Re: [twitter-dev] How to get started with the Twitter OAuth API and jQuery

2010-06-18 Thread Taylor Singletary 
Hi Christian,

Unless you're operating in a safe Javascript environment (like Palm's WebOS,
or using server-side Javascript), it's not recommended to use OAuth 1.0a in
Javascript because your consumer secret will be in plaintext and easily
viewed/crawled/scraped/abused.

Aside from security issues, it's also very difficult to accomplish in
Javascript, as you'll need a library that correctly implements the HMAC-SHA1
algorithm -- which I've personally not found yet -- but not impossible.

While others on this list might offer some assistance, I recommend not
trying to use the API with OAuth via Javascript and jQuery and use @Anywhere
instead http://dev.twitter.com/anywhere

Taylor

On Fri, Jun 18, 2010 at 2:35 PM, cosenary wrote:

> Hello,
>
> I'm new to Twitter API and I try to create an easy jQuery script which
> allows me to load the userprofile data (http://dev.twitter.com/doc/get/
> account/verify_credentials). I already requested the oauth_token and
> the oauth_token_secret (with php).
>
> But I don't know the purpose of the oauth_token and the
> oauth_token_secret. I tried to make a code with which I have access to
> Twitter API. (I use this md5 jQuery plugin:
> http://plugins.jquery.com/files/jquery.md5.js.txt)
>
> Can someone help me to get along with Twitter API and jQuery.
>
> My jQuery code:
>
>  function microtime(get_as_float) {
>var now = new Date().getTime() / 1000;
>var s = parseInt(now, 10);
>return (get_as_float) ? now : (Math.round((now - s) * 1000) /
> 1000) + ' ' + s;
>  }
>
>  function nonce() {
>var mt = microtime(true);
>var rand = mt_rand();
>var md5_hash = $.md5(mt + rand); // md5 jQuery Plugin
>return md5_hash;
>  }
>
>  // API settings
>  var access_token = "14152914-
> cbkQ5eR81FyMGfcenqChF5LWLvClHA8xDUQxlNd";
>  var consumer_key = "UVITPP0P9C0Ab1XoaiyRqQ";
>  var signature = "HMAC-SHA1";
>
>  // API call
>  var tw_api_url = "http://api.twitter.com/1/account/
> verify_credentials.json?oauth_token="+access_token
> +"&oauth_timestamp="+event.timeStamp
> +"&oauth_consumer_key="+consumer_key
> +"&oauth_signature_method="+signature+"&oauth_nonce="+nonce();
>
>  $.post(tw_api_url, function(json) {
>alert(json);
>  }, "json");
>
> Thanks in advance for your help,
>
> Christian
>

[twitter-dev] How to get started with the Twitter OAuth API and jQuery

2010-06-18 Thread cosenary 
Hello,

I'm new to Twitter API and I try to create an easy jQuery script which
allows me to load the userprofile data (http://dev.twitter.com/doc/get/
account/verify_credentials). I already requested the oauth_token and
the oauth_token_secret (with php).

But I don't know the purpose of the oauth_token and the
oauth_token_secret. I tried to make a code with which I have access to
Twitter API. (I use this md5 jQuery plugin: 
http://plugins.jquery.com/files/jquery.md5.js.txt)

Can someone help me to get along with Twitter API and jQuery.

My jQuery code:

  function microtime(get_as_float) {
var now = new Date().getTime() / 1000;
var s = parseInt(now, 10);
return (get_as_float) ? now : (Math.round((now - s) * 1000) /
1000) + ' ' + s;
  }

  function nonce() {
var mt = microtime(true);
var rand = mt_rand();
var md5_hash = $.md5(mt + rand); // md5 jQuery Plugin
return md5_hash;
  }

  // API settings
  var access_token = "14152914-
cbkQ5eR81FyMGfcenqChF5LWLvClHA8xDUQxlNd";
  var consumer_key = "UVITPP0P9C0Ab1XoaiyRqQ";
  var signature = "HMAC-SHA1";

  // API call
  var tw_api_url = "http://api.twitter.com/1/account/
verify_credentials.json?oauth_token="+access_token
+"&oauth_timestamp="+event.timeStamp
+"&oauth_consumer_key="+consumer_key
+"&oauth_signature_method="+signature+"&oauth_nonce="+nonce();

  $.post(tw_api_url, function(json) {
alert(json);
  }, "json");

Thanks in advance for your help,

Christian