[twitter-dev] Re: OAuth:a disaster for Chinese twitter users

2010-02-16 Thread janole
Hi Raffi, I've sent an eMail to a...@twitter.com requesting permission to use xAuth in my S60 Twitter Client Gravity. Just curious if there's any ETA for granting access to xAuth and/or providing documentation. Many thanks in advance, Ole -- Jan Ole Suhr s...@mobileways.de On Twitter:

[twitter-dev] Re: OAuth:a disaster for Chinese twitter users

2010-02-16 Thread Dewald Pretorius
oauth. the caveat is that i stated that xauth will not be allowed for web applications, but i can think of a few creative ways around that. Raffi, I assume that would be as a general rule for day-to-day operations of web apps. But, for web apps you are still going to allow the one-time bulk

Re: [twitter-dev] Re: OAuth:a disaster for Chinese twitter users

2010-02-16 Thread Raffi Krikorian
But, for web apps you are still going to allow the one-time bulk conversion of existing users with xauth, correct? yes. -- Raffi Krikorian Twitter Platform Team http://twitter.com/raffi

Re: [twitter-dev] Re: OAuth:a disaster for Chinese twitter users

2010-02-16 Thread Raffi Krikorian
understood, but, right now, not in the plan. web apps will have to use the standard oauth workflow. On Tue, Feb 16, 2010 at 11:29 AM, Dewald Pretorius dpr...@gmail.com wrote: Actually, this whole Chinese user issue affects web apps as well. Because, with OAuth, any Chinese user (or any user

Re: [twitter-dev] Re: OAuth:a disaster for Chinese twitter users

2010-02-12 Thread Harshad RJ
On Fri, Feb 12, 2010 at 12:17 PM, yegle cnye...@gmail.com wrote: Nope, it doesn't work :-( All DNS queries to twitter.com inside China is poisoned and all twitter's available IP is blocked. Oh btw, I meant HTTPS proxies that sit outside the firewall. I assume that DNS queries for

[twitter-dev] Re: OAuth:a disaster for Chinese twitter users

2010-02-12 Thread yegle
There is no detailed information about xauth right now, but the WRAP specification did allow to fetch access token using username/password, that makes a proxy script possible.I think this is xauth about: get access token using username/password and then do the rest things using oauth. I'm still

[twitter-dev] Re: OAuth:a disaster for Chinese twitter users

2010-02-12 Thread yegle
Oh yes I forgot that HTTP proxy resolves the domain name at server side :-) On Feb 12, 6:18 pm, Harshad RJ harshad...@gmail.com wrote: On Fri, Feb 12, 2010 at 12:17 PM, yegle cnye...@gmail.com wrote: Nope, it doesn't work :-( All DNS queries to twitter.com inside China is poisoned and all

[twitter-dev] Re: OAuth:a disaster for Chinese twitter users

2010-02-12 Thread yegle
I read the WRAP draft. I have to say that it's much simpler than OAuth 1.0a. It doesn't need too much modification to twitter client to support API proxy, if xauth is widely available. Thank you all for your replies and concerns :-) On Feb 12, 7:04 pm, yegle cnye...@gmail.com wrote: Oh yes I

Re: [twitter-dev] Re: OAuth:a disaster for Chinese twitter users

2010-02-12 Thread Raffi Krikorian
what i would do (with that caveat that i'm speaking as myself and not necessarily as a twitter employee ;P): make a proxy that uses xauth - you could still ask for a username/password, use xauth to do the exchange with twitter, and then proxy the basic auth to oauth. the caveat is that i stated

[twitter-dev] Re: OAuth:a disaster for Chinese twitter users

2010-02-11 Thread yegle
Yes, but not all clients support HTTPS proxy, especially mobile clients. On Feb 12, 1:39 pm, Harshad RJ harshad...@gmail.com wrote: Wouldn't a regular HTTPS proxy be sufficient? On Fri, Feb 12, 2010 at 11:00 AM, yegle cnye...@gmail.com wrote: Hi all, This could be a long email.

Re: [twitter-dev] Re: OAuth:a disaster for Chinese twitter users

2010-02-11 Thread Harshad RJ
Made me realise that my app (tDash) should be using HTTPS for all API calls. Just made a new release now. Hoping that helps users behind a firewall. On Fri, Feb 12, 2010 at 11:12 AM, yegle cnye...@gmail.com wrote: Yes, but not all clients support HTTPS proxy, especially mobile clients. On

[twitter-dev] Re: OAuth:a disaster for Chinese twitter users

2010-02-11 Thread yegle
Nope, it doesn't work :-( All DNS queries to twitter.com inside China is poisoned and all twitter's available IP is blocked. Anyway, HTTPS should be enabled or at least provide an option :-) On Feb 12, 2:38 pm, Harshad RJ harshad...@gmail.com wrote: Made me realise that my app (tDash) should be

Re: [twitter-dev] Re: OAuth:a disaster for Chinese twitter users

2010-02-11 Thread Harshad RJ
On Fri, Feb 12, 2010 at 12:17 PM, yegle cnye...@gmail.com wrote: Nope, it doesn't work :-( All DNS queries to twitter.com inside China is poisoned and all twitter's available IP is blocked. Ah, I hadn't implemented for the OAuth authorization page. Just done. (Sorry for the spam, list.

[twitter-dev] Re: OAuth:a disaster for Chinese twitter users

2010-02-11 Thread yegle
Hi Brian, Thank you, I just noticed the new OAuth specification. I'll read the specification first and see if there is any workaround available :-) On Feb 12, 5:40 pm, Brian Smith br...@briansmith.org wrote: yegle wrote: Basically, a API proxy script works as a middleman between twitter and