[twitter-dev] Re: oAuth still working for everyone.?
Update to the latest version. oauth_verifier was added earlier this month. On Dec 2, 3:41 pm, LeeS - @semel lse...@gmail.com wrote: The open source library I was using omitted oauth_verifier, which apparently was not required for oauth to work previously. Thanks to Dave Taylor for pointing this out. Lee On Dec 2, 6:09 pm, Dave-twiends i...@davesumter.com wrote: Thanks, I'm up again, looks like it was just oauth_verifier that I was missing... Phew.. I'll take some time this week to read the spec in detail and make sure I'm not missing anything else.. Thanks Dave On Dec 2, 10:59 pm, Taylor Singletary taylorsinglet...@twitter.com wrote: Hi Folks, We're going to rollback a subset of these changes for now. Before we give this another try, we'll let everyone know the specific pain points and give some time to adjust to them. In the meantime, those who experienced trouble today will want to verify that their libraries are doing the right thing in regard to the bullet points I posted above. Also useful is making sure that you don't send additional headers related to basic auth in an OAuth request, that you're using the proper, versioned api-subdomain end points, etc. Dave: It's pretty crucial that you send an oauth_verifier on the access token step. It's not valid OAuth 1.0a without it. Sorry about the mess folks. We should never have let these bugs persist for so long. Taylor On Thu, Dec 2, 2010 at 2:45 PM, Tom van der Woerdt i...@tvdw.eu wrote: Waiting doesn't help solve the issue. The spec hasn't changed, the API is just a bit more watching for the mistakes which some developers tend to make. I'd recommend diving into the code and fixing the errors, instead of asking the Twitter API team to accept your broken OAuth implementations. :-) Tom On 12/2/10 11:42 PM, LeeS - @semel wrote: I am using this library on all my sites: https://github.com/jmathai/twitter-async, all of which are now broken and fail to let anyone log in. Any way this can be rolled back until all the various oAuth libraries people are using are brought up to date? Lee On Dec 2, 5:35 pm, Dave-twiendsi...@davesumter.com wrote: Thanks Taylor, yip unfortunately I wrote my oauth code about 18 months ago, before most of the libraries were out, so there could be anything wrong. It's probably not 100% spec compliant, which is probably why it broke. I've tracked down the issue to the access_token exchange part of the process. The access token's that I have from before are still working, just can't get new ones. I've noticed I'm not passing oauth_verifier back in the request, which could be causing the issue.. Will let you guys know how I get on... Thanks for the pointers Dave On Dec 2, 9:57 pm, Taylor Singletarytaylorsinglet...@twitter.com wrote: We've corrected a number of long-standing OAuth-related bug fixes -- mainly in areas where we more liberal than we should have been when verifying signatures. Here are a few things to verify: * Verify that you are using your consumer key where the consumer key is supposed to go. Compare this to what you see for you app on dev.twitter.com * Likewise, verify that you are using your consumer secret where it is supposed to go. Compare this to what you see for you app on dev.twitter.com * Laugh at the obviousness and absurdity of a check like that. Cry a little because we already know some people were doing the wrong thing here, especially on end points that didn't require authentication. * Verify that your timestamps are in range * If you're sending a request to a resource that doesn't require authentication but you're including OAuth credentials: - we used to just give you a free pass even if the credentials were incorrect. Hey, it doesn't require auth, so why bother checking? - now we check this. if you pass us an OAuth header or anything that looks like an OAuth-based request, we will check it for validity, even if it's a resource that doesn't require auth. We haven't changed anything about our actual core signature validation code -- what was a valid signature before should be a valid one now. We're just checking the validity in more use cases than we were previously, and checking other validity points we were flexible with previously. Taylor On Thu, Dec 2, 2010 at 1:32 PM, Twitlongerstu...@abovetheinternet.org wrote: I'm seeing a lot of invalid/expired token errors. On Dec 2, 9:21 pm, Dave-twiendsi...@davesumter.com wrote: I noticed I've just started getting 401's for all my oAuth requests. Seems to be happening on more than one site for me.. My application keys
[twitter-dev] Re: Twitter + Gnip Partnership
I agree with blogging platforms and social networks but not the rest. Being an owner of a website does not imply that I'm a Google user. Nor is a musician a user of the used record store. On Nov 17, 8:48 pm, John Kalucki j...@twitter.com wrote: Every search engine, social network, blogging platform, content aggregator, and to a certain extent, every used book store and used record store... -JohnOn Wed, Nov 17, 2010 at 1:04 PM, Dewald Pretorius dpr...@gmail.com wrote: As a business model, is there another company that takes content, which its users create and enter into the company's service with no compensation, and then turns around and sells that content to third parties, still with no compensation to the creators of the content? I've been trying to think of another company that does this, but I'm striking a blank. I'm sure there must be others. On Nov 17, 4:55 pm, Adam Green 140...@gmail.com wrote: Ryan, I understand. I'm just happy to see you help companies put a real value on Twitter data in any form. And I'm happy to see Twitter find new ways to make money. You'll never hear everything online must be free from me. I go way back to when people paid for software, in a box, in stores. I'm also willing to bet that Twitter will eventually allow a paid market to develop in actual tweets as well as data derived from them. When Twitter IPOs, the market will demand that. Paying a third party to filter and rank tweets that can be displayed on a website seems perfectly legitimate. Why should every company have to pay to do their own API programming to display aggregated tweets, when they can pay someone for high quality tweets as a service? It seems illogical to me, and from the point of view of the tweet's author, the copyright issues are identical. On Wed, Nov 17, 2010 at 3:31 PM, Ryan Sarver rsar...@twitter.com wrote: Adam, it's a good question and it really comes down to what you are trying to re-sell. Re-syndication or re-sale of the actual tweets is strictly prohibited and won't change on our end. We are however, ok with reselling of data that results from analysis of the Twitter API. So a great example is Klout. They do a lot of work to determine a user's Klout score by analyzing the Twitter API and the content of tweets. They *are* able to resell their score, but they would not be able to resell the tweets that were used to determine that score. It's nuanced, so let me know if that makes sense. On Wed, Nov 17, 2010 at 12:55 PM, Adam Green 140...@gmail.com wrote: Ryan: Shannon raises a lot of great points, but I'd like to hear more about the issue of reselling data derived from a purchased stream. Right now the TOS says that you can't resell data from the API. I've been telling clients that eventually Twitter will decide to make money from the API, and when that happens there would have to be a way to resell what has been paid for. Now that you are selling access to the API, which I strongly agree with, will you allow a free market to evolve around that by making it possible for Twitter data retailers to grow businesses, as well as wholesalers like Gnip? Please, say yes. I'm hoping an Apple-style, control the distribution channel completely mindset doesn't develop at Twitter. I'm hoping Twitter wants to help the developer ecosystem turn into a true third party market. Letting developers sell data or help clients sell data is essential for that. On Wed, Nov 17, 2010 at 1:27 PM, Shannon Clark shannon.cl...@gmail.com wrote: Looking at Gnip's website they have the contact us for pricing links - will Twitter Gnip be making the pricing for the various levels public? Will companies that license the data be allowed to, in turn, sell services on top of that data - i.e. will this spark a new generation of products such as Scout Labs (now Lithium) or other analytics tools which are built by companies who have negotiated for full or partial firehose access but which are then used by clients of those companies each of whom will configure different queries and searches to monitor? And on a more technical level will Gnip and Twitter work together to make the transition for developers who might start building/testing a tool using Twitter's free API's but then later migrate to Gnip's commercial feeds as seemless as possible? Will the API calls etc be similar (or identical but with different URL's?) And a further query - you emphasize that this is for non-display services - does that mean, for example, that an analytics tool built using the new Mentions feed from Gnip cannot display the underlying Tweets that are returned by that feed? This would seem to severely limit the value and utility of such analytics to many businesses (who
[twitter-dev] Re: Is there stats for API clients usage?
Along the same lines I'd be interested in stats by user-agent. I'd be curious how many api calls are done through my PHP library on github :) On Sep 12, 11:56 am, D. Smith emai...@sharedlog.com wrote: Hello! I know Twitter published some statistics on how users generally use Twitter. I am looking for per-app stats, at least for the top 100 or so apps. Is there a stat like this available anywhere? I am just researching the popularity of various API based Twitter clients, very interested to know top 10 in Web, top 10 in Mobile. I hope someone has this stat, I am sure Twitter dev team has access to stats like this, please share it with the rest of us. Thanks! -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Twitter-async now let's you view a sequence diagram of calls
The twitter-async library on github now lets you easily view a sequence diagram of calls. This is specifically useful when you're making multiple calls asynchronously. Here's a sample output (looks better with fixed width font). http://wiki.github.com/jmathai/twitter-async/#sequence (http://api.twitter.com/1/direct_messages.json :: code=200, start=1283577305.2462, end=1283577305.5109, total=0.264562) [] (http://api.twitter.com/1/users/suggestions.json :: code=200, start=1283577305.2726, end=1283577305.3871, total=0.114419) [ = ] (http://api.twitter.com/1/statuses/public_timeline.json :: code=200, start=1283577305.2731, end=1283577305.4195, total=0.146262) [ ] -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: getStatusesMentions not working today....???
Depending on what version of the library you're using it may default to asynchronous mode. try print_r($mentions-response); On Aug 30, 8:44 pm, mirza mirza.ganba...@gmail.com wrote: hello my name is mirza. im new in develop twitter application. i think i have same problem. i want to get user mentions using get_statusesMentions(). i use epitwitter library. but the status result is empty. i dont know why. here is my code. $this-epiTwitter = new EpiTwitter($consumer-key,$consumer-secret, $user-reg_token,$user-access_token); $mentions = $this-epiTwitter-get_statusesMentions(array('max_id' = $user-last_status_id)); print_r($mentions); thanks best regards, mirza On Jul 22, 7:00 am, Mark Krieger markskrie...@gmail.com wrote: Matt, Thanks for the quick response. The call uses EpiTwitter.php, it looks like: Call Oauth to authenticate (this works), then: $val = $twitterObj-get_statusesMentions(array('since_id' = $lastid)); $arr = json_decode($val-responseText, true); if (empty($arr)) { $error = error text; log_message(...)} else ... It logs the error text showing the response through EpiTwitter was empty. Also, when I print $val-responseText, it is EMPTY. I've tried it on 4 twitter accounts I have, all of which have worked for many months in code which has not changed, it has only failed before when the api was down (like tuesday). And all other api calls which use similar code all work fine. I am stumped. I can send more data, like the $lastid, and my credentials for oauth to you, I would of course do that privately. I will run some more tests from here first I guess. Thanks, Mark On Jul 21, 4:49 pm, Matt Harris thematthar...@twitter.com wrote: Hi Mark, We aren't seeing any errors like this when we run some tests. Could you elaborate on what the bogus headers are? Matt On Wed, Jul 21, 2010 at 12:51 PM, Mark Krieger markskrie...@gmail.comwrote: My application has used getStatusesMentions for many months, it is only failing when twitter has had some problem, like two days ago, and in that case, everything is flaky. Today it is failing, but everything else works fine. Is this a known problem today? getStatusesMentions always comes back today with bogus headers Mark -- Matt Harris Developer Advocate, Twitterhttp://twitter.com/themattharris -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Site streams and privacy
I haven't kept up on the streaming API but read about the new Site Steam and it raised some privacy concerns. Specifically the fact that direct messages would be streamed from anyone that added your application. I understand this was always possible but the stream API makes it fairly trivial to collect all that data. It's also a privacy concern because of user intent. When someone adds an application my guess is that they're not intending on saying yes, gain access to my direct messages much less sign up to receive all my direct messages via a stream. Anyways, the stream API is awesome...but it's important to understand how users interact with applications and what their intentions are when they add (regardless of what they are in fact signing up for). I also realize all of this was previously possible but by making it easier it increases the chances that apps are accessing this data. Just thought I'd bring it up for discussion :) -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: Site streams and privacy
John, I know it doesn't introduce anything new (per my original post). I had a hard time coming up with an example but here's the best I could do. When I authorize application FOO to access my account I am giving them permission to poll for my direct messages. [Agreed] I am also giving them permission to listen to a stream which contains my direct messages. [Agreed] I am also giving Twitter permission to mail them a CD every month with all my direct messages. [Agreed] My point is...it's not about a violation of the existing terms. But there is a line - which I'm sure you'd draw before mailing out CDs - which I think the Site Stream is approaching. I'm not opposed to the Site stream - in fact I hope to use it. But I also don't have much personal information on Twitter (it's generally public - incl. DMs). But it could be for others. I'm sure you guys thought about it more than I have but it's worth bringing up. On Aug 30, 12:07 pm, John Kalucki j...@twitter.com wrote: Site Streams do not change anything in the Twitter privacy model. OAuth'ed applications have always been able to pull your direct messages via the REST API. -John Kaluckihttp://twitter.com/jkalucki Twitter, Inc. On Mon, Aug 30, 2010 at 12:05 PM, jmathai jmat...@gmail.com wrote: I haven't kept up on the streaming API but read about the new Site Steam and it raised some privacy concerns. Specifically the fact that direct messages would be streamed from anyone that added your application. I understand this was always possible but the stream API makes it fairly trivial to collect all that data. It's also a privacy concern because of user intent. When someone adds an application my guess is that they're not intending on saying yes, gain access to my direct messages much less sign up to receive all my direct messages via a stream. Anyways, the stream API is awesome...but it's important to understand how users interact with applications and what their intentions are when they add (regardless of what they are in fact signing up for). I also realize all of this was previously possible but by making it easier it increases the chances that apps are accessing this data. Just thought I'd bring it up for discussion :) -- Twitter developer documentation and resources:http://dev.twitter.com/doc API updates via Twitter:http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Re: Site streams and privacy
On Aug 30, 12:59 pm, M. Edward (Ed) Borasky zn...@borasky- research.net wrote: That's part of an application developer's responsibility - to make it clear what your application *does* on behalf of a user and how users can detect when it does something it *shouldn't* do. And yes, very few applications fully document that during the oAuth dialog, but it *does* need to be done somewhere. That's more my point and I'm not arguing that the Stream API shouldn't exist. I want to use it myself. I just don't believe users are really agreeing to this regardless if it's in the fine print or not. There's a fine line and it's being approached - that's all. I think it's a bigger issue with OAuth as a whole. Users don't really know what they're handing over since it's not their username and password. They continue under a false pretense that their information is still secure (citation needed). I don't think more words on the OAuth flow pages addresses this and the only way to solve this is to educate users (not an easy task). I hope in time users have a true understanding of what it means to allow this app because right now I don't believe they do. -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en
[twitter-dev] Anyone else having environmental issues posting image using PHP? - But still get a 200?
Been getting reports that users of twitter-async are having problems with the profile image and background APIs are returning a 200 response but not updating the image. I'm not sure what the exact reasons are but they seem to be environmental. Right now my best guess is that it is either ubuntu 10.4 or php 5.3. Regardless of the issue with the library is why a 200 is returned if the operation was not OK. Being tracked here: http://github.com/jmathai/twitter-async/issues/#issue/68 Working on: osx w/ php 5.2 and libcurl 7.19.7 ubuntu 9.10 w/ php 5.2 and libcurl 7.19.5 Not working on: ubuntu 10.4 w/ php 5.3.2 and libcurl 7.19.7
[twitter-dev] Re: Someone managed to get me to follow them w/o my intervention (@johnnymatosj)
So, I knew I wasn't hallucinating. Looks like this dude knew of the 'accept username' bug before me :). On Mar 19, 8:28 am, Abraham Williams 4bra...@gmail.com wrote: He had just over 1000 followers a few days ago as well:http://twitterholic.com/johnnymatosj On Thu, Mar 18, 2010 at 18:08, @kemeny_x loop...@gmail.com wrote: Apparently he started tweeting only a few day ago and has over 10,000 followers... others are noticing also: http://twitter.com/franklinpolanco/statuses/10588238989 On Mar 18, 6:32 pm, Andrew Badera and...@badera.us wrote: Ask them? I mean, this IS Twitter, right? ∞ Andy Badera ∞ +1 518-641-1280 Google Voice ∞ This email is: [ ] bloggable [x] ask first [ ] private ∞ Google me:http://www.google.com/search?q=andrew%20badera On Thu, Mar 18, 2010 at 6:31 PM, jmathai jmat...@gmail.com wrote: On Mar 18, 2:14 pm, TJ Luoma luo...@luomat.net wrote: http://search.twitter.com/search?q=johnnymatosj I used this: http://search.twitter.com/search?q=johnnymatosj+-from%3Ajohnnymatosj and saw two, including you. I'm seeing 3 or 4...not a huge total but just wondering if there's a security hole. This guy has a lot of followers and isn't following a ton of people. So he's either genuinely interesting or gaming the system. My guess? He's someone you were following who changed their twittername. He joined back in September 2009. Anyone you've followed since then who's gone missing? Possible. I'm only following 13 people...don't remember who all. This is a personal account I use only via a desktop client. Could be a switched username. But I can't verify that. To unsubscribe from this group, send email to twitter-development-talk+ unsubscribegooglegroups.com or reply to this email with the words REMOVE ME as the subject. To unsubscribe from this group, send email to twitter-development-talk+ unsubscribegooglegroups.com or reply to this email with the words REMOVE ME as the subject. -- Abraham Williams | Community Advocate |http://abrah.am TwitterOAuth |http://github.com/abraham/twitteroauth This email is: [ ] shareable [x] ask first [ ] private.
[twitter-dev] Re: Fred Wilson article on Twitter API
Libraries and examples. Understanding authentication isn't a prerequisite for building valuable apps. If a developer wants to understand OAuth then there is plenty of documentation out there for that. I think the biggest barrier is the complexity of beginning to understand the OAuth dance. If there was an interface of examples that libraries could implement then it would go a long way. Right now every library has it's own examples and it makes it difficult for users get up and running with something as basic as authentication. I'm thinking Hello world type examples that each library can provide in a consistent manner. On Apr 7, 3:30 pm, Raffi Krikorian ra...@twitter.com wrote: i would love to know how we can make oauth simpler for people. should we provide better documentation? examples? libraries? On Wed, Apr 7, 2010 at 3:07 PM, Lil Peck lilp...@gmail.com wrote: On Wed, Apr 7, 2010 at 1:53 PM, Mike Champion mike.champ...@gmail.com wrote: I'd be curious to hear what folks think. For me, the appeal of Twitter is its brevity and its simplicity for integration with one's website. I worry that once basic authentication is discontinued, that I will have to stop using Twitter in my web based apps. Seems to me that oauth is needlessly too complicated and bloated for many Twitter uses. I like it that Twitter has been a very simple service, and that because of the limit of its scope, there are opportunities for indepedent developers to create extensions for it. I am not at all enchanted by Facebook and whatever I do with Facebook is out of sheer necessity. -- To unsubscribe, reply using remove me as the subject. -- Raffi Krikorian Twitter Platform Teamhttp://twitter.com/raffi
[twitter-dev] Re: Bulk user lookup 502s
In my experience you have to deal with 502s. I had a retry mechanism in place which would retry a request up to 3 times if a 5xx response was received. This was ≈ 6 months ago so I'm not sure the current state of affairs. On Apr 2, 11:47 am, iematthew matthew.dai...@ientryinc.com wrote: Sorry, I hit the reply to author accidentally on my last reply. Sounds like what's happening is a caching latency. I've set my script to do an exponential backoff on the errors starting at 4 seconds, but none of the attempts ever requires more than the 4 second delay. Until the Twitter team can figure out an optimization for this I'll just keep the number of IDs per call down to 50 or less. Thanks for your time! On Apr 2, 12:31 pm, Raffi Krikorian ra...@twitter.com wrote: i'm not sure the time between your calls is at issue, but rather the number of items you are looking at one time. we'll look into it. On Fri, Apr 2, 2010 at 9:11 AM, iematthew matthew.dai...@ientryinc.comwrote: I'm looking at updating some of my systems to use the new bulk user lookup method, but I'm getting a high rate of 502 returns in my testing when I try to do more than about 50 IDs per request. Even at 50 IDs per call with a 1 second delay between each (this is a white- listed account), I still received about 16% 502s returned. When I pushed it up to 100 the failure rate was almost 100%. Is this a temporary glitch in the system, or should I plan on keeping my processes throttled down as far as the number of IDs per call? -- To unsubscribe, reply using remove me as the subject. -- Raffi Krikorian Twitter Platform Teamhttp://twitter.com/raffi
[twitter-dev] Re: Mad about lists and cursors... please help
Are you sure you're using the string representation of the cursor instead of the int? The API's cursor exceeds PHP's max integer value (generally). jmathai ~ $ php -r '$x = json_decode(1); echo $x; echo \n; var_dump($x===1); var_dump($x===1.111E+52);' 1.111E+52 bool(false) bool(true) jmathai ~ $ php -r '$x = 1; echo $x; echo \n; var_dump($x===1); var_dump($x===1.111E+52);' 1.111E+52 bool(true) bool(false) On Mar 31, 2:03 am, Diego Rin Martín diego@gmail.com wrote: Hi there, this is my first post to this group, i'm a spanish developer dealing with twitter api surprises, excuse my poor english, i'will do my best to comunicate nicest. So, to the problem, I'm trying to retrieve the lists for a user, via list/memberships get method, and passing cursor as parameter, I'm having got random results, I explain myself, sometimes I made a request (for user edans, that have a huge amount of pages to paginate) and I get one page, I pass cursor -1 and I get cursor 0, sometimes I get one page, I pass cursor -1 i get cursor 1331431515904087602, then I pass it and I get 0, sometimes I get a random number of pages, but never, never, be able to retrieve the total amount of pages. I use php twitter-async classes to comunicate with API, I thought that it could be the cause of the problem, but using direct curl (via php5- curl extension) calls I'm having the same issues. Same using json or xml. I'm always getting 200 responses, so the call finish in a correct way. any clue? I'm turning mad. Thanks in advance. diego. -- To unsubscribe, reply using remove me as the subject.
[twitter-dev] Re: Generating oauth_signature?
Likewise for my library - if you have questions let me know. I know both Abraham and mine have been used fairly extensively w/o issues. There's a somewhat comprehensive set of unit tests as well which you can run to see if they pass. On Mar 21, 11:32 am, KPL kapil.sa...@gmail.com wrote: Hello guys, I want to know if there's any function in PHP with which one can generate oauth_signature directly without using a library? I have tried to use JMathai's and Abraham's libraries for this purpose, but failed to do so. Help will be really appreciated. Regards, Kapeel S To unsubscribe from this group, send email to twitter-development-talk+unsubscribegooglegroups.com or reply to this email with the words REMOVE ME as the subject.
[twitter-dev] Re: Way to use JSON offline?
More specifically, try phpunit's mock object framework. http://www.phpunit.de/manual/3.0/en/mock-objects.html On Mar 20, 11:08 am, Andrew Badera and...@badera.us wrote: Read up on the concept of mocking. ∞ Andy Badera ∞ +1 518-641-1280 Google Voice ∞ This email is: [ ] bloggable [x] ask first [ ] private ∞ Google me:http://www.google.com/search?q=andrew%20badera On Sat, Mar 20, 2010 at 1:20 PM, Cassidy cassc...@gmail.com wrote: Anyone know a way to just use a local JSON file, taken from a twitter API call, to test an app with in PHP? Right now I'm testing with actual calls to the API, but I don't want to have to keep tracking how many calls I've made within the hour. Thanks! To unsubscribe from this group, send email to twitter-development-talk+unsubscribegooglegroups.com or reply to this email with the words REMOVE ME as the subject. To unsubscribe from this group, send email to twitter-development-talk+unsubscribegooglegroups.com or reply to this email with the words REMOVE ME as the subject.
[twitter-dev] Someone managed to get me to follow them w/o my intervention (@johnnymatosj)
Anyone seen this? User @johnnymatosj started showing up in my feed and I checked and oddly enough I was following him. I never heard of him so there is some bug or he got a hold of my password (this account hasn't added any oauth apps). I did a search and saw that others have had similar issues. http://search.twitter.com/search?q=johnnymatosj To unsubscribe from this group, send email to twitter-development-talk+unsubscribegooglegroups.com or reply to this email with the words REMOVE ME as the subject.
[twitter-dev] Re: Someone managed to get me to follow them w/o my intervention (@johnnymatosj)
On Mar 18, 2:08 pm, Dewald Pretorius dewaldpub...@gmail.com wrote: His website points to some viral marketing stuff. Does the auto following perhaps have something to do with some viral marketing campaign that requires following on Twitter, or asks for Twitter credentials? This is my personal account used to communicate with a few people. I haven't authorized any oauth applications and am only following 13 people. I'm just curious if something bigger is up. As certain as I can be, I didn't follow him or give him authorizationthough I know that's the first and most likely cause. To unsubscribe from this group, send email to twitter-development-talk+unsubscribegooglegroups.com or reply to this email with the words REMOVE ME as the subject.
[twitter-dev] Re: Someone managed to get me to follow them w/o my intervention (@johnnymatosj)
On Mar 18, 2:14 pm, TJ Luoma luo...@luomat.net wrote: http://search.twitter.com/search?q=johnnymatosj I used this: http://search.twitter.com/search?q=johnnymatosj+-from%3Ajohnnymatosj and saw two, including you. I'm seeing 3 or 4...not a huge total but just wondering if there's a security hole. This guy has a lot of followers and isn't following a ton of people. So he's either genuinely interesting or gaming the system. My guess? He's someone you were following who changed their twittername. He joined back in September 2009. Anyone you've followed since then who's gone missing? Possible. I'm only following 13 people...don't remember who all. This is a personal account I use only via a desktop client. Could be a switched username. But I can't verify that. To unsubscribe from this group, send email to twitter-development-talk+unsubscribegooglegroups.com or reply to this email with the words REMOVE ME as the subject.
[twitter-dev] Re: Introduce yourself!
Author of twitter-async which is a PHP library (oauth / basic) that supports asynchronous calls to Twitter's API. Also, founder of PubliciTweet but have since sold that. twitter-async: http://github.com/jmathai/twitter-async
[twitter-dev] Re: oauth_callback help
Without having tested it, I wouldn't be surprised if the callback url needs to be on the same domain as the url specified in application settings. Have you tried using a callback url to a random page on the domain of the application setting url? On Nov 24, 5:38 pm, Duane Roelands duane.roela...@gmail.com wrote: Trying to work through web authentication and running into a problem that I am sure someone else has solved. http://twitter.com/oauth/authorize?oauth_token=lM4ZRypYyYkA255S2dHVk6... I authorize the app, but I am not redirected to my localhost page - I am redirected to the URL in the application settings. Is my URL not properly formed?
[twitter-dev] Re: Get Twitter User Details on url click
Assuming you're talking about the url from your profile on twitter.com Don't know of a way to do this. You don't have access to twitter.com cookies and the referer is not really valuable here. On Nov 24, 3:09 am, Varun_EnableM avarunkumarsi...@gmail.com wrote: I want to track twitter name or Userid when he click on my publish URL on Twitter.
[twitter-dev] Re: Twitter PHP + CentOS
Check the versions of software you're using. CentOS likes to make you jump through hoops in order to get newer software. Namely, check your PHP version. On Nov 25, 9:08 am, aztroboy jbasur...@gmail.com wrote: Hello there! I'm using a PHP Twitter OAuth library (twitter.abrah.am), and it works perfect on Windows: the php script looks asks twitter for an auth token. However, as soon as I put the same script on CentOS (with its default httpd service), it won't give any auth tokens at all. The script uses cURL to get the token from twitter. I've used cURL (curlwww.google.com) and it works fine in console. What could be going wrong here? Is there something I should add of change first in order to receive the tokens? By the way, I got the CentOS default FW set allowing traffic on port 80 and SSH only. I would like to ask for a hint about what should I do, I'm kinda newbie on CentOS. thank you in advance
[twitter-dev] Twitter-async PHP (oauth basic) lib version 2 available
Anyone using twitter-async can upgrade to the 2.0 version. http://wiki.github.com/jmathai/twitter-async/twitter-async-20-release-notes Changes 1. Added a new (preferred) API You can now use get, post, delete, get_basic, post_basic and delete_basic 2. No longer asynchronous by default Most people were using it synchronously and didn’t understand why you had to access a response parameter to ensure the call completed. useAsynchronous(true) should be used if you want to use it that way or hard code the default value in EpiTwitter.php 3. Revamped the exceptions 4. Added support for versioned URLs 5. Exposed response headers 6. Exception::getMessage() returns the response as raw text and not an array of messages (even if debug is set to on) 7. Fixed lots and lots of bugs
[twitter-dev] Re: http://github.com/jwage/Twitter
Try one of these: http://github.com/jmathai/twitter-async http://github.com/abraham/twitteroauth On Nov 16, 9:38 am, Gaurav Shaha gauravshah...@gmail.com wrote: After running the example.php i am getting following errors. *Warning*: Unexpected character in input: '\' (ASCII=92) state=1 in * C:\wamp\www\Twitters\example.php* on line *5* *Warning*: Unexpected character in input: '\' (ASCII=92) state=1 in * C:\wamp\www\Twitters\example.php* on line *5* *Parse error*: syntax error, unexpected T_STRING in * C:\wamp\www\Twitters\example.php* on line *5 *Thank You in advance,* * -- Warm Regards, Gaurav Shaha 9823359549. Don't try to show off, just be youself and do what you ENJOY doing
[twitter-dev] Re: Can developer store twitter user's username password?
The preferred method is to do this using OAuth. I don't believe there was anything forbidding it explicitly since at one point it was the only option available. On Nov 16, 3:28 am, azhan azhan...@gmail.com wrote: Hello, Im a web developer wanted to add a twitter feed on my web. So that my user will store their twitter's username password in the profile and each time they login into my web, they can retrieve their twitter's update automatically displayed at the bottom of page upon login. My question here is, can i (a web developer) keep the twitter user's username password into my own database? If can't and forbid to do so, where can i find the term of use from twitter explaining on this matter? Thanks Azan
[twitter-dev] Re: Update Profile Background using oauth
You can use this to debug your signing process and find out where it's going awry: http://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iv-signing-requests/ On Nov 15, 9:51 pm, stevie stevie@gmail.com wrote: Hi All, Update profile background using twitter api is working fine with username and password but on oauth its causing the problem and returning the message Something is technically wrong. Thanks for noticing—we're going to fix it up and have things back to normal soon. I have tried passing the full image path(Absolute path) with @symbol before but same problem exits! $temp_img = 'D:/BackGroundPic/1.jpg'; $args = array('@image' = '@'.$temp_img); (or) $args = array('image' = '@'.$temp_img); But both results in unsuccessful. Any Suggestions to overcome this issue will be helpful. Thanks and regards, Steve
[twitter-dev] Re: Update Profile Background using oauth
Which library are you using? Looking at this line: $args = array('@image' = '@'.$temp_img); it appears you might be using twitter-async. On Nov 15, 9:51 pm, stevie stevie@gmail.com wrote: Hi All, Update profile background using twitter api is working fine with username and password but on oauth its causing the problem and returning the message Something is technically wrong. Thanks for noticing—we're going to fix it up and have things back to normal soon. I have tried passing the full image path(Absolute path) with @symbol before but same problem exits! $temp_img = 'D:/BackGroundPic/1.jpg'; $args = array('@image' = '@'.$temp_img); (or) $args = array('image' = '@'.$temp_img); But both results in unsuccessful. Any Suggestions to overcome this issue will be helpful. Thanks and regards, Steve
[twitter-dev] Re: PHP Libraries for OAuth
I pushed the 2.0 version of the library to Github and it includes quite a few changes. Docs: http://wiki.github.com/jmathai/twitter-async Release Notes: http://wiki.github.com/jmathai/twitter-async/twitter-async-20-release-notes # Added a new (preferred) API You can now use get, post, delete, get_basic, post_basic and delete_basic. Details here # No longer asynchronous by default Most people were using it synchronously and didn’t understand why you had to access a response parameter to ensure the call completed. useAsynchronous(true) should be used if you want to use it that way or hard code the default value in _EpiTwitter.php) # Revamped the exceptions Details on the new exception hierarchy # Added support for versioned URLs # Fixed lots and lots of bugs # Exposed response headers On Nov 2, 2:25 pm, jmathai jmat...@gmail.com wrote: I think it will benefit all users of the library to document the method names for every call. While it's somewhat trivial to determine the method names it still required just an ounce of brain power. That ounce should be save for other tasks :). It's been on my todo list to document them all, but I've been lazy :) On Nov 1, 3:21 pm, Michael Mokrysz m...@46bit.com wrote: Thanks to both of you, having taken a better look at epitwitter's code I'd have to agree that's it's best to switch. I still like to be able to pretty much copy and paste urls from the documentation rather than having think how to convert it into the (albeit ingenious) conversion method EpiTwitter uses so I think I'll probably rewrite the __call function a little but keep the rest of the code.
[twitter-dev] Re: PHP Libraries for OAuth
The new 2.0 version provides an alternative API to the __call method :). http://wiki.github.com/jmathai/twitter-async#usage_and_examples On Nov 1, 3:21 pm, Michael Mokrysz m...@46bit.com wrote: Thanks to both of you, having taken a better look at epitwitter's code I'd have to agree that's it's best to switch. I still like to be able to pretty much copy and paste urls from the documentation rather than having think how to convert it into the (albeit ingenious) conversion method EpiTwitter uses so I think I'll probably rewrite the __call function a little but keep the rest of the code.
[twitter-dev] Re: PHP Libraries for OAuth
I think it will benefit all users of the library to document the method names for every call. While it's somewhat trivial to determine the method names it still required just an ounce of brain power. That ounce should be save for other tasks :). It's been on my todo list to document them all, but I've been lazy :) On Nov 1, 3:21 pm, Michael Mokrysz m...@46bit.com wrote: Thanks to both of you, having taken a better look at epitwitter's code I'd have to agree that's it's best to switch. I still like to be able to pretty much copy and paste urls from the documentation rather than having think how to convert it into the (albeit ingenious) conversion method EpiTwitter uses so I think I'll probably rewrite the __call function a little but keep the rest of the code.
[twitter-dev] Re: Incorrect signature returned for Lists API
Nelu, While that works, I suggest using the ID over the username since a username with camel case will break the path regex. This should work with the newest version of the library from Github. I'm considering including an option to pass in the url as a string in the 2.0 version of the library. Jaisen On Nov 2, 7:53 am, Nelu Lazar cont...@nelulazar.com wrote: Figured the answer for the issue above, for @jmathai's EPITwitter library, here is the call code that works: $twitterOAuthObj-{'get_'.(string)strtolower ($username).'ListsMemberships'}(array(...)); - @NeluLazar On Nov 2, 10:37 am, Nelu Lazar cont...@nelulazar.com wrote: I am experiencing Incorrect signature responses while requesting any Lists API XMLs. hash request/tweetvisor/lists/subscriptions.xml/request errorIncorrect signature/error /hash I tried various methods, with no success: POST, GET, HTTPS (default), HTTP. It only happens to Lists API calls, all other released API calls are working fine. If anyone know what's going on, please advise. Thanks, - @NeluLazar
[twitter-dev] Re: Incorrect signature returned for Lists API
Michael, You're actually right. Didn't think about strtolower fixing the camel casing issue. Have a look at the last test case in EpiTwitterTest.php for example usage. I'll get around to increasing documentation soon (I hope). On Nov 2, 10:18 pm, Michael Steuer mste...@gmail.com wrote: Hi Jaisen, Doesn't Nelu's use of strtolower take care of your camel case concern? I just posted a comment on your blog - it'd be great if you could publish a couple lines around usage of your lib with the new lists URL structure etc. Thanks so much, Michael. On 11/2/09 9:51 PM, jmathai jmat...@gmail.com wrote: Nelu, While that works, I suggest using the ID over the username since a username with camel case will break the path regex. This should work with the newest version of the library from Github. I'm considering including an option to pass in the url as a string in the 2.0 version of the library. Jaisen On Nov 2, 7:53 am, Nelu Lazar cont...@nelulazar.com wrote: Figured the answer for the issue above, for @jmathai's EPITwitter library, here is the call code that works: $twitterOAuthObj-{'get_'.(string)strtolower ($username).'ListsMemberships'}(array(...)); - @NeluLazar On Nov 2, 10:37 am, Nelu Lazar cont...@nelulazar.com wrote: I am experiencing Incorrect signature responses while requesting any Lists API XMLs. hash request/tweetvisor/lists/subscriptions.xml/request errorIncorrect signature/error /hash I tried various methods, with no success: POST, GET, HTTPS (default), HTTP. It only happens to Lists API calls, all other released API calls are working fine. If anyone know what's going on, please advise. Thanks, - @NeluLazar
[twitter-dev] Re: New cursor methods are way too slow
I'm curious why you're using followers/ids and then users/show for each id? I tried using that and using statuses/followers and found that the total times were in the same ballpark. statuses/followers requires far fewer api calls if you're interested in user objects. FYI, I do want to add and say I agree that either method is EXTREMELY inefficient. Regardless what the argument against pages and for cursors are...the current implementation is painful from an end user perspective. Our backend doesn't really care, but our users don't like to wait 10-30 minutes for a web page to gather a social graph. I wish instead of a cursor I could get a snapshot id, # of pages and a page parameter. I don't know how it's implemented, but the ability to deterministically parallelize the calls - is such a benefit to the end user. Pages let me do that. On Oct 15, 9:17 am, Michael Steuer mste...@gmail.com wrote: That's great!! I'm currently using the suggested method (get IDs, then do users/show for each of them) and it's horrendously slow and cumbersome. It'd be great if you could get a 100 user objects at the time, based on 100 ids you provide.. On 10/14/09 7:30 PM, Chad Etzel c...@twitter.com wrote: I agree. I'm lobbying the team for something like this. -Chad On Wed, Oct 14, 2009 at 10:21 PM, Josh Roesslein jroessl...@gmail.com wrote: Yeah we really need a way to bulk request user payloads by giving a list of IDs. On Wed, Oct 14, 2009 at 9:19 PM, Tim Haines tmhai...@gmail.com wrote: Are you suggesting I should retrieve the 2k users 1 at a time from users/show once I have the ids? I'd essentially like to do this, but 100 at a time. I know I can get the 7000 ids in 2 calls (1 even without the cursors) - but I actually want the whole user objects.. Tim. On Oct 15, 2:56 pm, Chad Etzel c...@twitter.com wrote: If you are pulling down the entire social graph, why not use the social graph calls which would deliver all 7000 ids in 2 calls? You can also parallelize this process by looping through different users on each thread instead of using each thread to grab a different page/cursor of the same user. Regarding the code issue you submitted, if you have the users cached locally, you could use the social graph methods to determine the missing/new 2k users pretty quickly using the social graph methods and comparing ids. -Chad On Wed, Oct 14, 2009 at 9:50 PM, Tim Haines tmhai...@gmail.com wrote: Hi Chad, Statuses/followers. I've just timed another attempt - it took 25 minutes to retrieve 17957 followers with statuses/followers. Is there anything I can elaborate on in the filed issue to make it clearer? Tim. On Oct 15, 2:42 pm, Chad Etzel c...@twitter.com wrote: Hi Tim, You said Retrieving 7000 followers just took 20 minutes for me. Can you explain what you meant by that? Are you using the friends/ids, followers/ids methods or the statuses/friends, statuses/followers methods? -Chad On Wed, Oct 14, 2009 at 8:12 PM, Tim Haines tmhai...@gmail.com wrote: Hi'ya, I'm migrating my code to use cursors at the moment. It's frustrating that calls need to be synchronous rather than how paged calls could be asynchronous. Retrieving 7000 followers just took 20 minutes for me. I filed an issue that proposes a solution here: http://code.google.com/p/twitter-api/issues/detail?id=1078 If you retrieve friends or followers, please take a look and give it a star if it's important to you. If anyone can suggest a work around for this, I'd be happy to hear it. Cheers, Tim. -- Josh
[twitter-dev] Re: New cursor methods are way too slow
For clarification, an api to get user objects in bulk given a set of ids - would work just as well :). Rooting for Chad on that one. On Oct 15, 6:07 pm, jmathai jmat...@gmail.com wrote: I'm curious why you're using followers/ids and then users/show for each id? I tried using that and using statuses/followers and found that the total times were in the same ballpark. statuses/followers requires far fewer api calls if you're interested in user objects. FYI, I do want to add and say I agree that either method is EXTREMELY inefficient. Regardless what the argument against pages and for cursors are...the current implementation is painful from an end user perspective. Our backend doesn't really care, but our users don't like to wait 10-30 minutes for a web page to gather a social graph. I wish instead of a cursor I could get a snapshot id, # of pages and a page parameter. I don't know how it's implemented, but the ability to deterministically parallelize the calls - is such a benefit to the end user. Pages let me do that. On Oct 15, 9:17 am, Michael Steuer mste...@gmail.com wrote: That's great!! I'm currently using the suggested method (get IDs, then do users/show for each of them) and it's horrendously slow and cumbersome. It'd be great if you could get a 100 user objects at the time, based on 100 ids you provide.. On 10/14/09 7:30 PM, Chad Etzel c...@twitter.com wrote: I agree. I'm lobbying the team for something like this. -Chad On Wed, Oct 14, 2009 at 10:21 PM, Josh Roesslein jroessl...@gmail.com wrote: Yeah we really need a way to bulk request user payloads by giving a list of IDs. On Wed, Oct 14, 2009 at 9:19 PM, Tim Haines tmhai...@gmail.com wrote: Are you suggesting I should retrieve the 2k users 1 at a time from users/show once I have the ids? I'd essentially like to do this, but 100 at a time. I know I can get the 7000 ids in 2 calls (1 even without the cursors) - but I actually want the whole user objects.. Tim. On Oct 15, 2:56 pm, Chad Etzel c...@twitter.com wrote: If you are pulling down the entire social graph, why not use the social graph calls which would deliver all 7000 ids in 2 calls? You can also parallelize this process by looping through different users on each thread instead of using each thread to grab a different page/cursor of the same user. Regarding the code issue you submitted, if you have the users cached locally, you could use the social graph methods to determine the missing/new 2k users pretty quickly using the social graph methods and comparing ids. -Chad On Wed, Oct 14, 2009 at 9:50 PM, Tim Haines tmhai...@gmail.com wrote: Hi Chad, Statuses/followers. I've just timed another attempt - it took 25 minutes to retrieve 17957 followers with statuses/followers. Is there anything I can elaborate on in the filed issue to make it clearer? Tim. On Oct 15, 2:42 pm, Chad Etzel c...@twitter.com wrote: Hi Tim, You said Retrieving 7000 followers just took 20 minutes for me. Can you explain what you meant by that? Are you using the friends/ids, followers/ids methods or the statuses/friends, statuses/followers methods? -Chad On Wed, Oct 14, 2009 at 8:12 PM, Tim Haines tmhai...@gmail.com wrote: Hi'ya, I'm migrating my code to use cursors at the moment. It's frustrating that calls need to be synchronous rather than how paged calls could be asynchronous. Retrieving 7000 followers just took 20 minutes for me. I filed an issue that proposes a solution here: http://code.google.com/p/twitter-api/issues/detail?id=1078 If you retrieve friends or followers, please take a look and give it a star if it's important to you. If anyone can suggest a work around for this, I'd be happy to hear it. Cheers, Tim. -- Josh
[twitter-dev] Re: Issues I came across migrating to cursors
I'm doing statuses/followers (100 at a time) and it's taking me 1.5 minutes per 1,000 followers. Really painful. I implemented the other route using followers/ids and making a profile call for each in as parallel a way as possible and the total time was about the same. I am sticking with statuses/followers since it's lower overhead. On Oct 14, 5:48 pm, Michael Steuer mste...@gmail.com wrote: So now that you pulled down 7000 IDs, are you making 7000 user/show calls to get the rest of the details? How's that working out? On 10/14/09 5:03 PM, Tim Haines tmhai...@gmail.com wrote: I'm migrating my code now. I just pulled down 7000 users. If I get a bad response to a call I'll retry it up to 5 times. It took 20 mins and 1 hour, which is going to be troublesome. Tim. On Oct 7, 6:59 pm, jmathai jmat...@gmail.com wrote: So a user comes to the site and I need to build their social graph. I have two options. 1) Use followers/ids and get ids of all their followers 5,000 at a time 2) Use statuses/followers and get profiles of all followers 100 at a time Ids alone don't really do me much good. So option 2 is more efficient for me (unless there's a batch user fetch api I'm unaware of). That being said, if a user has 10,000 followers (not uncommon) then I have to make 100 API calls to fetch profiles for all the followers. Not a big deal. Except, Twitter gives me random errors. Sometimes it's a 502 and other times a 400. I'm not confident that I won't randomly receive a different 4xx or 5xx response. I tried to put code in place so that on 5xx responses that I would *continue* and retry the request. That's when I got a 400 response. I have yet to fetch someone's entire graph using a sample account with 13,000 followers. Has anyone successfully migrated tocursorsand consistently pulled down a large (10k) graph?
[twitter-dev] Re: Search API - HTTP Response Code 502, what to do?
Get used to receiving random 502 (and other response codes) from the Twitter API. If you don't know exactly what the code means I suggest retrying it. If it's explicit that you're being rate limited then wait before you retry. http://twitter.com/jkalucki/status/4686847704 http://twitter.com/jkalucki/status/4686422873 On Oct 9, 5:12 am, Zamite ekzam...@gmail.com wrote: Hey there, I'm posting this because I'm concerned with the possibility of exceeding the rate limit and so I would like advice on what to do. I have an application that does several queries to the Search API on several Geocode locations. The twitter Search API documentation clearly states that if I hit a 503 status code I should (and I do) have my application wait the time specified in the Retry-After header. However I haven't yet hit any 503 status codes, instead I'm receiving a few 502 http status codes with the infamous Time out! whale message. My question is: How should I process these? Since there is no Retry-After header on 502 codes I can't know how much time to wait. Will it influence my rate limiting, and get me banned if I ignore them? How long should I wait before the next request? (a few seconds, minutes, until the next hour?) Would appreciate any input I could get on this :) Thank you.
[twitter-dev] Re: friendship/create, and OAuth?
It also works using twitter-async. You can run the unit tests. http://github.com/jmathai/twitter-async/tree/master On Oct 5, 11:43 pm, Fahim fah...@gmail.com wrote: I have tested using three different libraries - one is MPOAuth, the other one is the PHP library linked to via the Twitter API wiki and the last one is my own custom Objective-C framework. None of them work - but only for the friendships/create method. The code works fine for other methods, as I mentioned. So I don't believe this is a signature issue. Plus, if the signature is invalid, the error should say Invalid signature rather than Page not found, right? Josh, which Python library did you use? Perhaps I can test using the same library and see what results I get to see where things might be going wrong ... regards, Fahim On Oct 6, 7:51 am, Josh Roesslein jroessl...@gmail.com wrote: I have tested friendships/create using my python libraryvia oauth and works fine. My guess is you are not generating a valid oauth request (ex. invalid signature). Could you provide a link to the code you are trying and what libraries you are using? It would help others in diagnosing your issue. Best of luck, Josh
[twitter-dev] Re: Twitter, Please Explain How Cursors Work
On Oct 6, 11:06 am, Jesse Stay jesses...@gmail.com wrote: I said the same thing in the last thread about this - still no clue what Twitter is doing with cursors and how it is any different than the previous paging methods. Jesse Is the main advantage that the new method takes a snapshot of the followers list and let's you page through them? I'd be willing to sacrifice some accuracy for speed since I'm not doing anything like auto-unfollow. From a sample set of 150k calls to the api the average latency I have (from the west coast) is .85 seconds. Grabbing a follower list serially, 100 at a time is painful. I much preferred what I was doing before (total # / 100 - fire off that many calls in parallel). If I dropped a few followers in the process, that was ok because it's so much faster and I don't need my copy of the social graph to be 100% accurate.
[twitter-dev] Re: [twitter Dev] Failed to validate oauth signature and token
The order of parameters shouldn't matter. What library are you using to generate the url? On Oct 6, 8:51 pm, ryan alford ryanalford...@gmail.com wrote: The signature needs to be at the end of the URL, not sorted with the other parameters. On Oct 6, 2009, at 11:47 PM, uookeng loque1...@nate.com wrote: I am trying to run a sample app but i am getting 401 error during request_token phase. Failed to validate oauth signature and token this is what i am accessing: http://twitter.com/oauth/request_token?oauth_consumer_key=HiQ2WSsefHS... What's problem this sentence Anybody help me plz..
[twitter-dev] Re: Rate limit response code(s)
Yea, I understood the differences. My question was why are there different response codes for the same result? I can understand the 503 being inherited from Summize. However, the 400 vs 403 seems like poor planning when building out the API. Is there a chance or are there any plans to unify the response codes to make more sense? On Oct 5, 6:48 pm, Chad Etzel c...@twitter.com wrote: Hello, On Mon, Oct 5, 2009 at 8:53 PM, jmathai jmat...@gmail.com wrote: Why are 400, 403 and 503 valid response codes to signify that a call is being rate limited? Was there a dart board involved? I don't know, but it would be really hard to play 301 with that dartboard. * 400 Bad Request: The request was invalid. An accompanying error message will explain why. This is the status code will be returned during rate limiting. This is for hourly rate limits for GET requests. 150 req/hr for the normal case (20k req/hr for whitelist). * 403 Forbidden: The request is understood, but it has been refused. An accompanying error message will explain why. This code is used when requests are being denied due to update limits. This is for daily update limits (POST requests: sending tweets and DMs, following people, etc). * 503 Service Unavailable: The Twitter servers are up, but overloaded with requests. Try again later. The search and trend methods use this to indicate when you are being rate limited. This is a hold-over from when Twitter Search was Summize. I expect if/when the Search and REST APIs merge into a single API that this rate-limit code will be 400 instead. -Chad
[twitter-dev] Re: SERIOUS Problem With Cursors In JSON Followers/Friends Ids
I like Abraham's idea: Twitter could add: next_cursor_string:1314614526448841129 Or a general return_as_string parameter which would return all values as strings. This would solve the problem for future values that might exceed the max int. There are going to be a lot of devs using PHP that don't have the option to switch to 64 bit or make any php.ini changes. On Sep 24, 12:29 pm, Dewald Pretorius dpr...@gmail.com wrote: That magical maximum number appears to be 1 (1.0E+12). So, for tweet ids we still have a bit of breathing space. Dewald On Sep 24, 4:18 pm, Dewald Pretorius dpr...@gmail.com wrote: Clearly PHP_INT_MAX plays no role in json_decode. There must be some other mystical maximum number above which it represents the number as float in the decoded data. Dewald
[twitter-dev] Re: SERIOUS Problem With Cursors In JSON Followers/Friends Ids
I don't think anyone's saying it's Twitter's problem (at least I hope not). It's the same issue as supporting Internet Explorer. You can bitch and complain all you want about IE not supporting standards but if it's the most popular (or one of the most popular) browsers that are in use --- then practical beats principle. My suggestion was to return everything as a string if that's how it's being requested. It's a safe backwards compatible addition that doesn't affect anyone that doesn't run into this problem. If your scope is limited to what startups can or can't afford, then that's really narrow. This applies to anyone consuming the API be than on a laptop for development or anything else. On Sep 25, 12:23 pm, David Fisher tib...@gmail.com wrote: I'm sorry, but the problem isn't Twitter- its your language and JSON parser. Outputting everything as a string, when it clearly should be a number, is inefficient and crazy. Saying that startups can't afford 64 bit processors in systems is crazy. Most startups I know are running on EC2 or have fairly new hardware. I bought a killer 64-bit quad xeon server for less than $1,500 for our startup and its rocking. If your startup doesn't have $1,500 for a primary capital computing expense that's another problem you have there. You either need to run on a newer system or use a language that can properly handle 64-bit numbers. C, Python, Ruby, Scala, Erlang, C#, etc none of them have problems with 64-bit ints. Not a Twitter problem. It's a programming issue on your end and unfortunately I can't help as I don't know PHP in depth. -dave On Sep 24, 3:29 pm, Dewald Pretorius dpr...@gmail.com wrote: That magical maximum number appears to be 1 (1.0E+12). So, for tweet ids we still have a bit of breathing space. Dewald On Sep 24, 4:18 pm, Dewald Pretorius dpr...@gmail.com wrote: Clearly PHP_INT_MAX plays no role in json_decode. There must be some other mystical maximum number above which it represents the number as float in the decoded data. Dewald
[twitter-dev] Re: SERIOUS Problem With Cursors In JSON Followers/Friends Ids
It's ridiculous to suggest a change in hardware (64 bit) or software (switch from PHP) to use Twitter's API. It's not like either of these are archaic. It sucks, sure, but it's silly to suggest such a solution. BTW, I don't have this problem. I'm just trying to be the voice of reason. On Sep 25, 1:55 pm, Scott Haneda talkli...@newgeo.com wrote: I tend to agree, a MacMini, around 600.00, would build php out as 64 bit no issue. If you are a baby startup, that should really cover you and be able to handle a lot more load than you would think. You may have to pop your database on something more robust, but it works quite well as a php front end. Take it to 1000.00 or so, and you can built out your own 1U server that is going to hold it's own very very well. Or, rent a 1U, they are a few hundred bucks a month, you get to pick the OS, pick the bit'ness, etc. If you are a startup, on a shoestring, part of the fun is being creative, and making due with what you have. And don't laugh at that MacMini, you can easily get to the SATA port, and plug it right into a SATA array elsewhere, getting SATA II on full size dives. I just pegged the drives to a cork board, its not pretty, but it works. I have a second on standby in case that one craps. I just had them laying around, and made them up from parts. While I am not going to mention the site, I can tell you, it is php on the front, apache2 with a good deal of mod_rewriting going on, and substantial database work, all happening on the MacMini, handling 500,000+ average unique visitors, which is a lot more requests when you add in images and the rest. (this site is not twitter related) If I was sloppy, that database would fall on it's face under that load. I have added in some caching where needed, so pages are rendered to disk at the expense of a php include of the data. I am in this thread to learn about the issue, but so far, getting to 64 bits should not be a barrier. Isn't this really a php issue anyway? Why can't php handle a 64 bit int in a 32 bit system? Maybe they need a bug report or a patch. MySql seems to handle 64 bit on my 32 bit test system here just fine. Maybe someone can write a wrapper for the json encode/decode that fixes this in that part of php? -- Scott * If you contact me off list replace talklists@ with scott@ * On Sep 25, 2009, at 12:23 PM, David Fisher wrote: Saying that startups can't afford 64 bit processors in systems is crazy. Most startups I know are running on EC2 or have fairly new hardware. I bought a killer 64-bit quad xeon server for less than $1,500 for our startup and its rocking. If your startup doesn't have $1,500 for a primary capital computing expense that's another problem you have there.
[twitter-dev] Re: SERIOUS Problem With Cursors In JSON Followers/Friends Ids
Dewald sums it up great. I'm not affected by this issue but keeping the barrier of entry low is of high value. It sucks that some PHP installations have this issue, but if there's a good way to accomodate such a popular language then what's the harm? This brings up an issue though. I'm not in favor of changing the default int to a string. It's the default that's important. Adding in an override parameter isn't really anymore helpful than suggesting to parse the json once you get it. Except, the thought of pre-parsing json (no matter how simple) makes my stomach churn. Think about it from the perspective of a developer that's just starting with the API. What would trip them up? If there's a way to resolve that, then that should be a high priority. For me it's not a big deal since I've used it enough and know people in the API community and this group where I can get an answer. That's a luxury I didn't have when I started though. So far, two proposed solutions: * Abraham suggested an additional key (this is great because you see it in the response without having to know of an additional paramter) * I suggested an additional parameter which would return all values as a string (drawback is that this is a bit more hidden - not everyone RTM :( ) * Your suggestion here! Think about the children! :) On Sep 25, 6:48 pm, Dewald Pretorius dpr...@gmail.com wrote: I think the point that some folks are trying to make is that forcing consumers of the API to use 64-bit machines is stifling innovation. Many Twitter apps start as pet projects hosted on a shared HostGator or other provider's server for nine bucks a month. That's how mine started way back. You don't have the option of editing php.ini or running on a 64-bit machine, unless you want to reduce your groceries per month and fork out more for a server. Dewald
[twitter-dev] Re: SERIOUS Problem With Cursors In JSON Followers/Friends Ids
Agreed that the problem isn't Twitter's fault. But a basic feature like cursor should work in a language as popular as PHP. Not so much in principle but in practice. Has anyone tried PEAR's Services_JSON? I haven't tried nor looked at the source. It's also slower than the native json_* functions but that may or may not be an issue. On Sep 24, 6:52 am, Joseph Cheek jos...@cheek.com wrote: To be fair to Twitter, the problem lies in PHP's json_decode() function, not the twitter API. Joseph Cheek jos...@cheek.com,www.cheek.com twitter:http://twitter.com/cheekdotcom Dewald Pretorius wrote: Chad, Shouldn't Twitter be providing an API that works for everyone? From what you said it sounds as if you're saying, Tough. If you want to consume the API with PHP, either run your stuff on a 64-bit machine, or scrape the raw JSON output and make it so that it works for you. That doesn't sound right. Dewald On Sep 24, 1:02 am, Chad Etzel c...@twitter.com wrote: Hello, As Joseph points out, PHP on a 64-bit system can handle these numbers. If you really want this data as a string, you could write a regex in PHP to alter the json string to wrap the digits in quotes before sending it through json_decode(), but that would be a pretty gnarly kludge. -Chad On Wed, Sep 23, 2009 at 10:28 PM, Dewald Pretorius dpr...@gmail.com wrote: All that Twitter needs to do to solve this problem is to build the JSON out with next_cursor and previous_cursor as string values. I.e., the JSON data should contain: next_cursor:12398712981212987,previous_cursor:-12398712981212987 I don't know what it will do to Java apps, but for PHP apps it will solve the problem. Dewald
[twitter-dev] Re: I'm back baby
Do You understand the difference between a Twitter website tool that can make 150 API calls an hour on behalf of your single Twitter account and a dedicated Twitter .Net application running on your computer that can make 20,000 API calls an hour across multiple accounts? Isn't exactly accurate. Except in the sense that politicians use the word. On Sep 22, 9:26 am, Dean Collins d...@cognation.net wrote: I'm back baby, bigger and badder than before -www.MyTwitterButler.com http://www.mytwitterbutler.com/ is no.MyPostButler.com http://www.mypostbutler.com/ feel free to tweet it on. Lawyers suck! Cheers, Dean P.S. No they didn't get the domain, my response was not without a court case baby.
[twitter-dev] Re: using twitter api problem
To test and see if you're being blocked try curl from the command line: curl -u user:password -d status=playing with cURL and the Twitter API http://twitter.com/statuses/update.xml On Sep 19, 12:44 pm, apex canji.er...@gmail.com wrote: I am using twitter api for posting new posts from my site to twitter and everything worked fine until today when all stooped working. I believe that my api calls are denied (blocked). I am getting http_code= 0 what ever i try. I hawe tryed same code that im using on my site to run on my localhost and it's working fine on my computer, but on my site it's not working any more. Can you suggest me how to resolve this problem?
[twitter-dev] Re: Are you seeing garbled JSON or XML responses?
Not lately but on Sept 9 I see this in our logs. URL http://twitter.com/account/verify_credentials.json HEADERS Expect: Authorization: OAuth realm=http://twitter.com/account/ verify_credentials.json,oauth_consumer_key=[snip],oauth_token=[snip],oauth_nonce=15581955d5d3cd6ef94193cf853745fc,oauth_timestamp=1252539951,oauth_signature_method=HMAC- SHA1,oauth_version=1.0,oauth_signature=[snip] User-Agent: EpiTwitter (http://github.com/jmathai/twitter-async/tree/) RESPONSE CODE 200 RESPONSE BODY !DOCTYPE html PUBLIC -//W3C//DTD HTML 4.01//EN http://www.w3.org/ TR/1999/REC-html401-19991224/strict.dtd !-- !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01//EN http://www.w3.org/TR/html4/strict.dtd; -- HTML HEAD META HTTP-EQUIV=Refresh CONTENT=0.1 META HTTP-EQUIV=Pragma CONTENT=no-cache META HTTP-EQUIV=Expires CONTENT=-1 TITLE/TITLE /HEAD BODYP/BODY /HTML On Sep 17, 9:26 pm, Chad Etzel c...@twitter.com wrote: Hi all, We've had a few sporadic reports lately that the data returned from the api appears to be garbled. This is separate from the 200 HTML errors and 408's of late; this is actual malformed XML or JSON data. If you are seeing this, can you please specify: Are you using the REST or Streaming API? XML or JSON? What is the exact URL you are using to request the data? What username are you using to connect (if applicable)? Feel free to unicast me the information. Thanks, -Chad
[twitter-dev] Re: new cursor-based pagination not multithread-friendly
I haven't switched to the cursor method yet but I access the follower list like you described and I have no issues with performance since the calls aren't serialized. If the reliability could be fixed and the page parameter preserved, then I'd vote for that. On Sep 18, 1:09 am, alan_b ala...@gmail.com wrote: when dealing with retrieving a large followers list from API, what i did was estimate the no. of pages i need (total / 5000) from the follower count of user's profile, and then send concurrent API requests to improve the speed. now with the new cursor-based pagination, this become impossible(it stills work, but i guess page-based pagination will be obsoleted someday?), because I don't know the next_cursor until I finish downloading a whole page. so i guess the page-based should be preserved (and improve)? rather than making it obsolete?
[twitter-dev] Re: Twitter IP Whitelisting
To see what the status of your IP is regarding rate limit, issue the following from that IP address: curl -I http://twitter.com/users/show.xml?screen_name=dougw | grep X- RateLimit-Limit If it's well above 150 then you're whitelisted. On Sep 1, 11:28 pm, Andy Pirate piratea...@gmail.com wrote: So here's the deal. We've had the Twitter API integrated into Pwned.com for many months now. One problem we keep running into is that it updates our members Twitter WAY later. For example, it says so and so is playing on-line, but we processed that request hours ago and then it finally shows up on their feed. I have requested whitelisting before, but they claimed it was approved and I don't think that it is. We've had to severely limit our integration with Twitter because of this reason. Any help would be greatly appreciated. Thanks Andy
[twitter-dev] Re: Can you speak in plain english
false On Sep 2, 6:50 pm, Dante Soiu dsoiual...@gmail.com wrote: And not computer language, Dante Soiu
[twitter-dev] Re: tweeting with oauth
Could use Abraham or my library. https://github.com/abraham/twitteroauth/tree https://github.com/jmathai/twitter-async/tree I have some blog posts that might help as well. http://www.jaisenmathai.com/blog/2009/03/31/how-to-quickly-integrate-with-twitters-oauth-api-using-php/ http://www.jaisenmathai.com/blog/2009/04/30/letting-your-users-sign-in-with-twitter-with-oauth/ On Sep 2, 1:58 pm, root root892...@yahoo.com wrote: Hi, Are there any examples of how to post tweet using an oauth token rather than username:password? I'm trying to do this in php. Thanks
[twitter-dev] Re: Whitelist DM limit Question
POSTs count against the authenticating user's limit and are separate from your application's limit (whitelisted or not). POSTs include status updates and DMs. On Aug 31, 9:27 pm, Matthew matthew.s.kov...@gmail.com wrote: I'm developing an application and I need to find out how the DM limit will work if I get it Whitelisted. Does the expanded DM limit for whitelisted applications only apply to DM's directly from the account associated with the application that has been whitelisted, or does it apply to an account that uses my application? For example if my application is linked to my account named MyDmAccount and a user with an account called SomeUser uses my application to send DMs. Can SomeUser send an increased amount of DMs through my application, or does the allowed increase in DMs only apply to DMs send directly from MyDmAccount? Trying to design this application to stay within the lines and need to figure this out before moving forward. Thanks, Matt
[twitter-dev] Re: Anyone updated jmathai OAuth library for 301s?
I didn't know FOLLOWLOCATION didn't work for posts :). Looks like the only way to fix it is to manually follow the url in the header for 301/302s. http://github.com/jmathai/twitter-async/issues/#issue/20 On Aug 31, 8:44 am, davidddn david.dellan...@gmail.com wrote: Has anyone updated the Jaisen Mathai OAuth library to support manually following the 301s? Since FOLLOW_LOCATION doesn't work on POSTs, the library needs to be re-written in parts to manually follow the redirects. Don't want to duplicate the work if someone has done it. The code is here:https://github.com/jmathai/twitter-async/tree
[twitter-dev] Re: singing in to twitter with php
If you're looking to use sign in with Twitter then follow these steps: http://www.jaisenmathai.com/blog/2009/04/30/letting-your-users-sign-in-with-twitter-with-oauth/ On Sep 1, 11:08 am, Termanater13 termana...@gmail.com wrote: Im looking for a way to sign in while getting the data fromhttp://twitter.com/statuses/user_timeline.format(copyed frim tha apiwiki). so I have to only set up one connection to twitter.
[twitter-dev] Re: Anyone updated jmathai OAuth library for 301s?
I'm reconsidering adding support for POSTs. What's the usecase exactly? Does Twitter 302 POST requests? If so, what's gained by the application if it follows that? On Aug 31, 8:44 am, davidddn david.dellan...@gmail.com wrote: Has anyone updated the Jaisen Mathai OAuth library to support manually following the 301s? Since FOLLOW_LOCATION doesn't work on POSTs, the library needs to be re-written in parts to manually follow the redirects. Don't want to duplicate the work if someone has done it. The code is here:https://github.com/jmathai/twitter-async/tree
[twitter-dev] Re: Anyone updated jmathai OAuth library for 301s?
One the issues is that the twitter-sync library utilizes multicurl which allows for parallel requests. Introducing this type of logic is tricky since the library allows you to access the results later and only at that point can we inspect the headers. Most people probably use it in a manner where they immediately block for the results, but I don't think sacrificing the ability to do parallel requests is worth following 302s. Anyways, I'd like to know from Twitter what their plans are for the 302 redirects. Is it temporary? It's far from an ideal solution and seems more like a stop gap. However, I don't think they'll chime in on this thread due to the title. Perhaps a new general thread would be appropriate. Jaisen On Sep 1, 7:06 pm, fbparis fbou...@gmail.com wrote: I've just coded this function which may help : function redirect_post($url,$data) { $ch = curl_init($url); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 2); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false); curl_setopt($ch, CURLOPT_HEADER, true); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); list($header,$content) = preg_split(#(\r)?\n(\r)?\n#s,curl_exec ($ch),2); $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); curl_close($ch); if (in_array($http_code,array(301,302))) { $redir = preg_match(#Location:(.*?)\n#si,$header,$m) ? trim($m [1]) : ''; if ($redir ($redir != $url)) return redirect_post($redir,$data); } return $content; } I've tested, it's ok ; and shouldn't be so hard to use in the lib. I'll have to use the Jaisen Mathai OAuth library very soon too, so if no solution has been found I'll post mine here :) FB
[twitter-dev] Re: is this steet legal??
Why wouldn't this be legal? On Sep 1, 7:22 pm, clearmedia ch...@clearmedia.com.au wrote: Hi everyone, Just wanting to know if this function is ok to connect and pull down twitter statuses. It works by the way! ?php function get_twitter_feed($screen_name){ $xml=new DOMDocument(); $xml-load(http://twitter.com/statuses/user_timeline.xml? screen_name=.$screen_name); $status_array=$xml-getElementsByTagName(statuses); foreach($status_array as $status_array){ $status_list=$status_array-getElementsByTagName(status); foreach($status_list as $status){ $date_node=$status-getElementsByTagName(created_at); $text_node=$status-getElementsByTagName(text); $i=0; foreach($date_node as $date_node){ $date=$date_node-firstChild-nodeValue; $date=substr($date, 0, 10); $i++; if($i==1){ print $date.br /; } } foreach($text_node as $text_node){ $text=$text_node-firstChild-nodeValue; print $text.br /br /; } } } } ?
[twitter-dev] Started getting Incorrect Signature but I verified the signature is correct
Not sure what I'm doing wrong here (but I've been doing it for 2 days now). I'm having trouble with a specific call. I plugged the values into Eran's form to validate that my signature was correct (assuming his form is correct). They match. Anyone else having problems with this? http://www.hueniverse.com/hueniverse/2008/10/beginners-gui-1.html jmat...@[~]: telnet twitter.com 80 Trying 168.143.162.100... Connected to twitter.com. Escape character is '^]'. POST /friendships/create.json?id=47537461 HTTP/1.1 Host: twitter.com Authorization: OAuth realm=http://twitter.com/friendships/ create.json,oauth_consumer_key=4oaLychIwGHyFbhe4IRBUA,oauth_token=42099395- JS6hZgn3BMo3utA312iFITYDZkjIFTW27icq0iHFb,oauth_nonce=9235222c326d637cbfb3980dcfc5d18a,oauth_timestamp=1251441668,oauth_signature_method=HMAC- SHA1,oauth_version=1.0,oauth_signature=fQjwjlUSia%2BZhEFsN %2FXwRvCSmWM%3D HTTP/1.1 401 Unauthorized Date: Fri, 28 Aug 2009 06:41:31 GMT Server: hi WWW-Authenticate: Basic realm=Twitter API Status: 401 Unauthorized Cache-Control: no-cache, max-age=300 Content-Type: application/json; charset=utf-8 Content-Length: 82 Set-Cookie: lang=en; path=/ Set-Cookie: _twitter_sess=BAh7CToTcGFzc3dvcmRfdG9rZW4iLWVlODFlYzNjODJhZWUxMzNmNGQ4MzFh %250ANmFjNTQzMmE1OTBhMjgwNjI6CXVzZXJpBMNiggI6B2lkIiU3NTM1MmRmNzA2%250AYzUzYWU4MjBlNTdmNjYxYTBlNDFjZCIKZmxhc2hJQzonQWN0aW9uQ29udHJv %250AbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7AA%253D%253D-- b67e2c06caf9578fbc9aedba5ba7ec6a6c46afb3; domain=.twitter.com; path=/ Expires: Fri, 28 Aug 2009 06:46:30 GMT Vary: Accept-Encoding Connection: close {request:\/friendships\/create.json?id=47537461,error:Incorrect signature}Connection closed by foreign host.
[twitter-dev] Using twitter-async? Seeking input on refactoring exceptions
If you're using twitter-async, please consider providing feedback on the proposal below. http://wiki.github.com/jmathai/twitter-async/seeking-input-for-exception-refactoring Thanks, Jaisen
[twitter-dev] Re: Problem with updating user's background with API
If you're using PHP/cUrl then specify the file as a normal post parameter prepended with an ampersand. Something along the lines of: curl_setopt($ch, CURLOPT_POSTFIELDS, array('image'='/path/to/file/on/ disk.png')); On Aug 1, 11:35 am, mikey mikexxx...@gmail.com wrote: Hello, I'm trying to allow users of my website to update their background using Basic Auth but for some reason it's not updating correctly. the API page says Note that this method expects raw multipart data, not a URL to an image. so what I did was use PHP cURL to post to the xml file the following // first i get the stats of the image $image_url = url to image; $headers = get_headers($image_url,1); $file_type = $headers['Content-Type']; $length = $headers['Content-Length']; // this is what is sent in the curl postfields $postvars = image=$image_url;filename=$filename;Content-Type: $file_type;content-length:$length; I'm not sure if I'm suppose to put the path from the current folder, or the path on the server.. I even tried the full URL but none worked. I'm pretty sure the problem is the image path because in the Response headers it has a 201 OK so Twitter didn't detect a problem. I've tried to search google and this group for help but I found nothing helpful. So I thought I could post a new topic. Any help is greatly appreciated. Thanks, Mikey
[twitter-dev] Re: OAUTH: Basic Auth is simpler/more reliable/more secure/better received than OAuth!?
Funny, I posted about our high success rate (95% of all users) with OAuth. I'm trying to get a feel for if we're fortunate, have a good flow or everyone has the same rates. http://groups.google.com/group/twitter-development-talk/browse_thread/thread/da46cd261fa13bca?hl=en On Jul 28, 2:13 pm, Amitab hiamita...@gmail.com wrote: As a developer who has recent launched Twaller (http://www.twaller.com) which supports OAuth, I think I should share my perspective on this. I really loved OAuth because: (1) Ease of coding. I could get OAuth working within a couple of days. Saves me any password maintenance, encryption etc. (2) Integration with Twitter Branding. With the OAuth scheme, I believe my website is more integrated with Twitter. It would also be nicer if Twitter would maintain their own list of websites they trust with Oauth, just to give users the added confidence that Twitter trusts me. (3) Saves me worrying about SSL. A lot of people are finicky about HTTPS/SSL. This was I can just ytell them that if Twitter wants Oauth that way in future, we will simple provide it. The part I hate about OAuth is that the OAUth page is extremely slow to load and sometimes does not load at all. I see this issue with the Twitter website in general as well, sometime postst from the web just don't go through. I would much appreciate if people at Twitter can address scalability problems to OAUTH, because that I believe is the biggest user turnoff. On Jul 28, 1:11 pm, JDG ghil...@gmail.com wrote: It's only a scare if the development community neglects or refuses to educate the populace at large that only Twitter really needs your password, so why give it to anyone else? On Tue, Jul 28, 2009 at 13:27, jahbini jahb...@celarien.com wrote: Sorry about your Oauth Implementation, Mine's been working steadily with no hiccups: Lot's of very solid implementations out there. As far as the user sign-up problem, Yeah, I agree, It's a bit of a scare for the user to have to connect to an off-site twitter authority page -- But that's what Facebook, paypal and all the big boys are pushing toward. As Robert Palmer once said: Your gonna have to face it, your addicted to passwords. Jim On Jul 28, 1:27 am, chinaski007 chinaski...@gmail.com wrote: Let's be honest... The end-result for third-party developers using OAuth appears to be fewer sign-ups, less reliability, more complexity, and potentially less security. Google Optimizer reveals that users are more likely to sign-up for Basic Auth than OAuth. That's just fact. Test it for yourself to confirm. I suppose this is not so weird. Users are accustomed to giving user/ pass information even to foreign apps. It is far more disruptive and invasive for them to go to some bizarre Twitter screen asking them to approve an app. To the average user, what does that mean? (And, heck, it may even require more steps if they have to login again to Twitter.) In terms of reliability, Twitter OAuth was down for days several weeks ago. Tonight yet another unannounced change occurred that broke major code libraries. Meanwhile, Basic Auth has been plugging along just fine and dandy... So what IS the benefit of OAuth? It doesn't benefit developers as you will likely get more sign-ups with Basic Auth and Basic Auth is far, far easier to setup. Sure, OAuth might satisfy some power users hungry for security... But is OAuth even more secure than Basic Auth? Perhaps not. After all, tonight's fix was for an OAuth security flaw known for at least 10+ days (judging by tweets to @twitterapi) that allowed for potential impersonations of credentialed users. On the heels of Twitter's (unofficial) assurance of better communication with developers, this sort of unannounced change is distressing. What's next? (Have Labor Day Weekend plans? You might want to cancel those... just the right time for Twitter to make an unannounced API change!) As for us, we are in the strange position of deprecating OAuth in favor of Basic Auth. Weird, eh?? Okay, we are not totally deprecating OAuth, but we are advising users that Basic Auth is far more robust and reliable. And so our message to new developers: avoid OAuth like the plague. If you must, offer it. But let Basic Auth be your backbone: more reliable, more sign-ups, simpler, and probably just as secure. (Just look at Google Code bug reports about OAuth to get a sense of reliablity.) (Okay, okay, this post was written at 4am after a workday that started at 8am, and after Twitter introduced this new change at 5pm... (hey Twitter, can you introduce major new changes EARLIER in the day so we can react!?!?)... it still doesn't excuse Twitter's continued disregard for the small-to-medium size developer.) --
[twitter-dev] Re: Whoa There! - Users don't really know whats going on.
I wouldn't mind providing an error callback url which Twitter posts error messages to. Asking users to report a message back to the application owner is only great in theory. Here are my $.02. * Message should include the application which made the invalid request * It doesn't really need to have many details about the problem. Merely mentioning OAuth would be plenty sufficient. * Encourage the user to go back to where they came from (there were, after all, trying to do something) On Jul 27, 6:05 pm, goodtest goodtest...@gmail.com wrote: sounds good, its way better than Whoa There :) On Jul 27, 5:51 pm, Andrew Badera and...@badera.us wrote: On Mon, Jul 27, 2009 at 8:38 PM, goodtest goodtest...@gmail.com wrote: I totally agree. They should simplify it and say something like: You are not passing all required parameters or not encoding them properly or anything that makes more sense. That's not going to make any more sense to users. It needs to be simple and imperative. We've experienced an OAuth [authorization [optional]] problem, sorry for the difficulty! Please let the administrators of [requesting app] know that they provided duplicate or incorrect OAuth request information. --ab
[twitter-dev] Re: error with simple xml load file
JDG is probably correct. $ch = curl_init('http://search.twitter.com/search.atom?q=Google'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $result = curl_exec($ch); $sXml = simplexml_load_string($result); var_dump($sXml); On Jul 27, 4:45 pm, oscarva osca...@gmail.com wrote: Please help :( On 25 jul, 01:05, oscarva osca...@gmail.com wrote: I am tring to do a Api call using simple xml and twitter search API. $rss = simplexml_load_file('http://search.twitter.com/search.atom? q=Google'); foreach ($rss-channel-item as $item){ $title = utf8_decode($item-title); $url = $item-link; } The error log tells me the following: PHP Warning: simplexml_load_file() [a href='function.simplexml-load- file'function.simplexml-load-file/a]: I/O warning : failed to load external entity quot;http://search.twitter.com/search.atom? q=Googlequot; in /home/xxx/public_html/test/status.php on line 10 [error] [client 166.210.xxx.xxx] PHP Warning: simplexml_load_file (http://search.twitter.com/search.atom?q=Google) [a href='function.simplexml-load-file'function.simplexml-load-file/a]: failed to open stream: Connection timed out in /home/xxx/public_html/ test/status.php on line 10 PHP Version 5.2.8 This only happens on my server, since in local working properly. :( Please Help. Thaks ;)
[twitter-dev] Re: API limit confusion
In other words, you have a web app running on a single server with a single IP. You make authenticated requests using each user's account. If your IP is whitelisted, the calls go towards your 20k limit, if it is not whitelisted, it goes against the current 150 limit for the respective accounts. That's what it means by IP whitelisting takes precedence to account rate limits. I don't believe that is true. If your web app is running on a whitelisted IP then you get up to 20k GET calls per hour. POST requests (status or DM) are counted against the user being authenticated. You CANNOT retrieve a user's rate limit status.
[twitter-dev] Re: direct messaging limits and best practices for individual services?
Both of these are enforced: 250 / hour 1000 / day On Jul 16, 11:52 am, Bjoern bjoer...@googlemail.com wrote: On Jul 16, 5:32 pm, jmathai jmat...@gmail.com wrote: If you're sending DMs then you should be limited to 1000 DMs / user / day or 100 / user / hour. I run into the limit issue as well but for a game that seems ample, no? I gathered from this link that the limit for dm's is 250, not 1000:http://help.twitter.com/forums/10711/entries/15364 With 1000 I would feel a bit safer, 250 would maybe suffice for about 70 games. Björn
[twitter-dev] Re: API Developers Alliance
Lastly, I don't feel that I, or my App, have rights to access Twitter's API. It's their system, my access is a privilege. They must in order for any app of significant size to exist. To reiterate others in this thread, Twitter does a great job. I think the alliance is a bit unrealistic (though interesting). I would like to see a developer bill of rights which is officially backed by Twitter and made public. They could of course change this as they feel necessary but once it's publicly disclosed then everyone is on the same page as to what they can and should expect. As a developer one of my primary concerns if that Twitter creates or modifies a policy which only has an implicit guideline. That's easy to do and could cause harm to developers that have invested a lot of time. This would, in the long run, wind up resulting in a crappy developer community (ala Facebook). I would also like to see on the bill of rights a list of rights reserved for Twitter. They're ultimately in control and have the most at stake. I trust the Twitter team as much as the rest of us on this list but I would like to see some sort of commitment for long term behavior if possible. Thanks for starting the thread Peter. Jaisen On Jul 17, 7:47 am, Clint Shryock cts...@gmail.com wrote: I think this is well intended but not necessary. As far as creating a group that has the ear of Twitter, I think this is list is doing quite well in that regard. The Twitter dev's have been very responsive and so far we have a nice community of third party devs as well. I agree with Bjoren, I feel this would just add an unnecessary level of politics. If I chose not to join said alliance, would Twitter care less about my voice? Again, I don't see how this group would be beneficial in anyway that this list isn't already providing. Lastly, I don't feel that I, or my App, have rights to access Twitter's API. It's their system, my access is a privilege. +Clint
[twitter-dev] Re: API Developers Alliance
Lastly, I don't feel that I, or my App, have rights to access Twitter's API. It's their system, my access is a privilege. Well said. I believe the original intent was to state that while it's a privilege there have to be some agreed upon policies going both ways. The TOS works for Twitter and something similar could exist for developers. I doubt the original author implied that they want full access and rights to Twitter's system / API.
[twitter-dev] Re: Is the rate limiting on IP or User a/c
GET calls are IP based (yours, not the client's) and count against the rate limit generally mentioned. On Jul 15, 8:56 pm, LEE engho@gmail.com wrote: Hi All, I would like to ask, the default rate limit for calls to the REST API is 150 requests per hour, is the rate limiting on IP (client) or on User A/C? I have a web application to get the friend's status. I didn't a testing to on this web application, using an A/C ABC to keep on getting the friend's status. It ran about 70++ time to got the result successfully, after that twitter returned exceed rate limiting. Then i tried to use another A/C DEF to continue to get the friend's status, but twitter returned exceed rate limiting. Guys, do you have any idea on this rate limiting is on IP or A/C? Thanks and Regards,
[twitter-dev] Re: Rules About Making Money
On Jul 15, 2:54 pm, Doug Williams d...@twitter.com wrote: Even then, we reach out and attempt to work with the developer before taking any action. That's delightful to know. Seriously :). Working with APIs is often a pain but Twitter's managed to create a pretty good ecosystem for developers by providing support and open communication. Kudos.
[twitter-dev] uploading pngs not working but jpegs do
Using the same code to upload photos I get a 200 response code for both png and jpeg files. The png however does not seem to get saved. It works with basic auth but not with OAuth. Anyone else run into this issue?
[twitter-dev] Image upload added to PHP OAuth library - need testers
I added multipart image upload support to EpiTwitter. It's in a multipart branch at the moment and am looking for others to test it out before merging into master. Let me know if you manage to test it out and whether or not it works for you. I haven't updated any docs but here is the usage. $twitterObj = new EpiTwitter($consumerKey, $consumerSecret, $token, $tokenSecret); $resp = $twitterObj-post_accountUpdate_profile_image(array('@image' = '@/absolute/path/to/file')); echo $resp-responseText;
[twitter-dev] Re: Image upload added to PHP OAuth library - need testers
Link would be nice: http://github.com/jmathai/twitter-async/tree/multipart On Jun 9, 1:02 pm, jmathai jmat...@gmail.com wrote: I added multipart image upload support to EpiTwitter. It's in a multipart branch at the moment and am looking for others to test it out before merging into master. Let me know if you manage to test it out and whether or not it works for you. I haven't updated any docs but here is the usage. $twitterObj = new EpiTwitter($consumerKey, $consumerSecret, $token, $tokenSecret); $resp = $twitterObj-post_accountUpdate_profile_image(array('@image' = '@/absolute/path/to/file')); echo $resp-responseText;
[twitter-dev] How's SuperChirp managing to work around DM limits
The post limits make it nearly impossible to send messages to a large follower group. SuperChirp recently launched and I was wondering if they have any special arrangements with Twitter to do so. Just looking for some transparency on this. I'm spending a lot of time building out an application and something as trivial as special privileges could render all my time/effort useless.
[twitter-dev] Re: How's SuperChirp managing to work around DM limits
Thanks Doug. However, your response did confuse my understanding of whitelisting (seems to be shared among others). My understanding was that whitelisting only applies to GET calls which does not include direct messaging. I thought POSTs were not affected by whitelisting. You replied to me earlier saying: Update limits are applied on a per-user basis regardless of whitelisting status. Context: http://groups.google.com/group/twitter-development-talk/msg/f1b4be8203f1?hl=en Not sure why I (and others) are having trouble understanding the limits. A similar question from someone else (not yet replied to): http://groups.google.com/group/twitter-development-talk/browse_thread/thread/b21a7a637006227a Confused :) On Jun 8, 4:49 pm, Doug Williams d...@twitter.com wrote: There is nothing in our system beyond normal whitelisting which increase direct messaging limits. Looking at the @SocialChirp account they are still a relatively new application and have likely not run into the messaging limits you are thinking of. Thanks, Doug On Mon, Jun 8, 2009 at 4:37 PM, jmathai jmat...@gmail.com wrote: The post limits make it nearly impossible to send messages to a large follower group. SuperChirp recently launched and I was wondering if they have any special arrangements with Twitter to do so. Just looking for some transparency on this. I'm spending a lot of time building out an application and something as trivial as special privileges could render all my time/effort useless.
[twitter-dev] Re: Debug mode?
Similar to Tim's suggestion, I'd also check out http://www.hueniverse.com/hueniverse/2008/10/beginners-gui-1.html ... shows step by step conversion values which you can use to pinpoint where your library might be having problems. On Jun 3, 10:27 pm, Tim timot...@gmail.com wrote: Maybe this OAuth Explorer would help you checking the different step and the parameters of your query:http://sevengoslings.net/~fangel/oauth-explorer/ Also, you might want to try an existing OAuth library in parallel with yours to see that it works the same. (even though you apparently tried this already) Hope this helps, Tim On Jun 2, 8:53 pm, @jigglyonee ghil...@gmail.com wrote: Hi all, I've been trying to write a JavaScript OAuth module in order to write my own twitter client (I know there are libraries out there, but it's for my education as well as fun). I'm stumped, unfortunately, right at the beginning -- trying to get a request token. I've tried GETting and POSTing tohttp://twitter.com/oauth/request_token to no avail -- it always returns Failed to validate oauth signature and token. I'm passing, hopefully, the correct parameters. A typical query string looks like this: http://twitter.com/oauth/request_token?oauth_consumer_key=9CCTnLpstYI... My signature base string for that looked like: GET%26http%3A%2F%2Ftwitter.com%2Foauth%2Frequest_token%26GET%26http%3A %2F%2Ftwitter.com%2Foauth%2Frequest_token%26oauth_consumer_key %3D9CCTnLpstYI8RIxGE7yhQ%26oauth_nonce %3Db52968e8-7145-4c91-8066-563d37a1107f%26oauth_signature_method %3DHMAC-SHA1%26oauth_timestamp%3D1244001043%26oauth_token%3D %26oauth_version%3D1.0 I'm fairly sure that the signature is being encoded correctly, as the HMAC-SHA1 algorithm returns the same in my library and in the javax.crypto libraries. I'm encoding using the key my_consumer_secret since I don't have a token secret yet. My question is twofold. 1) does something look amiss with this? 2) if nothing's obvious, is there any sort of debug mode for the APIs where we can get some more detailed error messages? Thanks! Josh
[twitter-dev] Re: Incorrect Rate Limited Response Code
Thanks for the response Doug. Would be great to have a specific response code for exceeding rate limits since using string matching is bound to fail in the future. I have a question about the rate limiting though. I'm making these requests from a whitelisted IP. If we are calling direct_messages/new on behalf of user FOO then are we limited to the 1,000/day user update limit, the 100/day user API limit, or the 20,000/day whitelisting limit for our IP. The docs lead me to believe it's the 20,000/day whitelisting limit for our IP. The actual behavior makes me believe its the 1,000/day user update limit. I thought the docs were unclear (or incorrect) regarding which takes precedence. From http://apiwiki.twitter.com/Rate-limiting: IP whitelisting takes precedence to account rate limits. Requests from a whitelisted IP address made on a user's behalf will be deducted from the whitelisted IP's limit, not the users. Therefore, IP-based whitelisting is a best practice for applications that interact with many users' data. I'm fairly certain that I'm not hitting the 20k limit because I'm logging all calls from our application. However, I still get the message mentioned above. On Jun 3, 11:19 am, Doug Williams d...@twitter.com wrote: You are not being rate limited. You are hitting the update limits as indicated by the 403. If you look at the body of the returned data, it will tell you this error condition. I've updated the friendships_create, direct_messages/new, and statuses/update method documentation to mention that we throw a 403 in this case. Thanks, Doug Twitter API Support On Tue, Jun 2, 2009 at 8:36 PM, jmathai jmat...@gmail.com wrote: Working within the rate limits is a really big pain in the tail :). Had to get that off my chest. The issue I'm seeing is that I'm getting the following response with a 403 code. {request:\/direct_messages\/new.json,error:There was an error sending your message: You can't send direct messages to this user right now} Per the docs it should return a 400 for rate limited responses. This way it's impossible for me to determine if the action isn't allowed or if it's just rate limited. Is this a bug or am I misreading the docs? http://twitterapi.pbworks.com/HTTP-Response-Codes-and-Errors
[twitter-dev] Re: DM limit for whitelisted app?
Same question, see 3rd comment here: http://groups.google.com/group/twitter-development-talk/browse_thread/thread/b53550be7149c81a/6f5166547c3dbec6?hl=en#6f5166547c3dbec6 On Jun 3, 11:47 am, Yu-Shan Fung ambivale...@gmail.com wrote: Hi all, Is there a new limit on the ability for a whitelisted app to send out DMs? We just noticed many errors sending out DMs with the following error: Forbidden:There was an error sending your message: We know you have a lot to say, but you can only send so many direct messages per day. (a href=http://help.twitter.com/forums/10711/entries/15364;click here/a for more info.) According to this thread, the DM limit should be lifted for whitelisted apps, or has the policy changed? Anyone else noticing this? http://groups.google.com/group/twitter-development-talk/browse_frm/th... Thanks for any help/pointers! Yu-Shan -- “When nothing seems to help, I go look at a stonecutter hammering away at his rock perhaps a hundred times without as much as a crack showing in it. Yet at the hundred and first blow it will split in two, and I know it was not that blow that did it, but all that had gone before.” — Jacob Riis
[twitter-dev] Re: Incorrect Rate Limited Response Code
Is there *any* talk about licensing higher limits at a cost to the client of the API? I'd be really interested in this, as would others I'm sure. If there's any discussion going on about this then let me know via email. On Jun 3, 12:37 pm, Doug Williams d...@twitter.com wrote: Whitelisting affects GET requests. Update limits affect POST requests. Update limits are applied on a per-user basis regardless of whitelisting status. I will update that doc to make this clear. Thanks, Doug On Wed, Jun 3, 2009 at 11:38 AM, jmathai jmat...@gmail.com wrote: Thanks for the response Doug. Would be great to have a specific response code for exceeding rate limits since using string matching is bound to fail in the future. I have a question about the rate limiting though. I'm making these requests from a whitelisted IP. If we are calling direct_messages/new on behalf of user FOO then are we limited to the 1,000/day user update limit, the 100/day user API limit, or the 20,000/day whitelisting limit for our IP. The docs lead me to believe it's the 20,000/day whitelisting limit for our IP. The actual behavior makes me believe its the 1,000/day user update limit. I thought the docs were unclear (or incorrect) regarding which takes precedence. Fromhttp://apiwiki.twitter.com/Rate-limiting: IP whitelisting takes precedence to account rate limits. Requests from a whitelisted IP address made on a user's behalf will be deducted from the whitelisted IP's limit, not the users. Therefore, IP-based whitelisting is a best practice for applications that interact with many users' data. I'm fairly certain that I'm not hitting the 20k limit because I'm logging all calls from our application. However, I still get the message mentioned above. On Jun 3, 11:19 am, Doug Williams d...@twitter.com wrote: You are not being rate limited. You are hitting the update limits as indicated by the 403. If you look at the body of the returned data, it will tell you this error condition. I've updated the friendships_create, direct_messages/new, and statuses/update method documentation to mention that we throw a 403 in this case. Thanks, Doug Twitter API Support On Tue, Jun 2, 2009 at 8:36 PM, jmathai jmat...@gmail.com wrote: Working within the rate limits is a really big pain in the tail :). Had to get that off my chest. The issue I'm seeing is that I'm getting the following response with a 403 code. {request:\/direct_messages\/new.json,error:There was an error sending your message: You can't send direct messages to this user right now} Per the docs it should return a 400 for rate limited responses. This way it's impossible for me to determine if the action isn't allowed or if it's just rate limited. Is this a bug or am I misreading the docs? http://twitterapi.pbworks.com/HTTP-Response-Codes-and-Errors
[twitter-dev] Re: Regarding Twitter/OAuth PHP libraries constructors
Would isAuthenticated just check if the token/secret are set? I had assumed (perhaps incorrectly) that the object would be instantiated at a point where you have the required credentials. Checking to see if you have already set the token/secret on an object would be a trivial addition, but do you have a use case of when/why you'd need to do that? On Jun 3, 2:57 pm, Tim timot...@gmail.com wrote: Hello, (note: this question might actually be more a general programming question rather than specific to Twitter) I have been looking at a few PHP libraries to use OAuth with Twitter (thanks to Abraham and Jason amongst others) and noticed that most (if not all) of them have a constructor more or less like that: function __construct($consumer_key, $consumer_secret, $oauth_token = NULL, $oauth_token_secret = NULL) called with 2 or 4 arguments depending on where in the OAuth process we are. (access token already known or not) That usually means that the status of the OAuth process is to be managed in the controllers when creating the object. If you take the example from Abraham's code:http://github.com/abraham/twitteroauth/blob/6b28e9e689d44a569576f7267... there's a lot of session variables management (granted, this code is provided as an example and advertised as not for production...) Basically, I feel that I'd rather do something like: $twitter = new TwitterOAuth(); $twitter-getPublicTimeline(); if ($twitter-isAuthenticated()) { $twitter-getFriendsTimeline();} etc. with the logic of if the access token is known being handled by the class itself. Since all the libraries I have seen didn't go this way (and were written by people who most probably know what they're doing a lot more than I do), I am wondering if I make any sense. Thanks for your help, Tim
[twitter-dev] Incorrect Rate Limited Response Code
Working within the rate limits is a really big pain in the tail :). Had to get that off my chest. The issue I'm seeing is that I'm getting the following response with a 403 code. {request:\/direct_messages\/new.json,error:There was an error sending your message: You can't send direct messages to this user right now} Per the docs it should return a 400 for rate limited responses. This way it's impossible for me to determine if the action isn't allowed or if it's just rate limited. Is this a bug or am I misreading the docs? http://twitterapi.pbworks.com/HTTP-Response-Codes-and-Errors
[twitter-dev] Geographical distribution / latency of api servers
What's the geographical distribution of the api servers? And, are requests routed to the nearest farm/colo? I'm asking because I have a VPS in New Jersey and would move it to the west coast if that's where all the API calls are being made.
[twitter-dev] Re: Whitelisted but being rate limited?
@wirah sent me: http://apiwiki.twitter.com/FAQ#IkeephittingtheratelimitHowdoIgetmorerequestsperhour On May 27, 9:06 am, jmathai jmat...@gmail.com wrote: Ok...what exactly is that so we can program around it. I haven't seen it in my searching. On May 27, 9:01 am, Matt Sanford m...@twitter.com wrote: Hi there, Whitelisting raises the various limits but it does not remove them. It sounds like you may have reached the direct message limit for whitelisted accounts. Thanks; – Matt Sanford / @mzsanford Twitter Dev On May 27, 2009, at 8:56 AM, jmathai wrote: This morning an app of ours was rate limited when sending direct messages. Here is the response we get from the API: {request:/direct_messages/new.json,error:There was an error sending your message: We know you have a lot to say, but you can only send so many direct messages per day. (a href=http:// help.twitter.com/forums/10711/entries/15364click here/a for more info.)} Following the link:http://help.twitter.com/forums/10711/entries/15364 it says that being whitelisted should lift the limits. Our IP address is 209.123.162.18. I don't have the original email since I submitted it via the online form. But I did exchange emails with @dougw and know that sent 100+ requests in under an hour earlier this week.
[twitter-dev] Re: Paging for friends/ids
This is reported as a bug here: http://code.google.com/p/twitter-api/issues/detail?id=613 Definitely is a bug if their docs are correct. statuses/followers works as expected using the page parameter. On May 22, 3:09 pm, elversatile elversat...@gmail.com wrote: It seems that paging is not working correctly for friends/ids call. I was trying to page through friends of Barack Obama by doinghttp://twitter.com/friends/ids/barackobama.xml?page=1,http://twitter.com/friends/ids/barackobama.xml?page=2, etc. But it seems that every file just gets bigger, e.g., first I get 5000 ids, then 1, up to 20 when on page 40 and then it just stop working. I thought the intention was to page through friends 5000 ids at a time, instead it seems like it's giving me everything through that page number, until it can no longer fetch that many. Is it a known problem? Any way around this?
[twitter-dev] Re: To get User email id as given in the User Profile
Don't hold your breath for that one :) On May 25, 6:59 am, sravs.. sravanthi.su...@gmail.com wrote: hi, I am a new user. can anyone tell me is there any way to get the email id of the user once the user has given access to a consumer application via oauth This is really urgent... Sravanthi
[twitter-dev] Re: Invalid token authentication failed when reply_to_status_id set
This is being tracked on github and twitter-api. http://github.com/jmathai/twitter-async/issues#issue/6 http://code.google.com/p/twitter-api/issues/detail?id=595 I'm unable to replicate the behavior using the exact code provided. Unsure if it's a bug in my library or something else. On May 21, 3:42 am, Rich rhyl...@gmail.com wrote: I've got the same issue, started today when it worked fine yesterday On May 21, 3:48 am, Abraham Williams 4bra...@gmail.com wrote: Can you confirm if post_statusesUpdate() works without the 'in_reply_to_status_id' parameter? 2009/5/19 alon alon.car...@gmail.com Hello all! ,Jaisen, I'm trying to use your EpiTwitter php class to communicate with the twitter API. This is my php code: $twitterObj = new EpiTwitter($consumer_key, $consumer_secret, USER_TOKEN, USER_SECRET_TOKEN); $userInfo = $twitterObj-get_accountVerify_credentials(); $twitterObj-post_statusesUpdate(array(status = $status, in_reply_to_status_id = $replytoid)); The first request (acount/verify_credential) returns fine, following is the http request: GET /account/verify_credentials.json HTTP/1.1 Host: twitter.com Accept: */* Authorization: OAuth realm=/account/ verify_credentials.json,oauth_consumer_key=,oauth_token=,oauth_nonce=XX,oauth_timestamp=1242578551,oauth_signature_method=HMAC- SHA1,oauth_version=1.0,oauth_signature= The second request (statuses/update) returns with Failed to validate oauth signature or token : POST /statuses/update.json HTTP/1.1 Host: twitter.com Accept: */* Authorization: OAuth realm=/statuses/ update.json,oauth_consumer_key=,oauth_token=X,oauth_nonce=,oauth_timestamp=1242578551,oauth_signature_method=HMAC- SHA1,oauth_version=1.0,oauth_signature= Content-Length: 81 Content-Type: application/x-www-form-urlencoded status=%40LeeronShalev+testing%3A+One%2C +Twoamp;in_reply_to_status_id=1786937496 Thanks in advance, -- Abraham Williams |http://the.hackerconundrum.com Hacker |http://abrah.am|http://twitter.com/abraham Web608 | Community Evangelist |http://web608.org This email is: [ ] blogable [x] ask first [ ] private. Sent from San Francisco, California, United States
[twitter-dev] Re: oauth just to post status
Create an application (http://twitter.com/oauth) and then post using your consumer key/secret. Blog posts if needed: http://www.jaisenmathai.com/blog/2009/03/31/how-to-quickly-integrate-with-twitters-oauth-api-using-php/ http://www.jaisenmathai.com/blog/2009/04/30/letting-your-users-sign-in-with-twitter-with-oauth/ On May 13, 8:03 pm, tayknight taykni...@gmail.com wrote: I meant to add, I want to use oauth for this so I get the 'via DummyOauthApp' line in the tweet. On May 13, 9:50 pm, tayknight taykni...@gmail.com wrote: Hi all. My app, once it gets going, is mainly going to post status updates as mentions to followers. For instance, the app, called DummyOauthApp will post a statuses/update like '@tayknight blah blah blah'. So, i don't need my app to authenticate itself to oauth as tayknight, but as itself DummyOauthApp. Does this mean I need to generate an access token/secret pair for the app itself and continually reuse this pair to call statuses/update? Thanks.
[twitter-dev] Re: Handling the OAuth flow when the user clicks Deny / Decline
That would work. So would something a a bit simpler. I am not sure I see the need for the username to be passed back. Seems like that could easily be done by the site. Also unsure as to why the special key is needed if it's always just returned as a parameter. Is this something that can be specified in the OAuth specs? Would be nice to have a standard way to handle this very valid OAuth flow. On May 5, 10:36 am, Doug Williams d...@twitter.com wrote: I'm trying to decide if this could easily be part of [1]? Any objections for these to be one in the same? 1.http://code.google.com/p/twitter-api/issues/detail?id=545 Thanks, Doug -- Doug Williams Twitter Platform Supporthttp://twitter.com/dougw On Tue, May 5, 2009 at 8:27 AM, jmathai jmat...@gmail.com wrote: When the user clicks decline the flow is abruptly disrupted. I didn't see anything in the OAuth spec that specifies how a decline is handled. It would be nice if there was a decline url that the application could specify which the user is redirected to.
[twitter-dev] Handling the OAuth flow when the user clicks Deny / Decline
When the user clicks decline the flow is abruptly disrupted. I didn't see anything in the OAuth spec that specifies how a decline is handled. It would be nice if there was a decline url that the application could specify which the user is redirected to.
[twitter-dev] Sign in with Twitter added to EpiTwitter (PHP/OAuth)
Did a quick write up on using PHP to sign in to Twitter. Working Example: http://www.jaisenmathai.com/sign_in_with_twitter/ Blog Post: http://www.jaisenmathai.com/blog/2009/04/30/letting-your-users-sign-in-with-twitter-with-oauth/ Code/Documentation: http://wiki.github.com/jmathai/epicode/epitwitter
[twitter-dev] Re: Basic Twitter / OAuth questions (.NET)
To get the access token you need to call /oauth/access_token. That'll give you back tokens you can save and reuse. This is a good flow diagram: http://oauth.net/core/diagram.png On May 1, 4:46 am, Richard L richard.lockw...@gmail.com wrote: Hi, I've looked through the FAQ, archives and other websites, and haven't found anything that has helped on this, so apologies if I've just missed it! I'm building an application which needs to be able to set a user's status automatically, without that user needing to log in and approve it every time. I'm using a variation on the code at:http://www.voiceoftech.com/swhitley/?p=681 , and it's working - to an extent. A user can visit a page on my apphttp://www.mytwitterapp.com/twitter.aspx, be redirected to Twitter to approve the app, then be sent back to my app, to the page which now has the form:http://www.mytwitterapp.com/twitter.aspx?oauth_token=EQ8Mi7T2Xqi6y5Ka... I can then use that token to get the token secret and interact with Twitter (primarily setting a status update). However, if I try to use that token again, I get a (401) Unauthorized error. I thought that the oauth_token that gets returned fromhttp://twitter.com/oauth/authorizewas a token that I could store, and use to repeatedly access Twitter when needed. It seems that what I'm actually getting back is an Access Token. So, my questions are: 1. Does what I've written above make sense? 2. Is there a token I can store, and use to repeatedly access Twitter - and if so, how can I get that value? 3. Am I barking up the wrong tree entirely? 4. Anything else you think might be of help!! Many thanks in advance, Richard.
[twitter-dev] Re: Totally baffling issue with Opera and OAuth
I can confirm the same behavior affecting ONLY opera. I scp'ed the files to a server with public dns entry...it worked fine there. I see an entry in my access log on the page with the authorization link. After clicking approve, I don't see anything in my access or error logs. On Apr 25, 9:35 pm, Bill Kocik bko...@gmail.com wrote: I'm stumped. My app is up and running locally, and I have an /etc/ hosts entry pointing local.mydomain.com to 127.0.0.1. My configuration at Twitter has my callback athttp://local.mydomain.com/auth/complete. My starting point ishttp://local.mydomain.com/auth/start. When I run through the process with Firefox, Internet Explorer, or Safari (all on Windows), everything works beautifully. When I try with Opera, I get to the Twitter allow/deny page, and when I click the Allow button I can see that the browser briefly does something, but then it doesn't go anywhere. I'm left staring at the allow/deny page. The deny button, though, works fine. This behavior is the same whether I'm already signed into Twitter or not. Looking at my app log, I can plainly see the browser never came back to my /auth/complete method, it stayed with Twitter. But when I run through authentication using Opera with any of the live demo apps listed athttp://apiwiki.twitter.com/OAuth-Examples, they work fine. Why the heck would the allow button not work only with my app and only with Opera? I've tried clearing out all caches and cookies and nothing has made a difference. I'm grasping at straws here. Anybody got one?
[twitter-dev] Re: Send status update with OAuth/PHP/cURL
You can also try a library I put up on github as well. Supports all endpoints and asynchronous calls. Tutorial: http://www.jaisenmathai.com/blog/2009/03/31/how-to-quickly-integrate-with-twitters-oauth-api-using-php/ Documentation: http://wiki.github.com/jmathai/epicode/epitwitter On Apr 21, 2:54 pm, Doug D dosb...@gmail.com wrote: Thanks Chad! I've checked out Abraham's OAuth lib, but I don't see how to update a twitter status. His example seems to only authenticate and return data on the person who's authenticated. doug On Apr 21, 5:00 pm, Chad Etzel jazzyc...@gmail.com wrote: Take a look at Abraham Williams' excellent Twitter PHP Oauth lib: http://twitter.abrah.am/ -Chad On Tue, Apr 21, 2009 at 4:36 PM, Doug D dosb...@gmail.com wrote: I've been digging in to the Twitter OAuth stuff and am able to sign into my site with the Twitter authentication, but I'm wondering if there is a way to use the OAuth credentails to send a status update using PHP and cURL. The code below sends an update, but only when a static username:password is filled in. My goal it to update (your) Twitter status from my site once you are authenticated by Twitter. Any thoughts or tutorials? Thanks! // Set username and password $username = 'name'; $password = 'password'; // The message you want to send $message = 'My status update'; // The twitter API address $url = 'http://twitter.com/statuses/update.xml'; // Alternative JSON version // $url = 'http://twitter.com/statuses/update.json'; // Set up and execute the curl process $curl_handle = curl_init(); curl_setopt($curl_handle, CURLOPT_URL, $url); curl_setopt($curl_handle, CURLOPT_CONNECTTIMEOUT, 2); curl_setopt($curl_handle, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_handle, CURLOPT_POST, 1); curl_setopt($curl_handle, CURLOPT_POSTFIELDS, status=$message); curl_setopt($curl_handle, CURLOPT_USERPWD, $username:$password); $buffer = curl_exec($curl_handle); curl_close($curl_handle); // check for success or failure if (empty($buffer)) { echo 'message'; } else { echo 'success'; }
[twitter-dev] Re: Failed to validate oauth signature or token on status update post?
I am having this problem as well. GETs work fine but POSTs do not. I don't have any Authorization headers. On Apr 10, 10:37 am, Chen Jie chenyue...@gmail.com wrote: I got a workaround for POST, I removed Authorization info in Header, then the POST request passed. On Apr 10, 8:50 pm, max maxnet...@gmail.com wrote: I have the same problem since this morning, pretty strange, looked over my code but I really don't see anything wrong. On Apr 10, 4:27 am, HSL hslee...@gmail.com wrote: Anyone else has the problem that posting a status update through OAuth gives the error: failed to validate oauth signatre or token since a few hours?
[twitter-dev] Re: Failed to validate oauth signature or token on status update post?
Here's a bug for the problem: http://code.google.com/p/twitter-api/issues/detail?id=447 On Apr 11, 8:20 am, Dominik Schwind domi...@gmail.com wrote: Hm, I'm always calling write stuff, like /status/update, with POST - actually I thought it's not possible to GET those calls. Still not working on my end, even if I try around with those headers. On Sat, Apr 11, 2009 at 2:44 PM, Bluespark spo...@gmail.com wrote: I have got my Python library working. It simply is just changing the GET to post. When you encode your token and other items, you have to make sure you change this to a POST for the /status/update method. Calling status/update with a GET got me the 401 Authorization failed. This was a pretty easy fix, once you know where to look in your library. On Apr 11, 5:07 pm, jmathai jmat...@gmail.com wrote: I am having this problem as well. GETs work fine but POSTs do not. I don't have any Authorization headers. On Apr 10, 10:37 am, Chen Jie chenyue...@gmail.com wrote: I got a workaround for POST, I removed Authorization info in Header, then the POST request passed. On Apr 10, 8:50 pm, max maxnet...@gmail.com wrote: I have the same problem since this morning, pretty strange, looked over my code but I really don't see anything wrong. On Apr 10, 4:27 am, HSL hslee...@gmail.com wrote: Anyone else has the problem that posting a status update through OAuth gives the error: failed to validate oauth signatre or token since a few hours? -- Dominik Schwindwww.lostfocus.de Other ways to contact me onwww.dominikschwind.com