishes the same effect of authorize. On Sun, Dec 27, 2009 at 17:42, Justyn justyn.how...@gmail.com wrote: Thanks Abraham - I understand this is the current limitation, however I think there is a need for the foce_login to be available with the authorize function. The authorize landing page is confusing to users who want to sign-in with an account that is different from their latest session. The sign-out option is not obvious to users. This is based on user feedback, and I don't think we're the only ones having this issue. On Dec 27, 3:39 pm, Abraham Williams 4bra...@gmail.com wrote: force_login=true only works onhttps:// twitter.com/oauth/authenticatenot onhttps://twitter.com/oauth/authorize. On Sat, Dec 26, 2009 at 23:23, el moro axel.sachm...@googlemail.com wrote: Hi, i'd like to use force_login too in my new Rails application. This parameter seems to be buggy. For me it' s not working too. On 24 Dez., 05:18, Justyn justyn.how...@gmail.com wrote: Hi guys - just wanted to make sure this stayed on the radar. I imagine others would like to use force_login for the Authorize function? On Dec 22, 4:46 pm, Justyn justyn.how...@gmail.com wrote: We've found it necessary to use the force_login method for Authorize because of the confusion many users have with the splash page shown on Authorize (many times they want to authorize a different account than their latest session), however Authorize does not support force_login. Is there a way around this, or can we get a version of authorize that bypasses the sign-out link to get the full credential input for our users? Many users have trouble with this. Thanks in advance! Justyn -- Abraham Williams | Awesome Lists |http://awesomeli.st Project | Intersect |http://intersect.labs.poseurtech.com Hacker |http://abrah.am|http://twitter.com/abraham This email is: [ ] shareable [x] ask first [ ] private. Sent from Madison, WI, United States -- Abraham Williams | Awesome Lists |http://awesomeli.st Project | Intersect |http://intersect.labs.poseurtech.com Hacker |http://abrah.am|http://twitter.com/abraham This email is: [ ] shareable [x] ask first [ ] private. Sent from Madison, WI, United States- Hide quoted text - - Show quoted text - -- Abraham Williams | Awesome Lists |http://awesomeli.st Project | Intersect |http://intersect.labs.poseurtech.com Hacker |http://abrah.am|http://twitter.com/abraham This email is: [ ] shareable [x] ask first [ ] private. Sent from
[twitter-dev] Re: Getting friends as usernames instead of user ids
we are working on releasing a bulk lookup API (i don't have a release date on it yet), and you will be able to use that for this purpose. It would be a big help if there were status urls that used ids - that is, an equivalent to http://twitter.com/raffi/status/7034429825 in terms of your user id, and a user info url like http://twitter.com/raffi in terms of the relevant user id. Note that user ids are permanent, so With those two url forms, many applications could use stale user names in many circumstances. On Dec 24, 11:52 am, Raffi Krikorian ra...@twitter.com wrote: we are working on releasing a bulk lookup API (i don't have a release date on it yet), and you will be able to use that for this purpose. On Thu, Dec 24, 2009 at 10:31 AM, Michael mbw...@gmail.com wrote: I am using thehttp://twitter.com/friends/ids.xml?screen_name=$username method to get a list of friends for a user. However, the friends come back as ids. Is there anyway I can convert these ids to their usernames? -- Raffi Krikorian Twitter Platform Teamhttp://twitter.com/raffi
[twitter-dev] Re: Getting friends as usernames instead of user ids
we are working on releasing a bulk lookup API (i don't have a release date on it yet), and you will be able to use that for this purpose. It would be a big help if there were status urls that used ids - that is, an equivalent to http://twitter.com/raffi/status/7034429825 in terms of your user id, and a user info url like http://twitter.com/raffi in terms of the relevant user id. Note that user ids are permanent, so With those two url forms, many applications could use stale user names in many circumstances. Filed as http://code.google.com/p/twitter-api/issues/detail?id=1242 On Dec 25, 11:11 am, Raffi Krikorian ra...@twitter.com wrote: that's true! you could see what your friends are up to, and as they tweet, gather the information on what screen names map to what IDs. On Fri, Dec 25, 2009 at 5:21 AM, stephane stephane.philipa...@gmail.comwrote: you can also use the statuses/friends method : http://apiwiki.twitter.com/Twitter-REST-API-Method%3A-statuses%C2%A0f... Merry Christmas ! Stephane @sphilipakis On Dec 25, 3:19 am, Raffi Krikorian ra...@twitter.com wrote: unfortunately, yes. On Thu, Dec 24, 2009 at 12:12 PM, Michael mbw...@gmail.com wrote: Ok, thanks! So, in the meantime you would say that the only way to do this is run through all the ids, callhttp://twitter.com/users/show.xmloneach id, and parse out the ursername from the xml returned? On Dec 24, 2:52 pm, Raffi Krikorian ra...@twitter.com wrote: we are working on releasing a bulk lookup API (i don't have a release date on it yet), and you will be able to use that for this purpose. On Thu, Dec 24, 2009 at 10:31 AM, Michael mbw...@gmail.com wrote: I am using thehttp:// twitter.com/friends/ids.xml?screen_name=$username method to get a list of friends for a user. However, the friends come back as ids. Is there anyway I can convert these ids to their usernames? -- Raffi Krikorian Twitter Platform Teamhttp://twitter.com/raffi -- Raffi Krikorian Twitter Platform Teamhttp://twitter.com/raffi -- Raffi Krikorian Twitter Platform Teamhttp://twitter.com/raffi- Hide quoted text - - Show quoted text -
[twitter-dev] Re: Question about Twitter use in library names
IANAL but you might want to look do a trademark search. Some relevant links are at http://uspto.gov/ . On Dec 4, 1:39 pm, Duane Roelands duane.roela...@gmail.com wrote: A question for the Twitter team: I'm the developer and maintainer of an open source library called TwitterVB. Can I expect a nastygram from your lawyers at some point? Or is there some way I can have the project vetted to avoid such a thing in the future?
[twitter-dev] Re: Where is the Twitter WADL?
Please don't spend any time on a WADL. The twitter interface is both simple and small. If it's an obstacle to someone On Oct 20, 8:01 am, Chad Etzel c...@twitter.com wrote: Hi Edd, We may provide a WADL in the future, but right now one is not available. -Chad On Tue, Oct 20, 2009 at 5:33 AM, Edd e...@eddgrant.com wrote: Hi All, I am keen to start implementing a Twitter Web Service application but I can't find any published WADL in the Twitter API docs. My IDE (NetBeans) contains a partial API WADL but I can't find the full API anywhere. Could someone please point me in the direction of this? I'm suprised it's so hard to find. Many thanks, Edd- Hide quoted text - - Show quoted text -
[twitter-dev] Re: flagged as dupe post when string is unique (ideas?)
as noted by other people on this list, twitter is currently rejecting tweets that match either your last update, or an update you recently sent. unfortunately, the API is currently silently failing but it is on the short list to have the API return an error code instead. Can you confirm what match means? Is it same character sequence or is it similar character sequence? I ask because John Kalucki wrote Is the posted status similar to any other status created by that user? above in response to a question about duplicate rejection. Thanks, -andy On Nov 3, 3:35 pm, Raffi Krikorian ra...@twitter.com wrote: Is the posted status similar to any other status created by that user? Does the above imply that similar will trigger the dup detector? Argh! Please don't tell me that you're now rejecting similar tweets Url shorteners can easily generate similar urls, so if someone is in the habit of tweeting check this out followed by a shortened url, the tweet text is likely to be similar even though the actual url is different. Heck, urls that are similar often point to very different web pages. There are lots of other cases where similar tweets can actually be very different, and thus should not be rejected as duplicates. (I've heard of a project that tweets data that is guaranteed to be unique but is reasonably likely to be similar because of aggressive encoding.) as noted by other people on this list, twitter is currently rejecting tweets that match either your last update, or an update you recently sent. unfortunately, the API is currently silently failing but it is on the short list to have the API return an error code instead. -- Raffi Krikorian Twitter Platform Team ra...@twitter.com | @raffi- Hide quoted text - - Show quoted text -
[twitter-dev] Re: flagged as dupe post when string is unique (ideas?)
Is the posted status similar to any other status created by that user? Does the above imply that similar will trigger the dup detector? Argh! Please don't tell me that you're now rejecting similar tweets Url shorteners can easily generate similar urls, so if someone is in the habit of tweeting check this out followed by a shortened url, the tweet text is likely to be similar even though the actual url is different. Heck, urls that are similar often point to very different web pages. There are lots of other cases where similar tweets can actually be very different, and thus should not be rejected as duplicates. (I've heard of a project that tweets data that is guaranteed to be unique but is reasonably likely to be similar because of aggressive encoding.) On Nov 1, 6:22 am, John Kalucki jkalu...@gmail.com wrote: Is the posted status similar to any other status created by that user? -John Kaluckihttp://twitter.com/jkalucki Services, Twitter Inc. On Oct 31, 8:12 am, gembry gem...@gmail.com wrote: Hello Folks, (fishing for input) thx Not really sure what’s going on here. Below you will find what I am sending and what is coming back from the Twitter API. You can see that what is being sent doesn’t even come close to what is up there now. Am I missing something here? What am I doing wrong? Why is this completely different sting not posting? Sending method=post url=http://twitter.com/statuses/update.xml?status=Great%20Job%20for %20OAS%20TEST%20ONLY%20in%20California%2DAnaheim%2FHuntington%20Beach %2E%20http%3A%2F%2Flocalhost%2FAssignmentReady%2Findex%2Ecfm%3ForderID %3D2315510%26category%3DAllied%5FTravel%26ts%3D102809140819%20or %20800%2E469%2E5314 Result (from Twitter API) ?xml version=1.0 encoding=UTF-8? status created_atWed Oct 28 19:51:30 + 2009/created_at id5238791820/id textwhat/text sourceweb/source truncatedfalse/truncated in_reply_to_status_id/in_reply_to_status_id in_reply_to_user_id/ in_reply_to_user_id favoritedfalse/favorited in_reply_to_screen_name/in_reply_to_screen_name user id57127952/id nameLarp Master Flash/name screen_nameLarpMasterFlash/screen_name location/location description/description profile_image_urlhttp://s.twimg.com/a/ 1256674706/images/default_profile_0_normal.png/profile_image_url url/url protectedfalse/protected followers_count4/ followers_count profile_background_color9ae4e8/ profile_background_color profile_text_color00/ profile_text_color profile_link_colorff/profile_link_color profile_sidebar_fill_colore0ff92/profile_sidebar_fill_color profile_sidebar_border_color87bc44/profile_sidebar_border_color friends_count0/friends_count created_atWed Jul 15 20:31:16 + 2009/created_at favourites_count0/favourites_count utc_offset/ utc_offset time_zone/time_zone profile_background_image_urlhttp://s.twimg.com/a/1256674706/images/ themes/theme1/bg.png/profile_background_image_url profile_background_tilefalse/profile_background_tile statuses_count34/statuses_count notificationsfalse/ notifications geo_enabledfalse/geo_enabled verifiedfalse/ verified followingfalse/following /user geo/ /status Thanks for the input.- Hide quoted text - - Show quoted text -
[twitter-dev] Re: lang parameter in the search api
There are ways to figure out language with very short text. In fact, one can identify language changes in documents that contain text in multiple languages. http://www.stanford.edu/class/ee380/Abstracts/090114.html That's not to say that Twitter uses such methods, just that it's possible to identify languages in tweet-size documents. On Oct 26, 6:19 am, Nicole Simon nee...@gmail.com wrote: The language selection is useless, even with a limitation to English. The problem is probably that normal methods of attributing language are more or less based on longer text - and not text stripped down to 140 chars or less. If you want to make detection f.e. in search, rather get all results and apply common sense methods, like grep special words which most likely are only used in your language of choice. For real 'select your choice here' it is not going to work. At the current rate, this is rather hurting than helping. I instruct users in my book to rather use search which will limit itself, i.e. use German words if possible in search. Nicole -- My german twitter sitehttp://mit140zeichen.de-http://twitter.com/m140z Kontakt:http://twitter.com/NicoleSimonhttps://www.xing.com/profile/Nicole_Simon skype: nicole.simon / mailto:nicole.si...@mit140zeichen.de phone: +49 451 899 75 03 / mobile: +49 179 499 7076
[twitter-dev] Re: Bug? Updates 140 characters return success with prior update payload
Argh - if twitter is going to reject a dup status, I need to know what it's a dup of, not just the last status. On Oct 19, 2:47 am, Dave Sherohman d...@fishtwits.com wrote: On Sun, Oct 18, 2009 at 04:48:13PM -0700, Naveen wrote: I agree. A silent failure seems like the wrong behavior.. It should return an error if the tweet has failed to post. It's actually relatively benign in this specific case, since you can chop the status text down to 140 characters before submitting it, thus ensuring that it won't be rejected for length. However, Twitter has also gotten a bit more strict with blocking duplicate statuses. While testing my fix for the silently reject over- length status text problem, I was getting a lot of failures when I knew I was sending updates that were under 140 in length. It turned out that any update which was a duplicate of another update sent within the last hour (if not longer) was also being silently rejected in the same manner, even if it was not the same as the user's most recent status. This is not a failure mode which can be reliably anticipated or compensated for prior to submitting the update, therefore Twitter *must* provide some indication in the response that it was rejected. There may also be other circumstances in which an update will silently fail which I haven't yet discovered. My current attempt at working around this is to compare the returned status ID against the highest ID previously seen by my application and, if the returned ID is not greater than the previous highest, reporting that the update was rejected for an unspecified reason. I don't like being unable to tell my users why it failed, but that seems to be the most reliable way of detecting these silent update failures until/ unless Twitter provides notification that the update was rejected and at least a hint as to why. Also this change was made without any announcement that I recall seeing or can find now. This is a pretty significant change in behavior for existing clients.. We are failing to post because people are not getting an error and they believe it is our problem. Agreed. That is a definite problem. -- Dave Sherohman
[twitter-dev] Re: Duplicate Tweets
One thing to do is include the date/time that no chains are required. In general, status messages should be timestamped because it's almost always important to know when they were generated. Yes, tweets are timestamped, but that's the tweet's timestamp, not the date that the status was actually generated by the service. (Yes, the two will be reasonably close when things are going well, but ) On Oct 15, 11:01 pm, John Kalucki jkalu...@gmail.com wrote: I don't know about paygrade, but more than a few Twitter employees follow i80chains during the season. We hear you. I just don't know what to suggest be done about the situation. On Oct 15, 11:09 am, Toxic phoneybolo...@gmail.com wrote: On Oct 15, 7:50 am, Ryan Sarver rsar...@twitter.com wrote: 1. Duplicate tweets HAS always been considered a violation. Sure, it's always been a reason to kick someone off, but by attempting to automatically police it, you've managed to take out a couple of quite legitimate services, some of which were using twitter in new and interesting ways. But for those collecting examples of collateral damage, I've got another one for you. Perhaps someone above the approptiate pay grade at Twitter is a skier/rider? Because this change in behavior (even if it's not a change in policy) is going to eliminate two resources that Bay Area skiers tend to use. Neither seems like something that Twitter wants to shut off, but neither can continue to operate with the current de-duplication filters: @i80chains. That rebroadcasts Caltrans's announcements for Interstate 80 in the Sierra Nevadas. During the winter, it lets people know when chains are required to drive over Donner Pass. When chain control is turned off, it tweets OPEN: NO RESTRICTIONS (or something to that effect). That all clear tweet is getting caught by the filters, which leaves out-of-date information on the stream/feed. It is as important to receive a tweet that says you don't need chains as it is to receive one that says you'll need them from Kingvale to Truckee, but as of right now, only one is allowed to get through. @tahoe_weather. Rebroadcasts National Weather Service warnings/ watches and announcements relevant to people in Tahoe. It also has a No active advisory tweet that it sends out when there are no longer any active weather statements. Again, these all clear tweets are getting filtered, which rather drastically reduces the usefulness of the bot. 2. In the Spam section of that policy we also clearly state that the rules will be changing as we adapt to new tactics I understand that it's impossible to really define spam and/or abuse, and that anything that's ultimately an announcement-bot is going to be walking a fine line. But those two bots above seem like they're not remotely abusive, do seem like they're useful, and they're getting swept up among the spammers.- Hide quoted text - - Show quoted text -
[twitter-dev] Re: OAuth wed desktop feedback
I know that you asked about oauth workflow, but curl is really useful for debugging purposes. I mention that because using curl with oauth is very painful. I'm not sure what you can do about that. Perhaps calls using basic authentication could have very stringent rate restrictions. This would address two issues because it would let us provoke rate-limits to test our responses without having to generate lots of load. On Oct 12, 10:01 am, Ryan Sarver rsar...@twitter.com wrote: Hey everyone, I wanted to email the list to start gathering some feedback on how we can improve the OAuth workflow. As we have discussed in the past, Basic Auth is going to be deprecated at some point in the future for OAuth and we want to make sure we improve the experience to meet everyone's needs. I am interested in capturing feedback for both the web and desktop workflows. 1. What can be improved about the web workflow? 2. What can be improved about the desktop workflow? 3. What other models of distributed auth do you think we could learn from and what specifically about them? 4. What could we improve around the materials for integrating OAuth into your application? We really appreciate your feedback. Best, Ryan
[twitter-dev] http vs https for twitter api calls
When should I use https instead of http in twitter api calls? I'd guess that it's okay to use http for oauth-authenticated /show/ user and maybe /statuses/update, but what about the four oauth calls (/ oauth/request_token, /oauth/authorize, /oauth/authenticate, and /oauth/ access_token)? Thanks, -andy
[twitter-dev] Re: http vs https for twitter api calls
The authenticated calls are signed with a 'secret' but don't return secret information. The /oauth calls are also signed with a secret but do return secret information. On Oct 3, 10:16 am, Adam Shannon a...@ashannon.us wrote: HTTPS is a secure and encrypted transfer protocol for HTTP. HTTPS is designed to hide sensitive data (passwords, credit card numbers) from malicious persons. So it's safe to say that whenever you will be transferring sensitive data (OAuth, passwords) you should use HTTPS. On Sat, Oct 3, 2009 at 12:03 PM, Andy Freeman ana...@earthlink.net wrote: When should I use https instead of http in twitter api calls? I'd guess that it's okay to use http for oauth-authenticated /show/ user and maybe /statuses/update, but what about the four oauth calls (/ oauth/request_token, /oauth/authorize, /oauth/authenticate, and /oauth/ access_token)? Thanks, -andy -- - Adam Shannon (http://ashannon.us)
[twitter-dev] Re: Changes to Twitter TOS/Rules.
How can an application determine that an account has been suspended? Please assume that the application has OAuth read/write for the account. Thanks, -andy On Sep 15, 9:28 am, John Kalucki jkalu...@gmail.com wrote: The account will be suspended. It won't work, and it won't be visible. You can file a support ticket and contemplate your apparent or actual transgressions as you wait for them to sort out the account's fate. At first glance this may not seem fair, but the vast majority of accounts that are suspended are indeed spammy, and it takes a while to weed through the piles of disinformation to find the proportionally very few false positives. -John On Sep 15, 9:20 am, Joseph Cheek jos...@cheek.com wrote: out of curiosity, how can you tell if your account is flagged as spammy, and what can you do about it? Joseph Cheek jos...@cheek.com,www.cheek.com twitter:http://twitter.com/cheekdotcom John Kalucki wrote: This is taken from the Twitter Rules, not the TOS, so this isn't expressly against the TOS. Rather, this is one guideline of many that Twitter may use to determine if an account is spammy. If job postings are otherwise good and useful, I wouldn't fret too much. But, I'd also expect that you just might, on rare occasion, may have to deal with getting your accounts unflagged as spammy. -John Kalucki http://twitter.com/jkalucki Services, Twitter Inc. On Sep 15, 7:58 am, HardipSingh mr.hardip.si...@gmail.com wrote: I am curious how the following rule impact those that are auto- tweeting job links to #jobs and the other twitter job boards. * If your updates consist mainly of links, and not personal updates; Does this mean that we are in violation of this rule if I have an account that is primarily responsible for tweeting job links? Thanks in advance for your time. ~ H- Hide quoted text - - Show quoted text -
[twitter-dev] Re: How do I get the user_id for a screen_name WITHOUT
My apologies. I meant WITHOUT using (a rate-limited call or one with authentication). In other words, I want an unauthenticated and rate- unlimited way to translate an id into a screen name. FWIW, I plan to cache the screen name for a given id for a reasonable period of time, but I may need to translate lots of ids in a short period of time. I'd be happy to use a scheme that let me subscribe to screen name changes for specified ids, but I didn't see anything like that in the api. (That would be less overhead because screen names don't change very often.) In almost every case, I'm translating user ids to scree names I can produce links like http://twitter.com/al3x (which spews html) given a user_id. That's why I'd be (mostly) satisfied with a url format in terms of user_ids to accomplish the same thing. Unfortunately, my users aren't authenticated. Thanks, -andy On Sep 28, 10:31 pm, Chad Etzel c...@twitter.com wrote: Uh, I guess it was unclear from the subject/body split of the question what exactly was meant... How do I get the user_id for a screen_name WITHOUT using a rate-limited call or one with authentication. ...can be read: How do I get the user_id for a screen_name without using a rate-limited call? And, how do I get the user_id for a screen_name without using one with authentication. ...or, it could be read: How do I get the user_id for a screen_name without using a rate-limited call? Or, how do I get the user_id for a screen_name using one with authentication. I read it the first way, due to the subject/body split... Boolean algebra, ftw? -Chad On Tue, Sep 29, 2009 at 1:17 AM, Abraham Williams 4bra...@gmail.com wrote: You can make any of the REST API calls with authentication. Abraham On Mon, Sep 28, 2009 at 22:10, Andy Freeman ana...@earthlink.net wrote: using a rate-limited call or one with authentication. I'd be (mostly) satisfied with an analog tohttp://twitter.com/al3xin terms of user-id. -- Abraham Williams | Community Evangelist |http://web608.org Hacker |http://abrah.am|http://twitter.com/abraham Project |http://fireeagle.labs.poseurtech.com This email is: [ ] blogable [x] ask first [ ] private. Sent from Madison, WI, United States- Hide quoted text - - Show quoted text -
[twitter-dev] How do I get the user_id for a screen_name WITHOUT
using a rate-limited call or one with authentication. I'd be (mostly) satisfied with an analog to http://twitter.com/al3x in terms of user-id.
