Re: [twitter-dev] Using OAuth keys in an open source application

Y'all should look at what Facebook connect does: http://wiki.developers.facebook.com/index.php/Session_Proxy You can keep the secret on a server, and the server acts as a proxy for the agent. Naturally, this raises the question of how the server knows that the agent is legit. That said, this is '

Re: [twitter-dev] Using OAuth keys in an open source application

John Meyer wrote: No, the point I was trying to make was that you don't HAVE to distribute the key. Nothing in the open source license requires you to give that information to another person. You can distribute it if you want to, but you are perfectly free to give them the source code and te

Re: [twitter-dev] Using OAuth keys in an open source application

ryan alford wrote: PHP as in web-based? Why wouldn't the user just login to the website? Ryan Yes, it's open source software that users run on their own servers. It is *not* a hosted service (if it was, it'd be fine). -- Ryan McCue

Re: [twitter-dev] Using OAuth keys in an open source application

* ryan alford [100118 20:01]: > The consumer secret is not public. The consumer key can be seen in the > query parameters, but the consumer secret is not a query parameter. It > would have to be reverse engineered using the signature. > > If twitter determines that a specific application is mal

Re: [twitter-dev] Using OAuth keys in an open source application

The consumer secret is not public. The consumer key can be seen in the query parameters, but the consumer secret is not a query parameter. It would have to be reverse engineered using the signature. If twitter determines that a specific application is malware, I would only hope that they would b

Re: [twitter-dev] Using OAuth keys in an open source application

On 1/18/2010 8:45 PM, Marc Mims wrote: * Isaiah Carew [100118 19:02]: If every person that uses an app accesses the API with their own personal app credentials that would mean the app would appear to Twitter as hundreds, or potentially thousands, of individual applications. One goal of appli

Re: [twitter-dev] Using OAuth keys in an open source application

* Isaiah Carew [100118 19:02]: > If every person that uses an app accesses the API with their own personal app > credentials that would mean the app would appear to Twitter as hundreds, or > potentially thousands, of individual applications. > > One goal of application registration is to contro

Re: [twitter-dev] Using OAuth keys in an open source application

On 1/18/2010 6:43 PM, Ryan McCue wrote: John Meyer wrote: Technically, you don't. All opensource requires is that you distribute the source code, not the individual data. So you could specify that the secret key is in a particular file and then other users could insert their own secret key. R

Re: [twitter-dev] Using OAuth keys in an open source application

PHP as in web-based? Why wouldn't the user just login to the website? Ryan Sent from my DROID On Jan 18, 2010 10:03 PM, "Ryan McCue" wrote: John Meyer wrote: > > Technically, you don't. All opensource requires is that you distribute the so... Right, so everyone would have to get their own AP

Re: [twitter-dev] Using OAuth keys in an open source application

John Meyer wrote: Technically, you don't. All opensource requires is that you distribute the source code, not the individual data. So you could specify that the secret key is in a particular file and then other users could insert their own secret key. Right, so everyone would have to get

Re: [twitter-dev] Using OAuth keys in an open source application

If every person that uses an app accesses the API with their own personal app credentials that would mean the app would appear to Twitter as hundreds, or potentially thousands, of individual applications. One goal of application registration is to control application privileges en masse. So t

Re: [twitter-dev] Using OAuth keys in an open source application

Something like that. Ideally, what I would do is configure the app so that if the consumerkeys (both secret and non) are not present, the user is directed to a screen to input those for themselves (with maybe a helpful link to get them in the first place). On Jan 18, 2010, at 9:46 AM, Raf

Re: [twitter-dev] Using OAuth keys in an open source application

You are reading it correct. You do not want to give out your Consumer Key or Consumer Secret. If somebody downloads the source of your application, they are most likely going to be using it in their own application. Therefore, they need their own Consumer Key and Consumer Secret. Ryan On Mon,

Re: [twitter-dev] Using OAuth keys in an open source application

So you're saying that each individual end-user of the open source app would register with Twitter for separate Twitter Application credentials, add those credentials to the app, and then recompile the application? Or did I read that incorrectly? Isaiah YourHead Software supp...@yourhead.com h

Re: [twitter-dev] Using OAuth keys in an open source application

that's precisely what i would do - author your code to read from a configuration file that contains the keys. don't distribute that configuration file, but, instead, distribute a README or an example configuration file that the end user would fill in. On Mon, Jan 18, 2010 at 9:43 AM, John Meyer

Re: [twitter-dev] Using OAuth keys in an open source application

On 1/18/2010 1:19 AM, Ryan McCue wrote: Hey guys, I'm looking to integrate Twitter posting into an application I'm developing. The catch to this is that because it's open source, and programmed in PHP, I'd have to distribute the secret key with it. What's the best way to go about this? I've fal

[twitter-dev] Using OAuth keys in an open source application

Hey guys, I'm looking to integrate Twitter posting into an application I'm developing. The catch to this is that because it's open source, and programmed in PHP, I'd have to distribute the secret key with it. What's the best way to go about this? I've fallen back onto the ordinary basic auth API