[twitter-dev] OAuth bug?

[Jan Szumiec]

Hey,

I've been experimenting with the streaming API for the past couple of days. 
While playing with different methods, I've discovered an interesting phenomenon 
-

When I make a request to 
http://stream.twitter.com/1/statuses/filter.json?track=bieber - I get a 200 
status code and everything works as expected.

However, when another keyword is added, and a request is made to 
http://stream.twitter.com/1/statuses/filter.json?track=bieber,obama I get a 401 
status code. Initially, I thought there may be a bug within the OAuth library 
that I was using, but then verified the requests using this tool: 
http://oauth.googlecode.com/svn/code/javascript/example/signature.html and the 
signatures generated by the library I was using (simple_oauth for ruby) were 
matching. Is there a panel somewhere that would let me look at the requests I 
issued to get a more detailed report of what went wrong?

This has to be something trivial - I can't imagine this being a bug on 
twitter's side, as I'd expect this scenario to be used extensively. When I use 
basic auth, everything works well, hence this must be a bug with OAuth. When 
generating a signature, the library I am using is encoding "," as %252C which I 
initially thought might be wrong, but after studying the OAuth specs, seem to 
be correct.

Thanks,
jan

-- 
Have you visited the Developer Discussions feature on 
https://dev.twitter.com/discussions yet?

Twitter developer links:
Documentation and resources: https://dev.twitter.com/docs
API updates via Twitter: https://twitter.com/twitterapi

Unsubscribe or change your group membership settings: 
http://groups.google.com/group/twitter-development-talk/subscribe

[twitter-dev] Oauth callback error - Invalid access token

[Alvarítez]

Hello!
We are having a problem getting Access Tokens from our app users. It
was perfectly working a few days back, but now it's not.
We are doing the oauth dance using twitter4j. We retrieve a request
token for the user and then use it to call
http://api.twitter.com/oauth/authorize?oauth_token=[REQUEST_TOKEN].
But, when the user authorizes the app, there is a call to
[our_callback_url]?
oauth_token=[REQUEST_TOKEN]&oauth_verifier=[VERIFIER] which doesn't
even reach our server and we get this error message (using chrome):
{ "error": "invalid_token", "error_description": "Invalid access
token: [REQUEST_TOKEN]"}
and in firefox:
Firefox cannot find the file in [our_callback_url]?
oauth_token=[REQUEST_TOKEN]&oauth_verifier=[VERIFIER]

The thing is that, if I remove the oauth_token parameter from the
callback url twitter is giving back, it works perfectly fine, as we
are storing the access token in the user's session, but I think there
is no way to tell Twitter not to return that parameter. Obviously, we
can't ask our users to remove the parameter themselves. Any
suggestions?
Like I said, this was working perfectly fine about a week ago...

-- 
Have you visited the Developer Discussions feature on 
https://dev.twitter.com/discussions yet?

Twitter developer links:
Documentation and resources: https://dev.twitter.com/docs
API updates via Twitter: https://twitter.com/twitterapi

Unsubscribe or change your group membership settings: 
http://groups.google.com/group/twitter-development-talk/subscribe

Re: [twitter-dev] oauth/Authenticate keeps giving me PIN code

[Taylor Singletary]

On the request_token step of the OAuth flow, are you setting an explicit
oauth_callback pointing to where you want the user to be redirected after
they have authorized?

@episod  - Taylor
Singletary


On Thu, Jul 14, 2011 at 12:09 AM, Paul  wrote:

> Hi,
>
> Im trying to do a Sign In with Twiter from my site, but im stuck. I've
> double checked my application settings (i cant find the application on
> the new applications site that specifies if the app is a desktop or
> webapp), i've added a callbackurl.
>
> On my site im getting the correct request token and generate my link
> as : https://twitter.com/oauth/authenticate?oauth_token=
> (X being the request_token).
>
> I've i click on the link i get to the twitter authorise page and the
> url says authenticate, BUT as soon as I sign in the twitter site gives
> me the PIN code and doesnt redirect. From what I understood this url
> should be correct.
>
> What am i doing wrong?
>
> Thank you.
>
> --
> Have you visited the Developer Discussions feature on
> https://dev.twitter.com/discussions yet?
>
> Twitter developer links:
> Documentation and resources: https://dev.twitter.com/docs
> API updates via Twitter: https://twitter.com/twitterapi
>
> Unsubscribe or change your group membership settings:
> http://groups.google.com/group/twitter-development-talk/subscribe
>

-- 
Have you visited the Developer Discussions feature on 
https://dev.twitter.com/discussions yet?

Twitter developer links:
Documentation and resources: https://dev.twitter.com/docs
API updates via Twitter: https://twitter.com/twitterapi

Unsubscribe or change your group membership settings: 
http://groups.google.com/group/twitter-development-talk/subscribe

[twitter-dev] oauth/Authenticate keeps giving me PIN code

[Paul]

Hi,

Im trying to do a Sign In with Twiter from my site, but im stuck. I've
double checked my application settings (i cant find the application on
the new applications site that specifies if the app is a desktop or
webapp), i've added a callbackurl.

On my site im getting the correct request token and generate my link
as : https://twitter.com/oauth/authenticate?oauth_token=
(X being the request_token).

I've i click on the link i get to the twitter authorise page and the
url says authenticate, BUT as soon as I sign in the twitter site gives
me the PIN code and doesnt redirect. From what I understood this url
should be correct.

What am i doing wrong?

Thank you.

-- 
Have you visited the Developer Discussions feature on 
https://dev.twitter.com/discussions yet?

Twitter developer links:
Documentation and resources: https://dev.twitter.com/docs
API updates via Twitter: https://twitter.com/twitterapi

Unsubscribe or change your group membership settings: 
http://groups.google.com/group/twitter-development-talk/subscribe

Re: [twitter-dev] oAuth problem with AIR desktop app - Failed to validate oauth signature and token

[Anton Hvornum]

Hi.

I have the same issue, but may i ask why you are performing a GET request
with a POST signature?
HTTP POST should be:

POST /oauth/request_token
\r\n
\r\n
callback=..&nonce=&...

Not in the way you've shown us:
HTTP POST:
https://api.twitter.com/.../oauth_callback=..&;...


Secondly, have you checked your timestamps so it matches the twitter server?
Say you live in Sweden like i do, you need to compensate for the time
difference with -1 so it matches GMT.


Thirdly, are you URL encoding anything at all in the POST header?
I think the signature needs to be URL encoded.



This is what my Header and POST data looks like:
http://groups.google.com/group/twitter-development-talk/browse_thread/thread/40b41730d2144ca9




On Thu, Jun 30, 2011 at 12:19 AM, miloshes  wrote:

> Hi guys,
>
> I am new here, working on yet another twitter client for desktops.
> It's Adobe AIR desktop app written in AS3. And I have a problem with
> acquiring a request token.
>
> Signature base:
> POST&https%3A%2F%2Fapi.twitter.com %2Foauth
> %2Frequest_token&oauth_callback=http%3A%2F%2Fgoogle.com
>
> %2F&oauth_consumer_key=b0..ww&oauth_nonce=84950&oauth_signature_method=HMAC-
> SHA1&oauth_timestamp=1309385887&oauth_version=1.0
>
> HTTP POST:
>
> https://api.twitter.com/oauth/request_token?oauth_callback=http://twitter.com&oauth_consumer_key=b0..ww&oauth_nonce=82384&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1309374642&oauth_version=1.0&oauth_signature=Cfx..og%
>
> Erro I am getting:
> Failed to validate oauth signature and token
>
> I am able to use pin code authorization but I don't want to use it for
> my app. So I hope there is a way how to pass oAuth authentication from
> desktop app using callback url.
>
> Could anyone help me please? It's killing me :(
>
> --
> Twitter developer documentation and resources: https://dev.twitter.com/doc
> API updates via Twitter: https://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> https://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> https://groups.google.com/forum/#!forum/twitter-development-talk
>

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

[twitter-dev] oAuth problem with AIR desktop app - Failed to validate oauth signature and token

[miloshes]

Hi guys,

I am new here, working on yet another twitter client for desktops.
It's Adobe AIR desktop app written in AS3. And I have a problem with
acquiring a request token.

Signature base:
POST&https%3A%2F%2Fapi.twitter.com%2Foauth
%2Frequest_token&oauth_callback=http%3A%2F%2Fgoogle.com
%2F&oauth_consumer_key=b0..ww&oauth_nonce=84950&oauth_signature_method=HMAC-
SHA1&oauth_timestamp=1309385887&oauth_version=1.0

HTTP POST:
https://api.twitter.com/oauth/request_token?oauth_callback=http://twitter.com&oauth_consumer_key=b0..ww&oauth_nonce=82384&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1309374642&oauth_version=1.0&oauth_signature=Cfx..og%

Erro I am getting:
Failed to validate oauth signature and token

I am able to use pin code authorization but I don't want to use it for
my app. So I hope there is a way how to pass oAuth authentication from
desktop app using callback url.

Could anyone help me please? It's killing me :(

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

[twitter-dev] /oauth/request_token - Can't get one

[DoXiD]

First off, i'm uncertain which keys i can and can not post, so i'll
obscure them.

My main problem is that i don't know which keys to send to the
"request_token".


Here is that i'm trying to send:
(Note: time matches the servers, i've made sure of that)
(Note: I have checked so that _all_ my keys are correct)
(Note: I've also made sure that the signature matches up to my content
of POST)

POST /oauth/request_token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Authorization: OAuth oauth_nonce="1309272106", oauth_callback="",
oauth_signature_method="HMAC-SHA1", oauth_timestamp="1309272106",
oauth_consumer_key="pk...8pw", oauth_token="",
oauth_signature="T5...5pQ%3D", oauth_version="1.0"
User-Agent: InetCheck
Host: api.twitter.com
Keep-Alive: 115
Content-Length: 171

oauth_callback=&oauth_consumer_key=pk...
8pw&oauth_nonce=1309272106&oauth_signature_method=HMAC-
SHA1&oauth_timestamp=1309272106&oauth_token=&oauth_version=1.0



After tat i recive either "Failed to validate oauth signature and
token" or just a 401 return code.




I'm trying to get my hands dirty here by developing my own API for
Python.
I know there are some out there but i don't like em + i don't trust
other people.

So i'm running Python2.6.5
And i'm using the modules:
from socket import *
from time import time, gmtime
from random import randint
import base64
import hashlib
import hmac
import urllib

(i know, you're not supposed to do from  import * but i'm just
making some basic code for a skeleton atm).

The code to generate the header + POST data:
(again, just a skeleton, ugly code, will be fixed when i got a working
copy)

dstr = ''
if data:
dstr += ''

for k in ('oauth_callback', 'oauth_consumer_key', 
'oauth_nonce',
'oauth_signature_method', 'oauth_timestamp', 'oauth_token',
'oauth_version'):
if not k in data: raise KeyError("Missing " + k 
+ ", please
specify it at the login")
dstr += k + '=' + data[k] + '&'
dstr = dstr[:-1]

secr = self.keySet[1]
sign_key_base = 'POST' + '&' + urllib.quote_plus('http://
api.twitter.com/oauth/request_token') + '&'
sign_key_base += urllib.quote_plus(dstr)
print 'Using sign base:'
print '\t' + sign_key_base + '\n'
print '\t Key:'
print '\t\t', [data['consumer_secret'] + '&']
print '\t\t', [hmac.new(data['consumer_secret'] + '&',
sign_key_base, hashlib.sha1).digest()]
print '\t\t', 
[base64.encodestring(hmac.new(data['consumer_secret']
+ '&', sign_key_base, hashlib.sha1).digest())]
secr =
urllib.quote(base64.encodestring(hmac.new(data['consumer_secret'] +
'&', sign_key_base, hashlib.sha1).digest()).replace('\n', ''))
print '\t\t', [secr], '\n'

ret = 'POST ' + URL  + ' HTTP/1.1\r\n'
ret += 'Content-Type: application/x-www-form-urlencoded\r\n'

ret += 'Authorization: OAuth oauth_nonce="' + 
data['oauth_nonce'] +
'", '
ret += 'oauth_callback="' + data['oauth_callback'] + '", '
ret += 'oauth_signature_method="HMAC-SHA1", '
ret += 'oauth_timestamp="' + data['oauth_nonce'] + '", '
ret += 'oauth_consumer_key="' + data['oauth_consumer_key'] + 
'", '
ret += 'oauth_token="' + data['oauth_token'] + '", '
ret += 'oauth_signature="' + secr + '", '
ret += 'oauth_version="1.0"\r\n'
ret += 'User-Agent: InetCheck\r\n'
ret += 'Host: ' + host + '\r\n'

ret += 'Keep-Alive: 115\r\nContent-Length: ' + str(len(dstr)) + 
'\r\n
\r\n' + dstr



Please help me, it's getting on my nerves this oAuth stuff,
really never ever came in contact with it until Twitter, sure it looks
like a good security implementation but atm i don't like it :/

Any help is apritiated.



Also, validated my oauth_signature and content via:
http://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iv-signing-requests/

Everyting matches up against what i'm sending to the server.
So if Twitter follows that standard it should all be good.

I don't know tho if i should skip "oauth_callback" since it's an empty
string anyways, or if i should skip "oauth_token" because i don't have
one (also a empty string).

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

[twitter-dev] OAuth IP Change Limited?

[meaglith]

I registed a Twitter application, and deployed with my website on a VPS run
very well.
When I chaged another VPS with new IP to deploy it, I got error within oauth
process:

*OAuth::Unauthorized (401 Unauthorized):*
*
*
After I change back with old IP, it's good again.
The register application domain bind with IP?

Meaglith Ma
---
Twitter: http://twitter.com/startuplabing
Website: http://start-up.im
---

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] OAuth error

[Sreejata Chatterjee]

Hello!

I found out what the problem was. The

$oauth->fetch($url)

needed to specify it was a GET call like:

$oauth->fetch($url, null, OAUTH_HTTP_METHOD_GET,
array('Connection'=>'close'));

It works without those parameters for some versions of PHP+Pecl-Oauth and
not for other :)

Thanks a lot for all your help & suggestions,
@themattharris.





On Fri, Jun 24, 2011 at 7:37 PM, Matt Harris wrote:

> Hi Sreejata,
>
> Thanks for providing this information. Are you able to find out what the
> server is actually sending to the Twitter API. The code you've provided
> shows where the error is happening but not what information is being sent to
> the API.
>
> Without knowing what is being sent by your code it is hard to suggest
> possible causes for the problem.
> Do you know which OAuth library are you using?
>
> Best,
> @themattharris
> Developer Advocate, Twitter
>
>
>
>
> On Fri, Jun 24, 2011 at 5:51 AM, Sreejata Chatterjee 
> wrote:
>
>> Matt! Thank you SO much for the reply... I will try and explain what else
>> I found out. A test example is:
>>
>>
>> >
>> define( "CONSUMER_KEY","*" );
>> define( "CONSUMER_SECRET", "" );
>>
>> $oauth = new
>> OAuth(CONSUMER_KEY,CONSUMER_SECRET,OAUTH_SIG_METHOD_HMACSHA1);
>> $access_token = file_get_contents("access_token");
>> $access_token_secret = file_get_contents("access_token_secret");
>> $oauth->setToken($access_token, $access_token_secret);
>>
>> $url = "http://api.twitter.com/1/statuses/home_timeline.xml";;
>>
>> $oauth->fetch($url);
>> $json = json_decode($oauth->getLastResponse(),true);
>> print_r($json);
>>
>> ?>
>>
>> Now, I tried this script and the same user (@Research4SML) from 3
>> different servers. The results are:
>>
>> CentOS, PHP 5.2.17, and Ubuntu, PHP 5.3.2:
>>
>>> PHP Fatal error:  Uncaught exception 'OAuthException' with message
>>> 'Invalid auth/bad request (got a 400, expected HTTP/1.1 20X or a redirect)'
>>> in /var/www/vhosts/default/iresearch/Scholar/oauth/test.php:14
>>> Stack trace:
>>> #0 /var/www/vhosts/default/iresearch/Scholar/oauth/test.php(14):
>>> OAuth->fetch('http://api.twit...')
>>> #1 {main}
>>>   thrown in /var/www/vhosts/default/iresearch/Scholar/oauth/test.php on
>>> line 14
>>>
>>>
>>
>> From another CentOS machine, PHP 5.2.10, IT WORKS! (Of course I had to
>> generate new tokens for every server).
>> I did the "curl http://api.twitter.com/1/account/rate_limit_status.xml";
>> call from all the servers and there is no rate limiting affecting the
>> results. I need it to work from the CentOS, PHP 5.2.17 machine.
>>
>> What might be the reason behind this behavior and how can I fix it?
>>
>>
>>
>> On Thu, Jun 23, 2011 at 6:06 PM, Matt Harris 
>> wrote:
>>
>>> Hi,
>>>
>>> A 400 error indicates something in the request you are making is
>>> malformed. Are you using a library to make requests or did you create your
>>> own wrapper?
>>>
>>> If you created your own library for making requests you may instead want
>>> to try one of the libraries listed on our developer resources site:
>>> http://dev.twitter.com/pages/libraries
>>>
>>> Moving forward, to help identify the cause of the 400 could you share the
>>> the request header and URL you are sending and the API headers and response
>>> body returned. Remember to remove any OAuth secrets from the code you share.
>>>
>>> Best
>>> @themattharris
>>> Developer Advocate, Twitter
>>>
>>>
>>>
>>>
>>> On Mon, Jun 20, 2011 at 12:39 PM, antiphobe  wrote:
>>>
 The time was in sync and I still used ntpd to reset it. No use.

 I tried to use the same script on different server, same user -> 400
 error (bad request)
 Tried on new server, different user, same script -> it works!

 So I'm lead to believe something might be wrong with the twitter user
 a/c? Is that known to happen?

 --
 Twitter developer documentation and resources:
 https://dev.twitter.com/doc
 API updates via Twitter: https://twitter.com/twitterapi
 Issues/Enhancements Tracker:
 https://code.google.com/p/twitter-api/issues/list
 Change your membership to this group:
 https://groups.google.com/forum/#!forum/twitter-development-talk

>>>
>>>  --
>>> Twitter developer documentation and resources:
>>> https://dev.twitter.com/doc
>>> API updates via Twitter: https://twitter.com/twitterapi
>>> Issues/Enhancements Tracker:
>>> https://code.google.com/p/twitter-api/issues/list
>>> Change your membership to this group:
>>> https://groups.google.com/forum/#!forum/twitter-development-talk
>>>
>>
>>
>>
>> --
>> Sreejata
>> ~~
>> MagicLamp Software Solutions Inc.
>> Halifax, Nova Scotia
>> 902-482-7103, 902-448-6357
>> http://www.magiclampsoft.com
>>
>>  --
>> Twitter developer documentation and resources:
>> http

Re: [twitter-dev] OAuth error

[Matt Harris]

Hi Sreejata,

Thanks for providing this information. Are you able to find out what the
server is actually sending to the Twitter API. The code you've provided
shows where the error is happening but not what information is being sent to
the API.

Without knowing what is being sent by your code it is hard to suggest
possible causes for the problem.
Do you know which OAuth library are you using?

Best,
@themattharris 
Developer Advocate, Twitter



On Fri, Jun 24, 2011 at 5:51 AM, Sreejata Chatterjee wrote:

> Matt! Thank you SO much for the reply... I will try and explain what else I
> found out. A test example is:
>
>
> 
> define( "CONSUMER_KEY","*" );
> define( "CONSUMER_SECRET", "" );
>
> $oauth = new
> OAuth(CONSUMER_KEY,CONSUMER_SECRET,OAUTH_SIG_METHOD_HMACSHA1);
> $access_token = file_get_contents("access_token");
> $access_token_secret = file_get_contents("access_token_secret");
> $oauth->setToken($access_token, $access_token_secret);
>
> $url = "http://api.twitter.com/1/statuses/home_timeline.xml";;
>
> $oauth->fetch($url);
> $json = json_decode($oauth->getLastResponse(),true);
> print_r($json);
>
> ?>
>
> Now, I tried this script and the same user (@Research4SML) from 3 different
> servers. The results are:
>
> CentOS, PHP 5.2.17, and Ubuntu, PHP 5.3.2:
>
>> PHP Fatal error:  Uncaught exception 'OAuthException' with message
>> 'Invalid auth/bad request (got a 400, expected HTTP/1.1 20X or a redirect)'
>> in /var/www/vhosts/default/iresearch/Scholar/oauth/test.php:14
>> Stack trace:
>> #0 /var/www/vhosts/default/iresearch/Scholar/oauth/test.php(14):
>> OAuth->fetch('http://api.twit...')
>> #1 {main}
>>   thrown in /var/www/vhosts/default/iresearch/Scholar/oauth/test.php on
>> line 14
>>
>>
>
> From another CentOS machine, PHP 5.2.10, IT WORKS! (Of course I had to
> generate new tokens for every server).
> I did the "curl http://api.twitter.com/1/account/rate_limit_status.xml";
> call from all the servers and there is no rate limiting affecting the
> results. I need it to work from the CentOS, PHP 5.2.17 machine.
>
> What might be the reason behind this behavior and how can I fix it?
>
>
>
> On Thu, Jun 23, 2011 at 6:06 PM, Matt Harris wrote:
>
>> Hi,
>>
>> A 400 error indicates something in the request you are making is
>> malformed. Are you using a library to make requests or did you create your
>> own wrapper?
>>
>> If you created your own library for making requests you may instead want
>> to try one of the libraries listed on our developer resources site:
>> http://dev.twitter.com/pages/libraries
>>
>> Moving forward, to help identify the cause of the 400 could you share the
>> the request header and URL you are sending and the API headers and response
>> body returned. Remember to remove any OAuth secrets from the code you share.
>>
>> Best
>> @themattharris
>> Developer Advocate, Twitter
>>
>>
>>
>>
>> On Mon, Jun 20, 2011 at 12:39 PM, antiphobe  wrote:
>>
>>> The time was in sync and I still used ntpd to reset it. No use.
>>>
>>> I tried to use the same script on different server, same user -> 400
>>> error (bad request)
>>> Tried on new server, different user, same script -> it works!
>>>
>>> So I'm lead to believe something might be wrong with the twitter user
>>> a/c? Is that known to happen?
>>>
>>> --
>>> Twitter developer documentation and resources:
>>> https://dev.twitter.com/doc
>>> API updates via Twitter: https://twitter.com/twitterapi
>>> Issues/Enhancements Tracker:
>>> https://code.google.com/p/twitter-api/issues/list
>>> Change your membership to this group:
>>> https://groups.google.com/forum/#!forum/twitter-development-talk
>>>
>>
>>  --
>> Twitter developer documentation and resources:
>> https://dev.twitter.com/doc
>> API updates via Twitter: https://twitter.com/twitterapi
>> Issues/Enhancements Tracker:
>> https://code.google.com/p/twitter-api/issues/list
>> Change your membership to this group:
>> https://groups.google.com/forum/#!forum/twitter-development-talk
>>
>
>
>
> --
> Sreejata
> ~~
> MagicLamp Software Solutions Inc.
> Halifax, Nova Scotia
> 902-482-7103, 902-448-6357
> http://www.magiclampsoft.com
>
>  --
> Twitter developer documentation and resources: https://dev.twitter.com/doc
> API updates via Twitter: https://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> https://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> https://groups.google.com/forum/#!forum/twitter-development-talk
>

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] OAuth error

[Sreejata Chatterjee]

Matt! Thank you SO much for the reply... I will try and explain what else I
found out. A test example is:


setToken($access_token, $access_token_secret);

$url = "http://api.twitter.com/1/statuses/home_timeline.xml";;

$oauth->fetch($url);
$json = json_decode($oauth->getLastResponse(),true);
print_r($json);

?>

Now, I tried this script and the same user (@Research4SML) from 3 different
servers. The results are:

CentOS, PHP 5.2.17, and Ubuntu, PHP 5.3.2:

> PHP Fatal error:  Uncaught exception 'OAuthException' with message 'Invalid
> auth/bad request (got a 400, expected HTTP/1.1 20X or a redirect)' in
> /var/www/vhosts/default/iresearch/Scholar/oauth/test.php:14
> Stack trace:
> #0 /var/www/vhosts/default/iresearch/Scholar/oauth/test.php(14):
> OAuth->fetch('http://api.twit...')
> #1 {main}
>   thrown in /var/www/vhosts/default/iresearch/Scholar/oauth/test.php on
> line 14
>
>

>From another CentOS machine, PHP 5.2.10, IT WORKS! (Of course I had to
generate new tokens for every server).
I did the "curl http://api.twitter.com/1/account/rate_limit_status.xml"; call
from all the servers and there is no rate limiting affecting the results. I
need it to work from the CentOS, PHP 5.2.17 machine.

What might be the reason behind this behavior and how can I fix it?



On Thu, Jun 23, 2011 at 6:06 PM, Matt Harris wrote:

> Hi,
>
> A 400 error indicates something in the request you are making is
> malformed. Are you using a library to make requests or did you create your
> own wrapper?
>
> If you created your own library for making requests you may instead want to
> try one of the libraries listed on our developer resources site:
> http://dev.twitter.com/pages/libraries
>
> Moving forward, to help identify the cause of the 400 could you share the
> the request header and URL you are sending and the API headers and response
> body returned. Remember to remove any OAuth secrets from the code you share.
>
> Best
> @themattharris
> Developer Advocate, Twitter
>
>
>
>
> On Mon, Jun 20, 2011 at 12:39 PM, antiphobe  wrote:
>
>> The time was in sync and I still used ntpd to reset it. No use.
>>
>> I tried to use the same script on different server, same user -> 400 error
>> (bad request)
>> Tried on new server, different user, same script -> it works!
>>
>> So I'm lead to believe something might be wrong with the twitter user a/c?
>> Is that known to happen?
>>
>> --
>> Twitter developer documentation and resources:
>> https://dev.twitter.com/doc
>> API updates via Twitter: https://twitter.com/twitterapi
>> Issues/Enhancements Tracker:
>> https://code.google.com/p/twitter-api/issues/list
>> Change your membership to this group:
>> https://groups.google.com/forum/#!forum/twitter-development-talk
>>
>
>  --
> Twitter developer documentation and resources: https://dev.twitter.com/doc
> API updates via Twitter: https://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> https://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> https://groups.google.com/forum/#!forum/twitter-development-talk
>



-- 
Sreejata
~~
MagicLamp Software Solutions Inc.
Halifax, Nova Scotia
902-482-7103, 902-448-6357
http://www.magiclampsoft.com

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] OAuth

[Matt Harris]

Hi Reet,

Our developer resources site includes guidance and examples on how to use
OAuth with the Twitter API. You can find more information on the following
pages...

Authentication:
http://dev.twitter.com/pages/auth

Libraries:
https://dev.twitter.com/pages/libraries

Using One Access Token:
https://dev.twitter.com/pages/oauth_single_token

Best,
@themattharris 
Developer Advocate, Twitter



On Tue, Jun 21, 2011 at 11:10 PM, reet  wrote:

> How to use OAuth?
>
> --
> Twitter developer documentation and resources: https://dev.twitter.com/doc
> API updates via Twitter: https://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> https://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> https://groups.google.com/forum/#!forum/twitter-development-talk
>

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] OAuth error

[Matt Harris]

Hi,

A 400 error indicates something in the request you are making is
malformed. Are you using a library to make requests or did you create your
own wrapper?

If you created your own library for making requests you may instead want to
try one of the libraries listed on our developer resources site:
http://dev.twitter.com/pages/libraries

Moving forward, to help identify the cause of the 400 could you share the
the request header and URL you are sending and the API headers and response
body returned. Remember to remove any OAuth secrets from the code you share.

Best
@themattharris 
Developer Advocate, Twitter



On Mon, Jun 20, 2011 at 12:39 PM, antiphobe  wrote:

> The time was in sync and I still used ntpd to reset it. No use.
>
> I tried to use the same script on different server, same user -> 400 error
> (bad request)
> Tried on new server, different user, same script -> it works!
>
> So I'm lead to believe something might be wrong with the twitter user a/c?
> Is that known to happen?
>
> --
> Twitter developer documentation and resources: https://dev.twitter.com/doc
> API updates via Twitter: https://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> https://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> https://groups.google.com/forum/#!forum/twitter-development-talk
>

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

[twitter-dev] OAuth

[reet]

How to use OAuth?

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] OAuth error

[antiphobe]

The time was in sync and I still used ntpd to reset it. No use. 

I tried to use the same script on different server, same user -> 400 error 
(bad request)
Tried on new server, different user, same script -> it works! 

So I'm lead to believe something might be wrong with the twitter user a/c? 
Is that known to happen?

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] OAuth error

[Pepo Viola]

Hi, if you reinstall the os, take a look of the time config of the server, i
got 4xx error when the timezone of my server was missconfig.


regrets!


2011/6/19 antiphobe 

> I am using a script to try and access the user timeline script. The
> script works. The server the script was originally running on, was
> reinstalled and now, after reconfiguring pecl oauth, it gives the
> error:
>
> PHP Fatal error:  Uncaught exception 'OAuthException' with message
> 'Invalid auth/bad request (got a 400, expected HTTP/1.1 20X or a
> redirect)' in GetTweets.php:29
> Stack trace:
> #0 GetTweets.php(29): OAuth->fetch('http://api.twit...')
> #1 {main}
>  thrown in GetTweets.php on line 29
>
> I know the script works. I have regenerated the consumer tokens and
> access tokens many times. The public key of the server changed due to
> the re-install (but the IP remains the same). Using PHP 5.2.17. Any
> help as to what may cause this will be appreciated.
>
> --
> Twitter developer documentation and resources: https://dev.twitter.com/doc
> API updates via Twitter: https://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> https://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> https://groups.google.com/forum/#!forum/twitter-development-talk
>

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

[twitter-dev] OAuth error

[antiphobe]

I am using a script to try and access the user timeline script. The
script works. The server the script was originally running on, was
reinstalled and now, after reconfiguring pecl oauth, it gives the
error:

PHP Fatal error:  Uncaught exception 'OAuthException' with message
'Invalid auth/bad request (got a 400, expected HTTP/1.1 20X or a
redirect)' in GetTweets.php:29
Stack trace:
#0 GetTweets.php(29): OAuth->fetch('http://api.twit...')
#1 {main}
  thrown in GetTweets.php on line 29

I know the script works. I have regenerated the consumer tokens and
access tokens many times. The public key of the server changed due to
the re-install (but the IP remains the same). Using PHP 5.2.17. Any
help as to what may cause this will be appreciated.

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] Oauth Rate Limit 150 per hour?

[Correa Denzil]

Yes, it works. Thanks :-)

--Regards,
Denzil




On Mon, Jun 6, 2011 at 9:10 PM, Tom van der Woerdt  wrote:
> In that case, try removing everything related to the req variable. Seems
> it's all unrelated to the actual request (unless the oauth library is very
> badly designed, of course). Line 22 all the way up to 35.
>
> Tom
>
>
> On 6/6/11 5:38 PM, Correa Denzil wrote:
>>
>> Well, it turns out it's not the case. Both the points you mentioned
>> weren't the issue as I see it.
>>
>> The issue was while I was creating the client I wasn't supplying the
>> token. Check Line 20 in the gist.
>>
>> https://gist.github.com/1010430
>>
>> --Regards,
>> Denzil
>>
>>
>>
>>
>> On Mon, Jun 6, 2011 at 8:58 PM, Correa Denzil  wrote:
>>>
>>> Tom :
>>>
>>> Are you sure? This gives me a :
>>>
>>> Traceback (most recent call last):
>>>  File "oauth_test.py", line 41, in
>>>    resp, content = req.request(url, "GET")
>>> AttributeError: 'Request' object has no attribute 'request'
>>>
>>> --Regards,
>>> Denzil
>>>
>>>
>>>
>>>
>>> On Mon, Jun 6, 2011 at 8:49 PM, Tom van der Woerdt  wrote:

 On 6/6/11 5:10 PM, Correa Denzil wro
>
> --
> Twitter developer documentation and resources: https://dev.twitter.com/doc
> API updates via Twitter: https://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> https://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> https://groups.google.com/forum/#!forum/twitter-development-talk
>

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] Oauth Rate Limit 150 per hour?

[Tom van der Woerdt]

In that case, try removing everything related to the req variable. Seems 
it's all unrelated to the actual request (unless the oauth library is 
very badly designed, of course). Line 22 all the way up to 35.


Tom


On 6/6/11 5:38 PM, Correa Denzil wrote:

Well, it turns out it's not the case. Both the points you mentioned
weren't the issue as I see it.

The issue was while I was creating the client I wasn't supplying the
token. Check Line 20 in the gist.

https://gist.github.com/1010430

--Regards,
Denzil




On Mon, Jun 6, 2011 at 8:58 PM, Correa Denzil  wrote:

Tom :

Are you sure? This gives me a :

Traceback (most recent call last):
  File "oauth_test.py", line 41, in
resp, content = req.request(url, "GET")
AttributeError: 'Request' object has no attribute 'request'

--Regards,
Denzil




On Mon, Jun 6, 2011 at 8:49 PM, Tom van der Woerdt  wrote:

On 6/6/11 5:10 PM, Correa Denzil wro


--
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] Oauth Rate Limit 150 per hour?

[Correa Denzil]

Well, it turns out it's not the case. Both the points you mentioned
weren't the issue as I see it.

The issue was while I was creating the client I wasn't supplying the
token. Check Line 20 in the gist.

https://gist.github.com/1010430

--Regards,
Denzil




On Mon, Jun 6, 2011 at 8:58 PM, Correa Denzil  wrote:
> Tom :
>
> Are you sure? This gives me a :
>
> Traceback (most recent call last):
>  File "oauth_test.py", line 41, in 
>    resp, content = req.request(url, "GET")
> AttributeError: 'Request' object has no attribute 'request'
>
> --Regards,
> Denzil
>
>
>
>
> On Mon, Jun 6, 2011 at 8:49 PM, Tom van der Woerdt  wrote:
>>
>> On 6/6/11 5:10 PM, Correa Denzil wro
>

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] Oauth Rate Limit 150 per hour?

[Tom van der Woerdt]

Well, of course, don't literally replace the variables, but figure out a 
way to use the req object. I don't know anything about that object so I 
can't help you there.


Tom


On 6/6/11 5:28 PM, Correa Denzil wrote:

Tom :

Are you sure? This gives me a :

Traceback (most recent call last):
   File "oauth_test.py", line 41, in
 resp, content = req.request(url, "GET")
AttributeError: 'Request' object has no attribute 'request'

--Regards,
Denzil




On Mon, Jun 6, 2011 at 8:49 PM, Tom van der Woerdt  wrote:

On 6/6/11 5:10 PM, Correa Denzil wro


--
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] Oauth Rate Limit 150 per hour?

[Correa Denzil]

Tom :

Are you sure? This gives me a :

Traceback (most recent call last):
  File "oauth_test.py", line 41, in 
resp, content = req.request(url, "GET")
AttributeError: 'Request' object has no attribute 'request'

--Regards,
Denzil




On Mon, Jun 6, 2011 at 8:49 PM, Tom van der Woerdt  wrote:
>
> On 6/6/11 5:10 PM, Correa Denzil wro

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] Oauth Rate Limit 150 per hour?

[Tom van der Woerdt]

In the "Make the auth request" part you make a request using "client" 
instead of the already prepared and signed "req" variable. You should 
use "req" to make the request.


Tom

On 6/6/11 5:10 PM, Correa Denzil wrote:

Tom :

Thanks for the reply.

1. You don't sign the test variable, you sign the URL variable, which
isn't an endpoint.
I have changed the same

2. You don't use the req variable to make the request, but instead you
create a new connection which is completely unrelated to the signed
request.

I don't understand this point. What's the change am I supposed to make ?

I have opened up a gist for easier editing : https://gist.github.com/1010430

--Regards,
Denzil




On Mon, Jun 6, 2011 at 8:30 PM, Tom van der Woerdt  wrote:

1. You don't sign the test variable, you sign the URL variable, which isn't
an endpoint.
2. You don't use the req variable to make the request, but instead you
create a new connection which is completely unrelated to the signed request.


--
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] Oauth Rate Limit 150 per hour?

[Correa Denzil]

Tom :

Thanks for the reply.

1. You don't sign the test variable, you sign the URL variable, which
isn't an endpoint.
I have changed the same

2. You don't use the req variable to make the request, but instead you
create a new connection which is completely unrelated to the signed
request.

I don't understand this point. What's the change am I supposed to make ?

I have opened up a gist for easier editing : https://gist.github.com/1010430

--Regards,
Denzil




On Mon, Jun 6, 2011 at 8:30 PM, Tom van der Woerdt  wrote:
> 1. You don't sign the test variable, you sign the URL variable, which isn't
> an endpoint.
> 2. You don't use the req variable to make the request, but instead you
> create a new connection which is completely unrelated to the signed request.

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] Oauth Rate Limit 150 per hour?

[Tom van der Woerdt]

1. You don't sign the test variable, you sign the URL variable, which 
isn't an endpoint.
2. You don't use the req variable to make the request, but instead you 
create a new connection which is completely unrelated to the signed request.


Tom


On 6/6/11 4:54 PM, Correa Denzil wrote:

Is that Python? : Yes

1. You aren't signing using the proper url.
Is the end point URL wrong?

2. You aren't using anything related to the signature on the request (req)
I am a newbie to Python. I am trying to dabble using OAuth. I
understand the OAuth flow but somehow what I am doing seems a bit
tangential to what OAuth is meant for. What should I do to rectify it
?

--Regards,
Denzil




On Mon, Jun 6, 2011 at 8:16 PM, Tom van der Woerdt  wrote:

You aren't using anything related to the signature on the request (req).


--
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] Oauth Rate Limit 150 per hour?

[Correa Denzil]

Is that Python? : Yes

1. You aren't signing using the proper url.
Is the end point URL wrong?

2. You aren't using anything related to the signature on the request (req)
I am a newbie to Python. I am trying to dabble using OAuth. I
understand the OAuth flow but somehow what I am doing seems a bit
tangential to what OAuth is meant for. What should I do to rectify it
?

--Regards,
Denzil




On Mon, Jun 6, 2011 at 8:16 PM, Tom van der Woerdt  wrote:
> You aren't using anything related to the signature on the request (req).

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] Oauth Rate Limit 150 per hour?

[Tom van der Woerdt]

Is that Python? Anyway, not relevant.

1. You aren't signing using the proper url.
2. You aren't using anything related to the signature on the request (req).

Tom


On 6/6/11 4:43 PM, Correa Denzil wrote:

Hi,

I am performing OAuth to sign my requests. I am not developing a web
app. I am trying to harvest some user data. Here's what I do :

import oauth2 as oauth
import time

CONSUMER_KEY = 'xx'
CONSUMER_SECRET = 'xx'
access_key = 'xx'
access_secret_key = 'xxx'

consumer = oauth.Consumer(CONSUMER_KEY, CONSUMER_SECRET)
token = oauth.Token(access_key, access_secret_key)

client = oauth.Client(consumer)

# Set the API end point
url = 'http://api.twitter.com/1'

params = {'oauth_version': "1.0",
   'oauth_nonce': oauth.generate_nonce(),
   'oauth_timestamp': int(time.time()),
   'oauth_token': access_key,
   'oauth_consumer_key': consumer.key,
   'screen_name' : 'denzil_correa'
   }

req = oauth.Request(method="GET", url=url, parameters=params)

# Sign the request.
signature_method = oauth.SignatureMethod_HMAC_SHA1()
req.sign_request(signature_method, consumer, token)

### Make the auth request ###

test = 'http://api.twitter.com/1/account/rate_limit_status.json'

resp, content = client.request(test, "GET")

print resp
print content # prints 'ok'



Here's  the output:

{"reset_time":"Mon Jun 06 14:54:50 +
2011","remaining_hits":132,"hourly_limit":150,"reset_time_in_seconds":1307372090}


Am I missing something?


--Regards,
Denzil



--
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

[twitter-dev] Oauth Rate Limit 150 per hour?

[Correa Denzil]

Hi,

I am performing OAuth to sign my requests. I am not developing a web
app. I am trying to harvest some user data. Here's what I do :

import oauth2 as oauth
import time

CONSUMER_KEY = 'xx'
CONSUMER_SECRET = 'xx'
access_key = 'xx'
access_secret_key = 'xxx'

consumer = oauth.Consumer(CONSUMER_KEY, CONSUMER_SECRET)
token = oauth.Token(access_key, access_secret_key)

client = oauth.Client(consumer)

# Set the API end point
url = 'http://api.twitter.com/1'

params = {'oauth_version': "1.0",
  'oauth_nonce': oauth.generate_nonce(),
  'oauth_timestamp': int(time.time()),
  'oauth_token': access_key,
  'oauth_consumer_key': consumer.key,
  'screen_name' : 'denzil_correa'
  }

req = oauth.Request(method="GET", url=url, parameters=params)

# Sign the request.
signature_method = oauth.SignatureMethod_HMAC_SHA1()
req.sign_request(signature_method, consumer, token)

### Make the auth request ###

test = 'http://api.twitter.com/1/account/rate_limit_status.json'

resp, content = client.request(test, "GET")

print resp
print content # prints 'ok'



Here's  the output:

{"reset_time":"Mon Jun 06 14:54:50 +
2011","remaining_hits":132,"hourly_limit":150,"reset_time_in_seconds":1307372090}


Am I missing something?


--Regards,
Denzil

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] Oauth in Twitter via Python

[Correa Denzil]

Tom :

I probably missed the point. I see the targeted users, their data is
public and accessible using no authentication but the API limits are
too small. I can't gain OAuth access from them. I would like to
increase this to more API calls using OAuth.

--Regards,
Denzil




On Sun, Jun 5, 2011 at 1:41 AM, Tom van der Woerdt  wrote:
> easily

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] Oauth in Twitter via Python

[Tom van der Woerdt]

If you have the permission of the users, you can probably use their 
OAuth tokens, which gives you an almost infinite API limit (actually 
it's still 350 per user, but you won't easily break that). If you want 
to perform an analysis on a group of users without their consent 
(without OAuth access), you'll have to find a better way to do it.


Tom


On 6/4/11 8:12 PM, Correa Denzil wrote:

Oh! I should avoid creating multiple user accounts in that case.

I would like to perform analysis on a target set of users and not
streams. How do I proceed? I should add that 350 requests per hour is
highly insufficient for my use case.

--Regards,
Denzil




On Sat, Jun 4, 2011 at 11:33 PM, Tom van der Woerdt  wrote:

I'd like to point out that this is against the TOS. You should limit your
API requests where possible - for a normal application with user interaction
you won't need more than 350 per hour. If you do some sort of data analysis,
you may need to use streams instead.

Tom


On 6/4/11 7:53 PM, Correa Denzil wrote:

Tom :

Thanks. I will create multiple user accounts. I guess about 20 (350 *
20 = 7000 considering 1 request per second) should solve my issue.



--Regards,
Denzil




On Sat, Jun 4, 2011 at 3:35 AM, Tom van der Woerdtwrote:

If you authenticate, all requests (except for search) will go into the
350
requests. If you want 500, then perform 150 unauthenticated and 350
authenticated. If you need even more, use more accounts to do the
requests.

Tom


On 6/3/11 11:06 PM, Correa Denzil wrote:

Ah! I feel similar.

Which essentially means that despite acquiring data which is publicly
available I will be limited to 150 requests per hour and even OAuth
will not help increasing it to 350 ?


--Regards,
Denzil




On Sat, Jun 4, 2011 at 2:32 AM, James Gifford
  wrote:

The way I'm reading it it falls under 1. But I might be mistaken.

--James Gifford
http://jamesrgifford.com

On Jun 3, 2011, at 17:01, Correa Denzil  wrote:


Hi,

I am collecting Twitter data for my research. The API says that :

[1] "Anonymous calls are based on the IP of the host and are permitted
150 requests per hour. This classification includes unauthenticated
requests (such as RSS feeds), and authenticated requests to resources
that do not require authentication."

[2] "OAuth calls are permitted 350 requests per hour."

I want to seek a clarification on point [1]. Lets say I want to access
a list of followers of a user id (which is public). Would this be
counted as rate limiting under point [1] or point [2] ?


--Regards,
Denzil

--
Twitter developer documentation and resources:
https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker:
https://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
https://groups.google.com/forum/#!forum/twitter-development-talk

--
Twitter developer documentation and resources:
https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker:
https://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
https://groups.google.com/forum/#!forum/twitter-development-talk


--
Twitter developer documentation and resources:
https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker:
https://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
https://groups.google.com/forum/#!forum/twitter-development-talk


--
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker:
https://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
https://groups.google.com/forum/#!forum/twitter-development-talk



--
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] Oauth in Twitter via Python

[Correa Denzil]

Oh! I should avoid creating multiple user accounts in that case.

I would like to perform analysis on a target set of users and not
streams. How do I proceed? I should add that 350 requests per hour is
highly insufficient for my use case.

--Regards,
Denzil




On Sat, Jun 4, 2011 at 11:33 PM, Tom van der Woerdt  wrote:
> I'd like to point out that this is against the TOS. You should limit your
> API requests where possible - for a normal application with user interaction
> you won't need more than 350 per hour. If you do some sort of data analysis,
> you may need to use streams instead.
>
> Tom
>
>
> On 6/4/11 7:53 PM, Correa Denzil wrote:
>>
>> Tom :
>>
>> Thanks. I will create multiple user accounts. I guess about 20 (350 *
>> 20 = 7000 considering 1 request per second) should solve my issue.
>>
>>
>>
>> --Regards,
>> Denzil
>>
>>
>>
>>
>> On Sat, Jun 4, 2011 at 3:35 AM, Tom van der Woerdt  wrote:
>>>
>>> If you authenticate, all requests (except for search) will go into the
>>> 350
>>> requests. If you want 500, then perform 150 unauthenticated and 350
>>> authenticated. If you need even more, use more accounts to do the
>>> requests.
>>>
>>> Tom
>>>
>>>
>>> On 6/3/11 11:06 PM, Correa Denzil wrote:

 Ah! I feel similar.

 Which essentially means that despite acquiring data which is publicly
 available I will be limited to 150 requests per hour and even OAuth
 will not help increasing it to 350 ?


 --Regards,
 Denzil




 On Sat, Jun 4, 2011 at 2:32 AM, James Gifford
  wrote:
>
> The way I'm reading it it falls under 1. But I might be mistaken.
>
> --James Gifford
> http://jamesrgifford.com
>
> On Jun 3, 2011, at 17:01, Correa Denzil    wrote:
>
>> Hi,
>>
>> I am collecting Twitter data for my research. The API says that :
>>
>> [1] "Anonymous calls are based on the IP of the host and are permitted
>> 150 requests per hour. This classification includes unauthenticated
>> requests (such as RSS feeds), and authenticated requests to resources
>> that do not require authentication."
>>
>> [2] "OAuth calls are permitted 350 requests per hour."
>>
>> I want to seek a clarification on point [1]. Lets say I want to access
>> a list of followers of a user id (which is public). Would this be
>> counted as rate limiting under point [1] or point [2] ?
>>
>>
>> --Regards,
>> Denzil
>>
>> --
>> Twitter developer documentation and resources:
>> https://dev.twitter.com/doc
>> API updates via Twitter: https://twitter.com/twitterapi
>> Issues/Enhancements Tracker:
>> https://code.google.com/p/twitter-api/issues/list
>> Change your membership to this group:
>> https://groups.google.com/forum/#!forum/twitter-development-talk
>
> --
> Twitter developer documentation and resources:
> https://dev.twitter.com/doc
> API updates via Twitter: https://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> https://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> https://groups.google.com/forum/#!forum/twitter-development-talk
>
>>> --
>>> Twitter developer documentation and resources:
>>> https://dev.twitter.com/doc
>>> API updates via Twitter: https://twitter.com/twitterapi
>>> Issues/Enhancements Tracker:
>>> https://code.google.com/p/twitter-api/issues/list
>>> Change your membership to this group:
>>> https://groups.google.com/forum/#!forum/twitter-development-talk
>>>
>
> --
> Twitter developer documentation and resources: https://dev.twitter.com/doc
> API updates via Twitter: https://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> https://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> https://groups.google.com/forum/#!forum/twitter-development-talk
>

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] Oauth in Twitter via Python

[Tom van der Woerdt]

I'd like to point out that this is against the TOS. You should limit 
your API requests where possible - for a normal application with user 
interaction you won't need more than 350 per hour. If you do some sort 
of data analysis, you may need to use streams instead.


Tom


On 6/4/11 7:53 PM, Correa Denzil wrote:

Tom :

Thanks. I will create multiple user accounts. I guess about 20 (350 *
20 = 7000 considering 1 request per second) should solve my issue.



--Regards,
Denzil




On Sat, Jun 4, 2011 at 3:35 AM, Tom van der Woerdt  wrote:

If you authenticate, all requests (except for search) will go into the 350
requests. If you want 500, then perform 150 unauthenticated and 350
authenticated. If you need even more, use more accounts to do the requests.

Tom


On 6/3/11 11:06 PM, Correa Denzil wrote:

Ah! I feel similar.

Which essentially means that despite acquiring data which is publicly
available I will be limited to 150 requests per hour and even OAuth
will not help increasing it to 350 ?


--Regards,
Denzil




On Sat, Jun 4, 2011 at 2:32 AM, James Gifford
  wrote:

The way I'm reading it it falls under 1. But I might be mistaken.

--James Gifford
http://jamesrgifford.com

On Jun 3, 2011, at 17:01, Correa Denzilwrote:


Hi,

I am collecting Twitter data for my research. The API says that :

[1] "Anonymous calls are based on the IP of the host and are permitted
150 requests per hour. This classification includes unauthenticated
requests (such as RSS feeds), and authenticated requests to resources
that do not require authentication."

[2] "OAuth calls are permitted 350 requests per hour."

I want to seek a clarification on point [1]. Lets say I want to access
a list of followers of a user id (which is public). Would this be
counted as rate limiting under point [1] or point [2] ?


--Regards,
Denzil

--
Twitter developer documentation and resources:
https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker:
https://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
https://groups.google.com/forum/#!forum/twitter-development-talk

--
Twitter developer documentation and resources:
https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker:
https://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
https://groups.google.com/forum/#!forum/twitter-development-talk


--
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker:
https://code.google.com/p/twitter-api/issues/list
Change your membership to this group:
https://groups.google.com/forum/#!forum/twitter-development-talk



--
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] Oauth in Twitter via Python

[Correa Denzil]

Tom :

Thanks. I will create multiple user accounts. I guess about 20 (350 *
20 = 7000 considering 1 request per second) should solve my issue.



--Regards,
Denzil




On Sat, Jun 4, 2011 at 3:35 AM, Tom van der Woerdt  wrote:
> If you authenticate, all requests (except for search) will go into the 350
> requests. If you want 500, then perform 150 unauthenticated and 350
> authenticated. If you need even more, use more accounts to do the requests.
>
> Tom
>
>
> On 6/3/11 11:06 PM, Correa Denzil wrote:
>>
>> Ah! I feel similar.
>>
>> Which essentially means that despite acquiring data which is publicly
>> available I will be limited to 150 requests per hour and even OAuth
>> will not help increasing it to 350 ?
>>
>>
>> --Regards,
>> Denzil
>>
>>
>>
>>
>> On Sat, Jun 4, 2011 at 2:32 AM, James Gifford
>>  wrote:
>>>
>>> The way I'm reading it it falls under 1. But I might be mistaken.
>>>
>>> --James Gifford
>>> http://jamesrgifford.com
>>>
>>> On Jun 3, 2011, at 17:01, Correa Denzil  wrote:
>>>
 Hi,

 I am collecting Twitter data for my research. The API says that :

 [1] "Anonymous calls are based on the IP of the host and are permitted
 150 requests per hour. This classification includes unauthenticated
 requests (such as RSS feeds), and authenticated requests to resources
 that do not require authentication."

 [2] "OAuth calls are permitted 350 requests per hour."

 I want to seek a clarification on point [1]. Lets say I want to access
 a list of followers of a user id (which is public). Would this be
 counted as rate limiting under point [1] or point [2] ?


 --Regards,
 Denzil

 --
 Twitter developer documentation and resources:
 https://dev.twitter.com/doc
 API updates via Twitter: https://twitter.com/twitterapi
 Issues/Enhancements Tracker:
 https://code.google.com/p/twitter-api/issues/list
 Change your membership to this group:
 https://groups.google.com/forum/#!forum/twitter-development-talk
>>>
>>> --
>>> Twitter developer documentation and resources:
>>> https://dev.twitter.com/doc
>>> API updates via Twitter: https://twitter.com/twitterapi
>>> Issues/Enhancements Tracker:
>>> https://code.google.com/p/twitter-api/issues/list
>>> Change your membership to this group:
>>> https://groups.google.com/forum/#!forum/twitter-development-talk
>>>
>
> --
> Twitter developer documentation and resources: https://dev.twitter.com/doc
> API updates via Twitter: https://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> https://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> https://groups.google.com/forum/#!forum/twitter-development-talk
>

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] Oauth in Twitter via Python

[Tom van der Woerdt]

If you authenticate, all requests (except for search) will go into the 
350 requests. If you want 500, then perform 150 unauthenticated and 350 
authenticated. If you need even more, use more accounts to do the requests.


Tom


On 6/3/11 11:06 PM, Correa Denzil wrote:

Ah! I feel similar.

Which essentially means that despite acquiring data which is publicly
available I will be limited to 150 requests per hour and even OAuth
will not help increasing it to 350 ?


--Regards,
Denzil




On Sat, Jun 4, 2011 at 2:32 AM, James Gifford  wrote:

The way I'm reading it it falls under 1. But I might be mistaken.

--James Gifford
http://jamesrgifford.com

On Jun 3, 2011, at 17:01, Correa Denzil  wrote:


Hi,

I am collecting Twitter data for my research. The API says that :

[1] "Anonymous calls are based on the IP of the host and are permitted
150 requests per hour. This classification includes unauthenticated
requests (such as RSS feeds), and authenticated requests to resources
that do not require authentication."

[2] "OAuth calls are permitted 350 requests per hour."

I want to seek a clarification on point [1]. Lets say I want to access
a list of followers of a user id (which is public). Would this be
counted as rate limiting under point [1] or point [2] ?


--Regards,
Denzil

--
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

--
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk



--
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] Oauth in Twitter via Python

[Correa Denzil]

Ah! I feel similar.

Which essentially means that despite acquiring data which is publicly
available I will be limited to 150 requests per hour and even OAuth
will not help increasing it to 350 ?


--Regards,
Denzil




On Sat, Jun 4, 2011 at 2:32 AM, James Gifford  wrote:
> The way I'm reading it it falls under 1. But I might be mistaken.
>
> --James Gifford
> http://jamesrgifford.com
>
> On Jun 3, 2011, at 17:01, Correa Denzil  wrote:
>
>> Hi,
>>
>> I am collecting Twitter data for my research. The API says that :
>>
>> [1] "Anonymous calls are based on the IP of the host and are permitted
>> 150 requests per hour. This classification includes unauthenticated
>> requests (such as RSS feeds), and authenticated requests to resources
>> that do not require authentication."
>>
>> [2] "OAuth calls are permitted 350 requests per hour."
>>
>> I want to seek a clarification on point [1]. Lets say I want to access
>> a list of followers of a user id (which is public). Would this be
>> counted as rate limiting under point [1] or point [2] ?
>>
>>
>> --Regards,
>> Denzil
>>
>> --
>> Twitter developer documentation and resources: https://dev.twitter.com/doc
>> API updates via Twitter: https://twitter.com/twitterapi
>> Issues/Enhancements Tracker: 
>> https://code.google.com/p/twitter-api/issues/list
>> Change your membership to this group: 
>> https://groups.google.com/forum/#!forum/twitter-development-talk
>
> --
> Twitter developer documentation and resources: https://dev.twitter.com/doc
> API updates via Twitter: https://twitter.com/twitterapi
> Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
> Change your membership to this group: 
> https://groups.google.com/forum/#!forum/twitter-development-talk
>

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] Oauth in Twitter via Python

[James Gifford]

The way I'm reading it it falls under 1. But I might be mistaken.

--James Gifford
http://jamesrgifford.com

On Jun 3, 2011, at 17:01, Correa Denzil  wrote:

> Hi,
>
> I am collecting Twitter data for my research. The API says that :
>
> [1] "Anonymous calls are based on the IP of the host and are permitted
> 150 requests per hour. This classification includes unauthenticated
> requests (such as RSS feeds), and authenticated requests to resources
> that do not require authentication."
>
> [2] "OAuth calls are permitted 350 requests per hour."
>
> I want to seek a clarification on point [1]. Lets say I want to access
> a list of followers of a user id (which is public). Would this be
> counted as rate limiting under point [1] or point [2] ?
>
>
> --Regards,
> Denzil
>
> --
> Twitter developer documentation and resources: https://dev.twitter.com/doc
> API updates via Twitter: https://twitter.com/twitterapi
> Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
> Change your membership to this group: 
> https://groups.google.com/forum/#!forum/twitter-development-talk

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

[twitter-dev] Oauth in Twitter via Python

[Correa Denzil]

Hi,

I am collecting Twitter data for my research. The API says that :

[1] "Anonymous calls are based on the IP of the host and are permitted
150 requests per hour. This classification includes unauthenticated
requests (such as RSS feeds), and authenticated requests to resources
that do not require authentication."

[2] "OAuth calls are permitted 350 requests per hour."

I want to seek a clarification on point [1]. Lets say I want to access
a list of followers of a user id (which is public). Would this be
counted as rate limiting under point [1] or point [2] ?


--Regards,
Denzil

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

[twitter-dev] OAuth webpage on Windows Phone 7

[mnielsen]

Recent changes in the OAuth WebPage has problems on Windows Phone 7's
browser. When you click the username or passwork box, the watermark
doesn't disappear, and you end up typing your information on top of
the watermark. This makes the text completely unreadable.

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

[twitter-dev] oauth weird issue

[John]

I have an app that hasn't changed and has been working fine for
months. But the other day it stopped working. Heres what i'm
experiencing:

-login, favorites, lists still works fine
-home, mentions and DMs give 'invalid signature' oauth error

Other people have reported the same issue but for others the app works
fine.

This first occurred after I came back from vacation from another
country and I tried to use the app from a device that I hadn't used in
months. The date/time on this device was incorrect causing oauth to
not work. When I update the date/time it allowed me to login but was
getting errors for home/mentions/DMs. The error seemed to pass over to
my other device which never had this problem and had been using on
vacation.

I tried testing my twitter account with other twitter apps on the same
device and had the same issue on one but worked fine on another.

any ideas?

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

[twitter-dev] oAuth with twitpic or yfrog photo uploads in mobile apps

[Frank Ash]

I am having some trouble integrating either yfrog or twitpic into my
app. All the others I see are asking for users names and passwords
inside the app, and not using oauth. Is it possible to let people post
pictures to their stream using one of these services if the
application uses only oAuth and not xauth? I am just assuming the
people asking for account and passwords are using xauth.

I am trying to integrate it using their new API which uses oauth
access tokens.

I get this error consistently:
 "Timed out verifying authentication token with Twitter.com. This
could be a problem with TwitPic servers. Try again later."

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

[twitter-dev] OAuth problem

[Joseph]

Hi
i am a newbie here so please... patience
I have a simple problem
i am using Twitter4j as a client library (just a detail as my problem
does not related to it)

twitter4j does its job, i can get a request token , i can get an
authorize url , i can even get a valid access token

all works fine and i get back an access token, and when i check my
twitter application setting, i get my application authorized
so far so good
BUT
when i click on the sign with twitter link again (the link pointing to
the authorize url), it repeat the same process
and redirect me to the twitter authorize page (redisplay the page
again) instead of redirecting
me to my site again as i previously authorized the application for
this account
WHAT IS HAPPENING?

in my situation , it keep representing the authorize screen to the
user every time he clicks the authURL link
this happen even if the application is listed in the user's connected
application
and every time it return the same access token, so this is recorder
and stored at twitter

SO WHAT IS WRONG?

it seams that twitter cannot recognize that the client has benn
authorized before and represent the authorize screen again
it may be something related to how twitter stores and interact with
cookies
i cannot figure out what is happening, i used another account from
another browser and the problem persist

PLEASE HELP

Thanks
Joe

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] Oauth problem error 401

[Arnaud Meunier]

Hey Javier,

We do not support OAuth 2.0 but OAuth 1.0a. If you're looking for a Twitter
/ OAuth 1.0a library, take on look on this page:
https://dev.twitter.com/pages/libraries

Hope that helps!
Arnaud / @rno 



2011/5/19 Javier Solís 

> Hi, i have the problem related here.
> http://code.google.com/p/twitter-api/issues/detail?id=1345
>
> I readed a lot, but  i can't find the solution.
>
> I used Oauth 2.0, any ideas.  The api works fine but fail a lot of
> methods.
> For example fail with
> Get Retweets sent by User
> Get Retweets sent to User
> Get Retweets Of User
> Get Retweets of the specified tweet
> Retweet a Tweet
> Retweeted By
> Get Home Timeline
> User Lookup
> Users Search
>
>
> Thanks.
>
> Javier
>
> --
> Twitter developer documentation and resources: https://dev.twitter.com/doc
> API updates via Twitter: https://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> https://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> https://groups.google.com/forum/#!forum/twitter-development-talk
>

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

[twitter-dev] Oauth problem error 401

[Javier Solís]

Hi, i have the problem related here.  
http://code.google.com/p/twitter-api/issues/detail?id=1345

I readed a lot, but  i can't find the solution.

I used Oauth 2.0, any ideas.  The api works fine but fail a lot of
methods.
For example fail with
Get Retweets sent by User
Get Retweets sent to User
Get Retweets Of User
Get Retweets of the specified tweet
Retweet a Tweet
Retweeted By
Get Home Timeline
User Lookup
Users Search


Thanks.

Javier

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

[twitter-dev] Oauth authorize isn't working consistently

[Aaron Rankin]

I'm posting in case Twitter is unaware. The authorize page/process is
regularly returning no tokens. It is working some of the time. Our
users have reported this since Wednesday.

Aaron Rankin
Sprout Social

-- 
Twitter developer documentation and resources: https://dev.twitter.com/doc
API updates via Twitter: https://twitter.com/twitterapi
Issues/Enhancements Tracker: https://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
https://groups.google.com/forum/#!forum/twitter-development-talk

Re: [twitter-dev] OAuth Authorization screen on Windows Phone 7 (WebBrowser control)

[Ben Ward]

Hi Chris, Matthieu and any others running into this issue:

On May 3, 2011, at 5:00 PM, LoungeFlyZ wrote:

> Something has changed in the last few days and now the page is
> rendering a little "better" but scrolling/panning/zooming isnt working
> & i cant enter text in the username or password fields.
> 
> Is there anything i can do to help diagnose this issue?

The update we put out this morning fixes the general rendering of the OAuth 
screen in WP7 (there's a couple more minor layout improvement tweaks coming as 
well, but the blocking problem is rectified.) It now works perfectly in Mobile 
IE on the phone, but for reasons which are inexplicable, loading the exact same 
page within a phone:WebBrowser control in an application suffers from cropped 
rendering and the no-scrolling behaviour described here.

Having spent a few hours in Visual Studio, and reproduced it, it appears you 
can work around the issue by setting IsScriptEnabled="False" on the control.

I'll continue to investigate what's causing the render bug, but the above fix 
should hopefully set everybody running again.

Thanks for your patience, and to Chris and Matthieu for corresponding with me 
on Twitter whilst debugging the issue.

Ben

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] oAuth passthrough

[Taylor Singletary]

Hi Scott,

There's an extension to OAuth that our team developed for this purpose --
while it's not incredibly wide-spread, it's a viable way to defer
credentials.

Check out http://dev.twitter.com/pages/oauth_echo -- the docs are very
Twitter-centric in this case, but the model can really be generalized to any
API that has a distinct credential validation method (and even if it
doesn't, you can piggy-back onto an alternate method).

@episod  - Taylor Singletary


On Tue, Apr 26, 2011 at 1:01 PM, Scott Herbert <
scott.a.herb...@googlemail.com> wrote:

> I'm sure this has been asked thousands of time, but I can't locate
> where so I'll ask it anyway.
>
> I'm in the early stages of implementing a web app which uses Twitter
> (and Facebook) as authorising agents for the user to login. There is
> currently (currently in the design) no direct user login (i.e. no
> username/password combo for my site) just authorisation via the two
> largest social media sites.
>
> This is done in order to simplify the sign-up process (three click and
> your signed-up one and your logged in, and no additional password to
> remember) and add to the sites security (fb and twitter's security
> system is better then I could design).
>
> As I say I'm in the early stages, but I thought it's prudent to think
> ahead and so I was brainstorming an API (what data could I expose to
> third parties, could I take payments/sales and make payments etc.) and
> hit a snag.
>
> Since I'm not allowing users to have their own passwords for the site
> and all logins are via oAuth (I don't know if FB call it oAuth, but
> the workflows the same) how do I allow third parties to log users in?
>
> I can't provide them my tokens (Even I'm not that insane), and I've
> got a feeling using my server as an proxy to pass the oAuth data back
> and forward would be against the rules (or just not work) as it feels
> like something I would ban to prevent phishing.
>
> So how do I allow users to login to my site via twitter (and for a
> bonus point facebook) using third party apps (mobile, desktop, web
> etc.)
>
> Thanks in advance
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] oAuth passthrough

[Scott Herbert]

I'm sure this has been asked thousands of time, but I can't locate
where so I'll ask it anyway.

I'm in the early stages of implementing a web app which uses Twitter
(and Facebook) as authorising agents for the user to login. There is
currently (currently in the design) no direct user login (i.e. no
username/password combo for my site) just authorisation via the two
largest social media sites.

This is done in order to simplify the sign-up process (three click and
your signed-up one and your logged in, and no additional password to
remember) and add to the sites security (fb and twitter's security
system is better then I could design).

As I say I'm in the early stages, but I thought it's prudent to think
ahead and so I was brainstorming an API (what data could I expose to
third parties, could I take payments/sales and make payments etc.) and
hit a snag.

Since I'm not allowing users to have their own passwords for the site
and all logins are via oAuth (I don't know if FB call it oAuth, but
the workflows the same) how do I allow third parties to log users in?

I can't provide them my tokens (Even I'm not that insane), and I've
got a feeling using my server as an proxy to pass the oAuth data back
and forward would be against the rules (or just not work) as it feels
like something I would ban to prevent phishing.

So how do I allow users to login to my site via twitter (and for a
bonus point facebook) using third party apps (mobile, desktop, web
etc.)

Thanks in advance

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] OAuth token lifetime

[CWorster]

2011/4/23 yeohray :
> If my app has used OAuth to log on, and can now send tweets, how long
> can I use the token for?  Is it indefinite, or a set amount of time,
> after which I have to repeat the OAuth logon process again?

Hi,

quote from the FAQ:

How long does an access token last?

We do not currently expire access tokens. Your access token will be
invalid if a user explicitly rejects your application from their
settings or if a Twitter admin suspends your application. If your
application is suspended there will be a note on your application page
saying that it has been suspended.

-> http://dev.twitter.com/pages/oauth_faq

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] OAuth token lifetime

[yeohray]

If my app has used OAuth to log on, and can now send tweets, how long
can I use the token for?  Is it indefinite, or a set amount of time,
after which I have to repeat the OAuth logon process again?

Thanks in advance.

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] OAuth

[s4l4x]

Hi all. I'm new to OAuth and have a basic question. Does using OAuth
require the user to login via a web page or view to the twitter site
in order to authenticate my application? Or can I do this on their
behalf without needing to render web content?  Perhaps this isn't my
issue, but I just started with MGTwitterEngine and am getting 401's.
Thanks!!

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] OAuth

[Kabelo]

Hi guys,
I have a problem getting the token and token_secret from twitter. The
application was working fine at first, but could only connect to my
account as I had hard coded the token and token_secret. But now I
can't even go back to when it was working. Here is the code I am
using:

Try
   If My.Settings.Token.Trim.Length = 0 Then
 
twitter.GetAuthorizationLink(My.Settings.ConsumerKey,
My.Settings.ConsumerSecret)
My.Settings.Token = twitter.OAuth_Token
My.Settings.TokenSecret =
twitter.OAuth_TokenSecret
My.Settings.Save()
   Else
twitter.AuthenticateWith(My.Settings.ConsumerKey,
My.Settings.ConsumerSecret, My.Settings.Token,
My.Settings.TokenSecret)
   End If
...

...
   Catch ex As TwitterAPIException
   MessageBox.Show(ex.Message, "API Error",
MessageBoxButtons.OK, MessageBoxIcon.Error)
   Application.Exit()
  Catch ex As Exception
   MessageBox.Show(ex.Message, "Error",
MessageBoxButtons.OK, MessageBoxIcon.Error)
   Application.Exit()
  End Try

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] oauth for my app and my own twitter accounts

[Scott Crevier]

I've got a couple of my own apps (run from a linux shell) that tweet
for various purposes (i.e. automatic tweets of today's weather data on
my own twitter account). These apps need to be able to tweet on behalf
of several twitter accounts, all of which I own. These worked very
well with basic authentication. I didn't have to worry about storing
customers' passwords because I have no customers. It's all my own
stuff.

Is there a simpler method to use than the full OAuth solution?

I read the info here: http://dev.twitter.com/pages/auth_overview

I can't tell if any of the methods described fit my situation. Bottom
line is that I have no customers, no third parties using my apps. Is
there an ideal authentication method for this situation?

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] oAuth problems with GET params - Incorrect Signature

[estrazulas]

After autentication using oAuth Adapter  
(http://developer.appcelerator.com/blog/2010/07/twitter-oauth-implementation-for-titanium-mobile.html),  
i need use verify_credentials method.


This method require GET params. I change code here:

var params = "?true=1";
for (var p in parameterMap) {
Ti.API.debug(p + ': ' + parameterMap[p]);
params += "&"+p+"="+escape(parameterMap[p]);
}
Ti.API.info(pUrl+params);
var client = Ti.Network.createHTTPClient();
client.open('GET', pUrl+params, false);

I only receive this return: "error":"Incorrect signature" but the update  
method of sending parameters through the post works


Im going crazy now, pls help :P
thanks

--
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] Oauth from iFrame

[Taylor Singletary]

Hi Trevor,

We make small security tweaks all the time -- IFRAMEs make it very difficult
for the end user to verify the authenticity of twitter.com while they are
entering their login credentials -- the user should always be able to
clearly see the URL in the browser's standard representation of a "location
bar."

@episod  - Taylor Singletary


On Tue, Mar 29, 2011 at 4:00 AM, Trevor Dean  wrote:

> I am launching the twitter authorization page from my site which is in an
> iFrame, this used to work but now the authorization page won't load inside
> the iFrame.  Has something changed?  I posted this yesterday and
> haven't received any response, can someone from twitter weigh in on this?
>
>
> Trevor
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] Oauth from iFrame

[Trevor Dean]

I am launching the twitter authorization page from my site which is in an
iFrame, this used to work but now the authorization page won't load inside
the iFrame.  Has something changed?  I posted this yesterday and
haven't received any response, can someone from twitter weigh in on this?


Trevor

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] oAuth Tweet of me api call Could not authenticate

[@matheuseduardo]

Abraham! nice to see you here!

I'm having problem with oAuth, experiencing always 401 not authorized..

did you have been reported about this error? any solution or tip/trick about 
this?

Rgds

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] oAuth Tweet of me api call Could not authenticate

[Abraham Williams]

You are making the retweets_of_me request directly with cURL instead of with
TwitterOAuth. You should do something like:

$content = $connection->get('statuses/retweets_of_me');

Abraham
-
Abraham Williams | Hacker Advocate | abrah.am
Just launched from Answerly :
InboxQfor Chrome
@abraham  | github.com/abraham | blog.abrah.am
This email is: [ ] shareable [x] ask first [ ] private.



On Tue, Mar 22, 2011 at 02:11, deepak  wrote:

> Hi,
>
> we are using the below code to make api call
> The api call to fetch tweet is not working but api call for credential
> is working fine.
>
> It is showing the below error
>
> {"request":"\/1\/statuses\/retweets_of_me.json?","error":"Could not
> authenticate you."}
>
>
> Please see the below code
>
> 
>
>define('CONSUMER_KEY', $param['CONSUMER_KEY']);
>define('CONSUMER_SECRET',$param['CONSUMER_SECRET']);
>define('OAUTH_CALLBACK', $param['OAUTH_CALLBACK']);
>
>
>if(!isset($_SESSION['oauth_token']) ||
> empty($_SESSION['oauth_token'])){
>/* Build TwitterOAuth object with client
> credentials. */
>$connection = new TwitterOAuth(CONSUMER_KEY,
> CONSUMER_SECRET);
>
>/* Get temporary credentials. */
>$request_token =
> $connection->getRequestToken(OAUTH_CALLBACK);
>
>/* Save temporary credentials to session. */
>$_SESSION['oauth_token'] = $token =
> $request_token['oauth_token'];
>$_SESSION['oauth_token_secret'] =
> $request_token['oauth_token_secret'];
>
>/* If last connection failed don't display
> authorization link. */
>switch ($connection->http_code) {
>  case 200:
>/* Build authorize URL and redirect user to
> Twitter. */
>$url = $connection->getAuthorizeURL($token);
>header('Location: ' . $url);
>
>break;
>  default:
>/* Show notification if something went
> wrong. */
>echo 'Could not connect to Twitter. Refresh
> the page or try again
> later.';
>}
>}
>
>
>  
> //
>/* Create TwitteroAuth object with app key/secret and token
> key/
> secret from default phase */
>$connection = new TwitterOAuth(CONSUMER_KEY,
> CONSUMER_SECRET,
> $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);
>
>/* Request access tokens from twitter */
>$access_token = $connection-
> >getAccessToken($_REQUEST['oauth_verifier']);
>
>/* Save the access tokens. Normally these would be saved in
> a
> database for future use. */
>$_SESSION['access_token'] = $access_token;
>
>
>
>/* If HTTP response is 200 continue otherwise send to
> connect page
> to retry */
>if (200 == $connection->http_code) {
>
>/* The user has been verified and the access tokens
> can be saved
> for future use */
>$_SESSION['status'] = 'verified';
>
>/* Get user access tokens out of the session. */
>$access_token = $_SESSION['access_token'];
>
>/* Create a TwitterOauth object with consumer/user
> tokens. */
>$connection = new TwitterOAuth(CONSUMER_KEY,
> CONSUMER_SECRET,
> $access_token['oauth_token'], $access_token['oauth_token_secret']);
>
>/* If method is set change API call made. Test is
> called by
> default. */
>$content =
> $connection->get('account/verify_credentials');
>
> $api = 'http://api.twitter.com/1/statuses/
> retweets_of_me.json';
>
>// twitter follower api
>$ch = curl_init();
>curl_setopt($ch, CURLOPT_URL, $api);
>curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
>$content= curl_exec($ch);
>curl_close($ch);
>   print_r($content);
>session_destroy();
>
>return $content;
>
>} else {
>
> /* Save HTTP status for error dialog on connnect
> page.*/
>if($this->debug){
>echo $connection->http_code. ' invalid
> response code. ';
>}
>return false;
> 

[twitter-dev] oAuth Tweet of me api call Could not authenticate

[deepak]

Hi,

we are using the below code to make api call
The api call to fetch tweet is not working but api call for credential
is working fine.

It is showing the below error

{"request":"\/1\/statuses\/retweets_of_me.json?","error":"Could not
authenticate you."}


Please see the below code


define('CONSUMER_KEY', $param['CONSUMER_KEY']);
define('CONSUMER_SECRET',$param['CONSUMER_SECRET']);
define('OAUTH_CALLBACK', $param['OAUTH_CALLBACK']);


if(!isset($_SESSION['oauth_token']) ||
empty($_SESSION['oauth_token'])){
/* Build TwitterOAuth object with client credentials. */
$connection = new TwitterOAuth(CONSUMER_KEY, 
CONSUMER_SECRET);

/* Get temporary credentials. */
$request_token = 
$connection->getRequestToken(OAUTH_CALLBACK);

/* Save temporary credentials to session. */
$_SESSION['oauth_token'] = $token = 
$request_token['oauth_token'];
$_SESSION['oauth_token_secret'] =
$request_token['oauth_token_secret'];

/* If last connection failed don't display 
authorization link. */
switch ($connection->http_code) {
  case 200:
/* Build authorize URL and redirect user to 
Twitter. */
$url = $connection->getAuthorizeURL($token);
header('Location: ' . $url);

break;
  default:
/* Show notification if something went wrong. */
echo 'Could not connect to Twitter. Refresh the 
page or try again
later.';
}
}


//
/* Create TwitteroAuth object with app key/secret and token key/
secret from default phase */
$connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET,
$_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);

/* Request access tokens from twitter */
$access_token = $connection-
>getAccessToken($_REQUEST['oauth_verifier']);

/* Save the access tokens. Normally these would be saved in a
database for future use. */
$_SESSION['access_token'] = $access_token;



/* If HTTP response is 200 continue otherwise send to connect 
page
to retry */
if (200 == $connection->http_code) {

/* The user has been verified and the access tokens can 
be saved
for future use */
$_SESSION['status'] = 'verified';

/* Get user access tokens out of the session. */
$access_token = $_SESSION['access_token'];

/* Create a TwitterOauth object with consumer/user 
tokens. */
$connection = new TwitterOAuth(CONSUMER_KEY, 
CONSUMER_SECRET,
$access_token['oauth_token'], $access_token['oauth_token_secret']);

/* If method is set change API call made. Test is 
called by
default. */
$content = 
$connection->get('account/verify_credentials');

 $api = 'http://api.twitter.com/1/statuses/
retweets_of_me.json';

// twitter follower api
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $api);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$content= curl_exec($ch);
curl_close($ch);
   print_r($content);
session_destroy();

return $content;

} else {

 /* Save HTTP status for error dialog on connnect 
page.*/
if($this->debug){
echo $connection->http_code. ' invalid response 
code. ';
}
return false;
}

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] OAuth without read or write access

[tomgibara]

I'm developing an application in which I want to allow users to
authenticate themselves with their twitter account. I need nothing
more back from the authentication API than an ID that identifies the
user; I don't want any access to any other account details or their
tweets etc. In other words, I don't want read access. Is this
possible?

It seems not, because the application registration page offers only
read or read/write. If this is the case, are there any plans to
support an "authenticate only" option for applications?

I did search this group for related threads but only found this post,
which had no replies:

http://groups.google.com/group/twitter-development-talk/browse_thread/thread/cb3056af2155afec/96a511f5675cdb32?lnk=gst&q=oauth+read+write#96a511f5675cdb32

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] OAuth Login Issues

[Taylor Singletary]

Hey there,

This happens now & then right now, even when you're doing everything correct
-- it should be happening less frequently in the near future. Often a simple
refresh of the authorize or authenticate page will correct the issue.

If you're seeing the issue consistently and without fail, verify that you're
requesting the request token fairly close to the time you pass the user on
to the authorize or authenticate steps. If the steps are generally performed
closely together and the problem is still endemic (rather than just
sporadic) please let us know.

Thanks!
Taylor

@episod  - Taylor Singletary - Twitter Developer
Advocate


On Wed, Feb 23, 2011 at 2:26 PM, courtstarr  wrote:

> We launched invites today on http://eightbit.me using the @eightbit
> account.
>
> Everything during private beta and most of the day was working great
> but now people are getting the following when people try to log in
> using Twitter.
>
> Woah there!
> This page is no longer valid. It looks like someone already used the
> token information you provided. Please return to the site that sent
> you to this page and try again … it was probably an honest mistake.
>
> This is coming from your servers. Is this a common error? Are we doing
> something incorrect or is this a Twitter issue?
>
> Thanks,
> Courtney
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] OAuth Login Issues

[courtstarr]

We launched invites today on http://eightbit.me using the @eightbit
account.

Everything during private beta and most of the day was working great
but now people are getting the following when people try to log in
using Twitter.

Woah there!
This page is no longer valid. It looks like someone already used the
token information you provided. Please return to the site that sent
you to this page and try again … it was probably an honest mistake.

This is coming from your servers. Is this a common error? Are we doing
something incorrect or is this a Twitter issue?

Thanks,
Courtney

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] OAuth and POSTING

[floydus]

Hi all,
many Twitter Api for .NET don't have implemented update_profile
method...
I'm stuck, it's been two full days at work trying to find out how to
call that function on twitter.

Here's the URl in twitter's documentation for that method
--> http://dev.twitter.com/doc/post/account/update_profile
It would be really nice if someone could explain to me the way to
update the profile from .Net, c#

I'm using twitterizer, I was able to log in, get messages, mentions
etc.
But Update_Profile as I said is not implemented in Twitterrizer.

I'm having all the Oauth information (token and tokensecret) once
logged in,
Can someone tell me how to update
Username, email, location, url for the already authenticated user ?

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] Oauth home_timeline returning 401 - Incorrect Signature

[Markus]

All of my second request to home_timeline seem to fail.  When I initiate 
oauth I make 2 calls.  One to friends and one to home_timeline 
consecutively.  This works when I first launch my application with no 
issues.  I can repeatedly call both queries with no issue.  The problem 
comes when I close the app and relaunch using all of my saved parameters.  
On second launch of the application, the friends request will succeed flowed 
by an Incorrect Signature for the home_timeline request.  I can't figure 
this out.

Any help is or will be greatly appreciated!!! :)

Markus

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] OAuth Twitter 401 Unauthorized

[Yusuke Yamamoto]

Hi,

You may want to look at Twitter4J's source code.
It just works.
https://github.com/yusuke/twitter4j
-- 
Yusuke Yamamoto
yus...@mac.com

this email is: [x] bloggable/tweetable [ ] private
follow me on : http://twitter.com/yusukeyamamoto
subscribe me at : http://samuraism.jp/

On Feb 11, 2011, at 07:21 , ayjay wrote:

> Sending signed OAuth header:
> 
> Authorization: OAuth oauth_nonce="twitterecm1297372838828",
> oauth_callback="http%3A%2F%2Ftwitter.myurl.com%2Fwf%2Fwf
> %2Fservlet.method
> %2Fcom.iflow.wf.cpn.twitter.TwitterTest.testCallback",
> oauth_signature_method="HMAC-SHA1",
> oauth_timestamp="1297372838828",
> oauth_consumer_key="05aXcuPKpDAQMR**",
> oauth_signature="O%2F4RKChkbfXCt%2Bp73%2**",
> oauth_version="1.0"
> 
> to URL: https://api.twitter.com/oauth/request_token
> 
> and get Respnoseheaders:
> 
> null:[HTTP/1.1 401 Unauthorized]
> X-Runtime:[0.00684]
> Content-Length:[44]
> X-Transaction:[1297372843-99326-52182]
> Expires:[Tue, 31 Mar 1981 05:00:00 GMT]
> Last-Modified:[Thu, 10 Feb 2011 21:20:43 GMT]
> X-Revision:[DEV]
> Set-Cookie:
> [_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCJaOchEuAToHaWQiJTBmYWI3MGQ3ZTExYTYz
> %250ANzc2ZTE4Y2Y3MWIwYzIwMjg5IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy
> %250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--
> ca7e3ee9b6aee2cb024341be086688bee84c3aac; domain=.twitter.com; path=/;
> HttpOnly, guest_id=129737284366960543; path=/; expires=Sat, 12 Mar
> 2011 21:20:43 GMT, k=188.22.59.201.1297372843662357; path=/;
> expires=Thu, 17-Feb-11 21:20:43 GMT; domain=.twitter.com]
> Connection:[close]
> Server:[hi]
> Cache-Control:[no-cache, no-store, must-revalidate, pre-check=0, post-
> check=0]
> Pragma:[no-cache]
> Status:[401 Unauthorized]
> Date:[Thu, 10 Feb 2011 21:20:43 GMT]
> Vary:[Accept-Encoding]
> Content-Type:[text/html; charset=utf-8]
> 
> and when reading from the URL (opening input stream):
> java.io.IOException: Server returned HTTP response code: 401 for URL:
> https://api.twitter.com/oauth/request_token
> 
> Java Code:
> 
>PrintWriter pw = res.getWriter();
>String timestamp = "" + new Date().getTime();
>String nonce = "twitterecm" + timestamp;
> 
>String httpParameters = "oauth_callback=" +
> URLEncoder.encode(TWITTER_CALLBACKURL, "UTF-8")
>+ "&oauth_consumer_key=" + URLEncoder.encode(CONSUMER_KEY,
> "UTF-8")
>+ "&oauth_nonce=" + URLEncoder.encode(nonce, "UTF-8")
>+ "&oauth_signature_method=HMAC-SHA1"
>+ "&oauth_timestamp=" + timestamp
>+ "&oauth_version=1.0";
> 
>String signatureBase = "POST"
>+ "&" + URLEncoder.encode(REQUESTTOKEN_ENDPOINT,
> HttpUtils.UTF_8)
>+ "&" + URLEncoder.encode(httpParameters, "UTF-8");
> 
>pw.write("SIGNATUREBASE: " + signatureBase);
> 
>String signatureKey = CONSUMER_SECRET + "&";
> 
>pw.write("SIGNATUREKEY: " + signatureKey);
> 
>// sign URL with consumer secret
>String signature =  getSignature(signatureBase, signatureKey);
> 
>pw.write("SIGNATURE: " + signature);
> 
> 
>String header = "OAuth oauth_nonce=\"" +
> URLEncoder.encode(nonce, "UTF-8")
>+ "\", oauth_callback=\"" +
> URLEncoder.encode(TWITTER_CALLBACKURL, "UTF-8")
>+ "\", oauth_signature_method=\"HMAC-SHA1"
>+ "\", oauth_timestamp=\"" + timestamp
>+ "\", oauth_consumer_key=\"" +
> URLEncoder.encode(CONSUMER_KEY, "UTF-8")
>+ "\", oauth_signature=\"" + URLEncoder.encode(signature,
> HttpUtils.UTF_8)
>+ "\", oauth_version=\"1.0"
>+ "\"";
> 
>pw.write("HEADER: Authorization: " +
> header.replace(",", ","));
> 
> 
>String urlStr = REQUESTTOKEN_ENDPOINT;
> 
>pw.write("TO URL: " + urlStr);
> 
>URL url = new URL(urlStr);
>HttpURLConnection conn = (HttpURLConnection)
> url.openConnection();
>conn.setRequestProperty("Authorization", header);
>conn.setRequestMethod("POST");
>conn.setDoOutput(true);
> 
>OutputStreamWriter writer = new
> OutputStreamWriter(conn.getOutputStream(), "UTF-8");
>writer.write(httpParameters);
>writer.flush();
> 
> 
>StringBuilder answer = new StringBuilder();
>BufferedReader reader = new BufferedReader(new
> InputStreamReader(conn.getInputStream(), "UTF-8"));
> 
>String line;
>while ((line = reader.readLine()) != null) {
>answer.append(line);
>}
>writer.close();
>reader.close();
> 
>pw.write("" + answer.toString());
> 
>pw.flush();
>pw.close();
> 
> Pleas help, tried lots of different things, Google API with
> OAuthConsumer, OAuthProvider etc. too, got always the same response.
> 
> Thx, Andy
> 
> -- 
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group: 
> http://groups.go

[twitter-dev] OAuth Twitter 401 Unauthorized

[ayjay]

Sending signed OAuth header:

Authorization: OAuth oauth_nonce="twitterecm1297372838828",
oauth_callback="http%3A%2F%2Ftwitter.myurl.com%2Fwf%2Fwf
%2Fservlet.method
%2Fcom.iflow.wf.cpn.twitter.TwitterTest.testCallback",
oauth_signature_method="HMAC-SHA1",
oauth_timestamp="1297372838828",
oauth_consumer_key="05aXcuPKpDAQMR**",
oauth_signature="O%2F4RKChkbfXCt%2Bp73%2**",
oauth_version="1.0"

to URL: https://api.twitter.com/oauth/request_token

and get Respnoseheaders:

null:[HTTP/1.1 401 Unauthorized]
X-Runtime:[0.00684]
Content-Length:[44]
X-Transaction:[1297372843-99326-52182]
Expires:[Tue, 31 Mar 1981 05:00:00 GMT]
Last-Modified:[Thu, 10 Feb 2011 21:20:43 GMT]
X-Revision:[DEV]
Set-Cookie:
[_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCJaOchEuAToHaWQiJTBmYWI3MGQ3ZTExYTYz
%250ANzc2ZTE4Y2Y3MWIwYzIwMjg5IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy
%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--
ca7e3ee9b6aee2cb024341be086688bee84c3aac; domain=.twitter.com; path=/;
HttpOnly, guest_id=129737284366960543; path=/; expires=Sat, 12 Mar
2011 21:20:43 GMT, k=188.22.59.201.1297372843662357; path=/;
expires=Thu, 17-Feb-11 21:20:43 GMT; domain=.twitter.com]
Connection:[close]
Server:[hi]
Cache-Control:[no-cache, no-store, must-revalidate, pre-check=0, post-
check=0]
Pragma:[no-cache]
Status:[401 Unauthorized]
Date:[Thu, 10 Feb 2011 21:20:43 GMT]
Vary:[Accept-Encoding]
Content-Type:[text/html; charset=utf-8]

and when reading from the URL (opening input stream):
java.io.IOException: Server returned HTTP response code: 401 for URL:
https://api.twitter.com/oauth/request_token

Java Code:

PrintWriter pw = res.getWriter();
String timestamp = "" + new Date().getTime();
String nonce = "twitterecm" + timestamp;

String httpParameters = "oauth_callback=" +
URLEncoder.encode(TWITTER_CALLBACKURL, "UTF-8")
+ "&oauth_consumer_key=" + URLEncoder.encode(CONSUMER_KEY,
"UTF-8")
+ "&oauth_nonce=" + URLEncoder.encode(nonce, "UTF-8")
+ "&oauth_signature_method=HMAC-SHA1"
+ "&oauth_timestamp=" + timestamp
+ "&oauth_version=1.0";

String signatureBase = "POST"
+ "&" + URLEncoder.encode(REQUESTTOKEN_ENDPOINT,
HttpUtils.UTF_8)
+ "&" + URLEncoder.encode(httpParameters, "UTF-8");

pw.write("SIGNATUREBASE: " + signatureBase);

String signatureKey = CONSUMER_SECRET + "&";

pw.write("SIGNATUREKEY: " + signatureKey);

// sign URL with consumer secret
String signature =  getSignature(signatureBase, signatureKey);

pw.write("SIGNATURE: " + signature);


String header = "OAuth oauth_nonce=\"" +
URLEncoder.encode(nonce, "UTF-8")
+ "\", oauth_callback=\"" +
URLEncoder.encode(TWITTER_CALLBACKURL, "UTF-8")
+ "\", oauth_signature_method=\"HMAC-SHA1"
+ "\", oauth_timestamp=\"" + timestamp
+ "\", oauth_consumer_key=\"" +
URLEncoder.encode(CONSUMER_KEY, "UTF-8")
+ "\", oauth_signature=\"" + URLEncoder.encode(signature,
HttpUtils.UTF_8)
+ "\", oauth_version=\"1.0"
+ "\"";

pw.write("HEADER: Authorization: " +
header.replace(",", ","));


String urlStr = REQUESTTOKEN_ENDPOINT;

pw.write("TO URL: " + urlStr);

URL url = new URL(urlStr);
HttpURLConnection conn = (HttpURLConnection)
url.openConnection();
conn.setRequestProperty("Authorization", header);
conn.setRequestMethod("POST");
conn.setDoOutput(true);

OutputStreamWriter writer = new
OutputStreamWriter(conn.getOutputStream(), "UTF-8");
writer.write(httpParameters);
writer.flush();


StringBuilder answer = new StringBuilder();
BufferedReader reader = new BufferedReader(new
InputStreamReader(conn.getInputStream(), "UTF-8"));

String line;
while ((line = reader.readLine()) != null) {
answer.append(line);
}
writer.close();
reader.close();

pw.write("" + answer.toString());

pw.flush();
pw.close();

Pleas help, tried lots of different things, Google API with
OAuthConsumer, OAuthProvider etc. too, got always the same response.

Thx, Andy

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] OAuth validation failure

[Dale]

I am attempting to set up a ColdFusion script to do auto updates to
Twitter when a new article is posted to our CMS. I have been having
trouble getting the request token and keep getting the Failed to
validate oauth signature and token error message when making
attempts.

Here is my updated request string.
POST&https%3A%2F%2Fapi.twitter.com%2Foauth
%2Frequest_token&oauth_consumer_key%3DX%26oauth_nonce
%3D430489.541778%26oauth_signature_method%3DHMAC
%2DSHA1%26oauth_timestamp%3D1297274801%26oauth_version%3D1.0

Here is the error returned.
Failed to validate oauth signature and token

Here is the return header.
HTTP/1.1 401 Unauthorized Connection: close Expires: Tue, 31 Mar 1981
05:00:00 GMT Date: Wed, 09 Feb 2011 18:06:45 GMT Server: hi X-
Runtime:
0.00454 Vary: Accept-Encoding X-Transaction: Wed Feb 09 18:06:45
+
2011-87785-54083 Pragma: no-cache Status: 401 Unauthorized Cache-
Control: no-cache, no-store, must-revalidate, pre-check=0, post-
check=0 Set-Cookie: k=[MY IP ADDRESS].1297274805118711; path=/;
expires=Wed, 16-Feb-11 18:06:45 GMT; domain=.twitter.com Set-Cookie:
guest_id=129727480520719350; path=/; expires=Fri, 11 Mar 2011
18:06:45
GMT Set-Cookie:
_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCNibmgsuAToHaWQiJTYwMDg4OGQ2N2ZlMTBm
%250AY2I1NWFiNGRmNWRiY2I2N2UxIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy
%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--0e5cbcd15c652517645f3fb4a648
abeabec997e9;
domain=.twitter.com; path=/; HttpOnly X-Revision: DEV Last-Modified:
Wed, 09 Feb 2011 18:06:45 GMT Content-Type: text/html; charset=utf-8

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] oAuth Authorization Header

[Taylor Singletary]

The order of parameters in the Authorization header aren't required to match
the base string order, but it's often simpler to debug if they do. The only
requirements on the Authorization header is that it starts with "OAuth " and
parameters are alpha-numeric, wrapped in quotes, and separated with commas.
Spaces/linear whitespace & the "realm" parameter are all/should be
optional.

@episod  - Taylor Singletary - Twitter Developer
Advocate


On Tue, Feb 8, 2011 at 12:53 AM, Tim Skipper wrote:

> Is the order of the parameters important in the Authorization header?
> Must it match that of the base string used for signing?
>
> Regards,
> Tim Skipper
> http://www.intonet-technology.co.uk
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] oAuth Authorization Header

[Tim Skipper]

Is the order of the parameters important in the Authorization header?
Must it match that of the base string used for signing?

Regards,
Tim Skipper
http://www.intonet-technology.co.uk

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] OAuth AS3 Library

[Millertaker]

ai a some AS3 library for the Oauth working in this moment?

I'm looking the official dev site and show 2 options but the firts is
empty and the second uses PHP
http://dev.twitter.com/pages/oauth_libraries#flash

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] OAuth Token expires or no?

[Jan Paricka]

Tokens do not expire.

Jan

On Thu, Feb 3, 2011 at 6:32 PM, Lab Tech wrote:

> I am developing an auto post app and last night it worked perfectly,
> this morning however I am getting a 401 "Could not authenticate you."
> error on both my app and the test file from the library
> https://github.com/abraham/twitteroauth. The test file is unchanged
> and worked perfectly last night.
>
> I am storing both token and secret in a db as suggested.
>
> I was under the impression OAuth Tokens and OAuth Token Secrets did
> not expire. Was I wrong in that thinking?
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] OAuth Token expires or no?

[Scott Wilcox]

Correct, tokens don't expire. If you're getting that, either your calls are 
being sent incorrect or permission has been revoked.

Scott.

On 3 Feb 2011, at 17:32, Lab Tech wrote:

> I am developing an auto post app and last night it worked perfectly,
> this morning however I am getting a 401 "Could not authenticate you."
> error on both my app and the test file from the library
> https://github.com/abraham/twitteroauth. The test file is unchanged
> and worked perfectly last night.
> 
> I am storing both token and secret in a db as suggested.
> 
> I was under the impression OAuth Tokens and OAuth Token Secrets did
> not expire. Was I wrong in that thinking?

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] OAuth Token expires or no?

[Lab Tech]

I am developing an auto post app and last night it worked perfectly,
this morning however I am getting a 401 "Could not authenticate you."
error on both my app and the test file from the library
https://github.com/abraham/twitteroauth. The test file is unchanged
and worked perfectly last night.

I am storing both token and secret in a db as suggested.

I was under the impression OAuth Tokens and OAuth Token Secrets did
not expire. Was I wrong in that thinking?

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] Oauth timeout at access_token request

[Dave McCall]

I'm creating my first twitter integration and I've gotten pretty far
(or at least it feels like have).  I'm pretty confident I'm creating
my OAUTH headers and signature and all that correctly because the
other requests work fine, just not the access_token request.  Here's
what I'm doing:

1. I do the oauth request to http://twitter.com/oauth/request_token
(with the consumer key and consumer secret)

2. I get a response back with the oauth_token and oauth_secret in it.

3. I redirect my user to http://twitter.com/oauth/authenticate?oauth_token={the
oauth_token returned in the last step}

4. I login and click "Allow".

5. It redirects the user back to my callback page with the oauth_token
and oauth_verifier on it (which I store)

6. Now I created an oauth request to http://twitter.com/oauth/access_token.
I sign it with the consumer secret concatenated with and ampersand and
the oauth token secret (from step 2).  I add the oauth_verifier from
step 5 into the header.  I send nothing in the POST data, it is just a
request with the oauth headers on it.  I have my timeout set at 20
seconds, but it times out every time.

Now, while I was working through this last night I made a few mistakes
and I sent some bad requests to the access_token page, so maybe
twitter locked me out or something, but I don't have any information
even though I'm pretty confident I'm doing everything correctly now.

I'm doing this in vb.net in framework 1.1--its an older app that can't
be upgraded to a newer version of the framework yet. I had to create
my own oauth library because I couldn't find a .net 1.1 library, but
I'd be happy to share the code if it would help.

Thanks,
Dave

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] OAuth and Multiple Accounts on Mobile applications

[Omar Gonzalez]

I found this thread about OAuth and multiple devices:
http://groups.google.com/group/twitter-development-talk/browse_thread/thread/bb879832a8a18a25/a34ec6d44c0eeb23?lnk=gst&q=multiple+accounts+and+OAuth#

All of the information in that thread makes sense to me.  I currently
have a mobile application where I have successfully implemented an
OAuth flow, I'm not quite sure what the official name is, so I will
describe it.

If the application does not have an OAuthToken the mobile browser is
opened and the user is asked to log in to give the mobile application
permission to access their account.  If the user agrees, they get a
PIN number to enter into my mobile application.  Once the user enters
the PIN, I request a token from Twitter, my app verifies the token
access and retrieves the user's screen name.

What I am not sure of is what is the intended way to handle mobile
applications that post to multiple Twitter accounts?  Do I need
messaging in my application to instruct the user to make sure they're
logged out of their application so they can log in with another
account and my application can request access that way?  That seems
kind of clunky.  Is there another alternative where I can have the
user enter their screen name and I can start an OAuth flow with that?

Any help/guidance is appreciated.

-omar

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] OAuth 401 Unauthorized failure

[Matt Harris]

Hi Brian,

A couple of questions so we can investigate:

1. What was the response body content we returned with the 401?
2. What was the basestring you used?

Best
@themattharris
Developer Advocate, Twitter
http://twitter.com/themattharris


On Fri, Dec 17, 2010 at 2:30 PM, Brian Gunn  wrote:

> Hi all.
>
> I am working on a web app for Twitter using the Tweepy Python API.  My
> code has been working for a month, but at some point this week, it
> stopped working.  Now when I request the access token from the
> verification code, I get a 401: Unauthorized failure.
>
> I did see from Matt's post yesterday that Tweepy was using the wrong
> URLs.  (It was using http://twitter.com/oauth instead of
> http://api.twitter.com/oauth.)  I fixed that problem and I'm still
> seeing the problem.
>
> I see from everyone else who is reporting this that you want to see
> the basestring and Authorization header, so here's what I'm using:
>
> URL: http://api.twitter.com/oauth/access_token
> Headers: {'Authorization': 'OAuth realm="", oauth_nonce="58011146",
> oauth_timestamp="1292624570", oauth_signature_method="HMAC-SHA1",
> oauth_consumer_key="bSf2ywUggWN1w7Yx5FtvJg",
> oauth_verifier="8bKG5j8sbzKIkycG61MxtpznR9dOx4L1WQe7rxZ0",
> oauth_version="1.0",
> oauth_token="8bKG5j8sbzKIkycG61MxtpznR9dOx4L1WQe7rxZ0",
> oauth_signature="tOqtyU6E%2FulE8xiYBQRzuv2RMog%3D"'}
>
> Does anyone see a problem here?
>
> Thank you!
>
> Brian
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] OAuth 401 Unauthorized failure

[Brian Gunn]

Hi all.

I am working on a web app for Twitter using the Tweepy Python API.  My
code has been working for a month, but at some point this week, it
stopped working.  Now when I request the access token from the
verification code, I get a 401: Unauthorized failure.

I did see from Matt's post yesterday that Tweepy was using the wrong
URLs.  (It was using http://twitter.com/oauth instead of
http://api.twitter.com/oauth.)  I fixed that problem and I'm still
seeing the problem.

I see from everyone else who is reporting this that you want to see
the basestring and Authorization header, so here's what I'm using:

URL: http://api.twitter.com/oauth/access_token
Headers: {'Authorization': 'OAuth realm="", oauth_nonce="58011146",
oauth_timestamp="1292624570", oauth_signature_method="HMAC-SHA1",
oauth_consumer_key="bSf2ywUggWN1w7Yx5FtvJg",
oauth_verifier="8bKG5j8sbzKIkycG61MxtpznR9dOx4L1WQe7rxZ0",
oauth_version="1.0",
oauth_token="8bKG5j8sbzKIkycG61MxtpznR9dOx4L1WQe7rxZ0",
oauth_signature="tOqtyU6E%2FulE8xiYBQRzuv2RMog%3D"'}

Does anyone see a problem here?

Thank you!

Brian

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] oAuth still working for everyone.?

[Dave-twiends]

I noticed I've just started getting 401's for all my oAuth requests.
Seems to be happening on more than one site for me.. My application
keys and status still look good..

Just wondering if anyone else is having an issue..?

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] oAuth reporting a status update error when none exists

[Abraham Williams]

It sound to me like your code might be making the same API request twice.
This would result in the status getting posted and the error message you end
up with.

If you are commonly creating statuses with the same text it might just seem
like a new status is getting posted when they are not.

Abraham
-
Abraham Williams | Hacker Advocate | abrah.am
@abraham  | github.com/abraham | blog.abrah.am
This email is: [ ] shareable [x] ask first [ ] private.



On Mon, Nov 29, 2010 at 20:18, EastSideDev  wrote:

> I have an application that uses oAuth to post a tweet on behalf of a
> user. I noticed today that when I do a status update, I'm getting a
> "Status is a duplicate" error message, when in fact the status posted
> correctly.
>
> I have not changed my code, and I am using the Twitter oAuth library
> (same code been working fine since June). Are we experiencing some API
> issues?
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] oAuth reporting a status update error when none exists

[EastSideDev]

I have an application that uses oAuth to post a tweet on behalf of a
user. I noticed today that when I do a status update, I'm getting a
"Status is a duplicate" error message, when in fact the status posted
correctly.

I have not changed my code, and I am using the Twitter oAuth library
(same code been working fine since June). Are we experiencing some API
issues?

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] OAuth - Posting in twitter with coldfusion

[Guilherme Luís Silva]

After this OAuth is necessary, i can't post anylonger messages with
coldfusion,
i need to authenticate my app

ok, but how do i do this in CF?

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] Oauth "Incorrect Signature" or "Could not authenticate" error

[DavidD]

I am getting an 401 Unauthorized with an "Incorrect Signature" or
"Could not authenticate" error when trying to get Direct Messages
after getting an access token

I can get a user_timeline no problem and I believe favorites but the
Direct Messages and home_timeline I get an error.

I also have a 401 when I try and delete a tweet from the user
timeline.

I am stuck and need help.

Thanks!

David

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] OAuth SignPost lib

[yogeshkolte]

Has anyone able to authenticate with Twitter api by using already
store user key and secret. If so would u mind sharing code.

I am able to authenticate and access Twitter api when I authorize with
Twitter website and gets redirected back to my app.

But if I restart my app and try to make a call using already stored
user secret and key I keep getting Incorrect signature error.

Do we always have to authorize with Twitter website when we restart
application.


Thanks

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] OAuth

[Hcc_dev]

I was using the basic Auth (twitterAPI.php )in a form that is used by
our security office to send emergency information to our students.
This form is used to send messages to email, text messages and to
twitter.  I need to get this back up as soon as possible and have
spent several days trying to figure out Oauth.  Is there a step by
step for those of us who were using the basic auth?   I read
http://dev.twitter.com/pages/basic_to_oauth but it is very general and
does not tell me how to do this.  Should I us TwitterOAuth library?  I
do not understand the call back URL.  I don’t want the user (which is
one of 5 staff members) to have to do anything other than send the
form.  Please help.  .

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] OAuth Echo, keep getting a 401

[Skipper]

Hello,
I am building a service similar to TwitPic but for long messages. I am
using Echo OAuth and I wrote a unit testing script to show you what is
going on
http://api.tweedom.com/unittest/unittest.php

On the back end I am opening the header, unfolding the content in X-
Verify-Credentials-Authorization to rebuilt the OAuth headers and I do
a GET http://api.twitter.com/1/account/verify_credentials.xml
The unit test will show you the content of X-Verify-Credentials-
Authorization and the header that is sent to Twitter.

What am I missing, please?

BTW: I plan to publish extensive code samples about Echo OAuth so that
other developers like me can learn how to do it right and stop bugging
you ;-)

The code of the unit test is
***
define ('oauth_http_provider', 'http://api.twitter.com/1/account/
verify_credentials.xml');
$consumer = new OAuthConsumer(CONSUMER_KEY,CONSUMER_SECRET,NULL);
$access_token = new OAuthToken($access_token['oauth_token'],
$access_token['oauth_token_secret']);
$request = OAuthRequest::from_consumer_and_token($consumer,
$access_token, 'GET', oauth_http_provider,NULL);
$request->sign_request(new OAuthSignatureMethod_HMAC_SHA1(),
$consumer, $access_token);
// clean up the header, Tweedom is like Twitpic, it prefers a clean
list without the 'Authorization: OAuth' label, please
$header = $request->to_header();
# Snip out the "Authorization: " part, and add a realm to be polite
$real_header = explode("Authorization: OAuth", $header);
$header = 'OAuth realm="http://api.twitter.com/";,' . $real_header[1];
# Keep the spaces between elements, even though we shouldn't have to
$header = str_replace(",", ", ", $header);

echo 'the http header for X-Verify-Credentials-Authorization: '.
$header.'calling http://api.tweedom.com/1/jumbotweex/new.xmResponse:
';
$response = send_echo_request("POST", 'http://api.tweedom.com/1/
jumbotweex/new.xml', $header, $post, oauth_http_provider);

# Evaluate the response
if ($response)
print_r($response);

function send_echo_request($http_method, $url, $auth_header,
$postData, $echo_url) {
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);

curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_FAILONERROR, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true);

// Set our OAuth Echo headers
curl_setopt($curl, CURLOPT_HTTPHEADER, array(
'X-Verify-Credentials-Authorization: ' . $auth_header,
'X-Auth-Service-Provider: ' . $echo_url
));

curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, $postData);


$response = curl_exec($curl);
//echo $response;
if (!$response) {
$response = curl_error($curl);
}
curl_close($curl);
return $response;
}
***

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] Oauth issue on iPhone Development - Multiple Users posting to Single Account with No UI

[Anthony Thompson Shumate]

I have implemented this method:

http://icodeblog.com/2010/09/16/dealing-with-the-twitter-oauth-apocalypse

Any idea on how to add the access token in this?

Thanks a bunch.

A


On Oct 15, 2010, at 9:19 AM, Taylor Singletary wrote:

> There's some background on this approach here: http://bit.ly/1token
> 
> On dev.twitter.com we provide a feature that lets you easily get your own 
> access token as the owner of the application. You then utilize that token 
> whenever it makes sense to.
> 
> We don't have an explicit Objective-C example of this implementation, but I 
> reckon it would be very easy with one of the Objective-C libraries out there. 
> 
> Taylor
> 
> On Fri, Oct 15, 2010 at 6:24 AM, Anthony Thompson Shumate 
>  wrote:
> Is there somewhere I can find documentation on this?
> 
> Thanks again for the quick response.
> 
> A
> 
> 
> On Oct 15, 2010, at 8:22 AM, Tom van der Woerdt wrote:
> 
> > You can simply include the access tokens in the application. You don't
> > need anything else.
> >
> > Tom
> >
> >
> > On 10/15/10 5:43 AM, Anthony wrote:
> >> I have be searching high and low to find out if Oauth will allow some
> >> form of embedding the log-in info for a single account from the
> >> iphone. I was using the basic authorization, and with the change it is
> >> no longer working. I have a series of clients who post to an account
> >> to discuss their process for each project. I do not want to give them
> >> the log-in information, but I want them to have posting ability.
> >>
> >> I would prefer to embed the log-in token and just give one of the two
> >> authentication to them- either username or password (or neither). With
> >> Oauth can I use other peoples accounts to post to one. main account?
> >>
> >> I have read on the boards that everyone is skirting the issue, a
> >> twitter does not address it. Oauth appears to be the antithesis of
> >> this concept. Any help would be greatly appreciated.
> >>
> >> Just to be clear- I have a view that has a status box with a post
> >> button. Users with the app do not need to login (but need the app) to
> >> post to the account.) Now when I implement the Oauth, a log-in screen
> >> appears and request a username and password. This would give the users
> >> access to edit the account and to post. I don't want them to be able
> >> to edit the account, but to just post to it.
> >>
> >> Thank you.
> >>
> >> A
> >>
> >
> > --
> > Twitter developer documentation and resources: http://dev.twitter.com/doc
> > API updates via Twitter: http://twitter.com/twitterapi
> > Issues/Enhancements Tracker: 
> > http://code.google.com/p/twitter-api/issues/list
> > Change your membership to this group: 
> > http://groups.google.com/group/twitter-development-talk
> 
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group: 
> http://groups.google.com/group/twitter-development-talk
> 
> 
> -- 
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group: 
> http://groups.google.com/group/twitter-development-talk

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] Oauth issue on iPhone Development - Multiple Users posting to Single Account with No UI

[Anthony Thompson Shumate]

Is there any other direction- I have implemented the token, but it does not 
connect to a specific account. The token allows me to log on to any account 
through the application. I want to lock down the app to one specific account.

Thank you for the help.

A

On Oct 15, 2010, at 9:19 AM, Taylor Singletary wrote:

> There's some background on this approach here: http://bit.ly/1token
> 
> On dev.twitter.com we provide a feature that lets you easily get your own 
> access token as the owner of the application. You then utilize that token 
> whenever it makes sense to.
> 
> We don't have an explicit Objective-C example of this implementation, but I 
> reckon it would be very easy with one of the Objective-C libraries out there. 
> 
> Taylor
> 
> On Fri, Oct 15, 2010 at 6:24 AM, Anthony Thompson Shumate 
>  wrote:
> Is there somewhere I can find documentation on this?
> 
> Thanks again for the quick response.
> 
> A
> 
> 
> On Oct 15, 2010, at 8:22 AM, Tom van der Woerdt wrote:
> 
> > You can simply include the access tokens in the application. You don't
> > need anything else.
> >
> > Tom
> >
> >
> > On 10/15/10 5:43 AM, Anthony wrote:
> >> I have be searching high and low to find out if Oauth will allow some
> >> form of embedding the log-in info for a single account from the
> >> iphone. I was using the basic authorization, and with the change it is
> >> no longer working. I have a series of clients who post to an account
> >> to discuss their process for each project. I do not want to give them
> >> the log-in information, but I want them to have posting ability.
> >>
> >> I would prefer to embed the log-in token and just give one of the two
> >> authentication to them- either username or password (or neither). With
> >> Oauth can I use other peoples accounts to post to one. main account?
> >>
> >> I have read on the boards that everyone is skirting the issue, a
> >> twitter does not address it. Oauth appears to be the antithesis of
> >> this concept. Any help would be greatly appreciated.
> >>
> >> Just to be clear- I have a view that has a status box with a post
> >> button. Users with the app do not need to login (but need the app) to
> >> post to the account.) Now when I implement the Oauth, a log-in screen
> >> appears and request a username and password. This would give the users
> >> access to edit the account and to post. I don't want them to be able
> >> to edit the account, but to just post to it.
> >>
> >> Thank you.
> >>
> >> A
> >>
> >
> > --
> > Twitter developer documentation and resources: http://dev.twitter.com/doc
> > API updates via Twitter: http://twitter.com/twitterapi
> > Issues/Enhancements Tracker: 
> > http://code.google.com/p/twitter-api/issues/list
> > Change your membership to this group: 
> > http://groups.google.com/group/twitter-development-talk
> 
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group: 
> http://groups.google.com/group/twitter-development-talk
> 
> 
> -- 
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group: 
> http://groups.google.com/group/twitter-development-talk

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] Oauth issue on iPhone Development - Multiple Users posting to Single Account with No UI

[Taylor Singletary]

There's some background on this approach here: http://bit.ly/1token

On dev.twitter.com we provide a feature that lets you easily get your own
access token as the owner of the application. You then utilize that token
whenever it makes sense to.

We don't have an explicit Objective-C example of this implementation, but I
reckon it would be very easy with one of the Objective-C libraries out
there.

Taylor

On Fri, Oct 15, 2010 at 6:24 AM, Anthony Thompson Shumate <
anthonyshum...@gmail.com> wrote:

> Is there somewhere I can find documentation on this?
>
> Thanks again for the quick response.
>
> A
>
>
> On Oct 15, 2010, at 8:22 AM, Tom van der Woerdt wrote:
>
> > You can simply include the access tokens in the application. You don't
> > need anything else.
> >
> > Tom
> >
> >
> > On 10/15/10 5:43 AM, Anthony wrote:
> >> I have be searching high and low to find out if Oauth will allow some
> >> form of embedding the log-in info for a single account from the
> >> iphone. I was using the basic authorization, and with the change it is
> >> no longer working. I have a series of clients who post to an account
> >> to discuss their process for each project. I do not want to give them
> >> the log-in information, but I want them to have posting ability.
> >>
> >> I would prefer to embed the log-in token and just give one of the two
> >> authentication to them- either username or password (or neither). With
> >> Oauth can I use other peoples accounts to post to one. main account?
> >>
> >> I have read on the boards that everyone is skirting the issue, a
> >> twitter does not address it. Oauth appears to be the antithesis of
> >> this concept. Any help would be greatly appreciated.
> >>
> >> Just to be clear- I have a view that has a status box with a post
> >> button. Users with the app do not need to login (but need the app) to
> >> post to the account.) Now when I implement the Oauth, a log-in screen
> >> appears and request a username and password. This would give the users
> >> access to edit the account and to post. I don't want them to be able
> >> to edit the account, but to just post to it.
> >>
> >> Thank you.
> >>
> >> A
> >>
> >
> > --
> > Twitter developer documentation and resources:
> http://dev.twitter.com/doc
> > API updates via Twitter: http://twitter.com/twitterapi
> > Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> > Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] Oauth issue on iPhone Development - Multiple Users posting to Single Account with No UI

[Anthony Thompson Shumate]

Is there somewhere I can find documentation on this?

Thanks again for the quick response.

A


On Oct 15, 2010, at 8:22 AM, Tom van der Woerdt wrote:

> You can simply include the access tokens in the application. You don't
> need anything else.
> 
> Tom
> 
> 
> On 10/15/10 5:43 AM, Anthony wrote:
>> I have be searching high and low to find out if Oauth will allow some
>> form of embedding the log-in info for a single account from the
>> iphone. I was using the basic authorization, and with the change it is
>> no longer working. I have a series of clients who post to an account
>> to discuss their process for each project. I do not want to give them
>> the log-in information, but I want them to have posting ability.
>> 
>> I would prefer to embed the log-in token and just give one of the two
>> authentication to them- either username or password (or neither). With
>> Oauth can I use other peoples accounts to post to one. main account?
>> 
>> I have read on the boards that everyone is skirting the issue, a
>> twitter does not address it. Oauth appears to be the antithesis of
>> this concept. Any help would be greatly appreciated.
>> 
>> Just to be clear- I have a view that has a status box with a post
>> button. Users with the app do not need to login (but need the app) to
>> post to the account.) Now when I implement the Oauth, a log-in screen
>> appears and request a username and password. This would give the users
>> access to edit the account and to post. I don't want them to be able
>> to edit the account, but to just post to it.
>> 
>> Thank you.
>> 
>> A
>> 
> 
> -- 
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group: 
> http://groups.google.com/group/twitter-development-talk

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] Oauth issue on iPhone Development - Multiple Users posting to Single Account with No UI

[Tom van der Woerdt]

You can simply include the access tokens in the application. You don't
need anything else.

Tom


On 10/15/10 5:43 AM, Anthony wrote:
> I have be searching high and low to find out if Oauth will allow some
> form of embedding the log-in info for a single account from the
> iphone. I was using the basic authorization, and with the change it is
> no longer working. I have a series of clients who post to an account
> to discuss their process for each project. I do not want to give them
> the log-in information, but I want them to have posting ability.
> 
> I would prefer to embed the log-in token and just give one of the two
> authentication to them- either username or password (or neither). With
> Oauth can I use other peoples accounts to post to one. main account?
> 
> I have read on the boards that everyone is skirting the issue, a
> twitter does not address it. Oauth appears to be the antithesis of
> this concept. Any help would be greatly appreciated.
> 
> Just to be clear- I have a view that has a status box with a post
> button. Users with the app do not need to login (but need the app) to
> post to the account.) Now when I implement the Oauth, a log-in screen
> appears and request a username and password. This would give the users
> access to edit the account and to post. I don't want them to be able
> to edit the account, but to just post to it.
> 
> Thank you.
> 
> A
> 

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] Oauth issue on iPhone Development - Multiple Users posting to Single Account with No UI

[Anthony]

I have be searching high and low to find out if Oauth will allow some
form of embedding the log-in info for a single account from the
iphone. I was using the basic authorization, and with the change it is
no longer working. I have a series of clients who post to an account
to discuss their process for each project. I do not want to give them
the log-in information, but I want them to have posting ability.

I would prefer to embed the log-in token and just give one of the two
authentication to them- either username or password (or neither). With
Oauth can I use other peoples accounts to post to one. main account?

I have read on the boards that everyone is skirting the issue, a
twitter does not address it. Oauth appears to be the antithesis of
this concept. Any help would be greatly appreciated.

Just to be clear- I have a view that has a status box with a post
button. Users with the app do not need to login (but need the app) to
post to the account.) Now when I implement the Oauth, a log-in screen
appears and request a username and password. This would give the users
access to edit the account and to post. I don't want them to be able
to edit the account, but to just post to it.

Thank you.

A

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] OAuth Problems

[Sergio Oropeza]

Hi! i'm programming basic http post for twitter.

I allready have my applicaton in the app's of twitter developers.

Ihave the Consumer key, Consumer secret, Access Token (oauth_token)
and Access Token Secret (oauth_token_secret)

Here is my code:

POST /1/statuses/update.xml HTTP/1.1
Host: api.twitter.com
Authorization: OAuth oauth_nonce=\"sdf78746x4v897sd8g45\",
oauth_signature_method=\"HMAC-SHA1\", oauth_timestamp=\"1286899405\",
oauth_consumer_key=\"1LYqQbWtZ6jvtskMg1nGnA\",
oauth_signature="%2BXCwW9MqFybLCRZgtXw1gaAQd6M%3D", oauth_token=
\"57336211-iQXeMulz4Ibrgtq9Xb7q5SvjeJ6ovOYzK9QLlkdxV\", oauth_version=
\"1.0\"
Content-Type: application/x-www-form-urlencoded
Content-Length: 15

status=SOROPEZA

** Can some one help me why i get this error:

HTTP/1.1 401 Unauthorized
Date: Tue, 12 Oct 2010 16:04:12 GMT
Server: hi
Status: 401 Unauthorized
WWW-Authenticate: Basic realm="Twitter API"
X-Runtime: 0.00286
Content-Type: application/xml; charset=utf-8
Content-Length: 150
Cache-Control: no-cache, max-age=1800
Set-Cookie: k=189.247.7.12.1286899452316939; path=/; expires=Tue, 19-
Oct-10 16:04:12 GMT; domain=.twitter.com
Set-Cookie: guest_id=128689945232176133; path=/; expires=Thu, 11 Nov
2010 16:04:12 GMT
Set-Cookie:
_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCKJJL6ErAToHaWQiJTQ3NThkNzM4MDA5MWEy
%250ANzUzYjBhMzgxY2EwMWFmYjI1IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy
%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--6a6c68777540385753d80a98768550a26bdc738b;
domain=.twitter.com; path=/
Expires: Tue, 12 Oct 2010 16:34:12 GMT
Vary: Accept-Encoding
Connection: close



  Could not authenticate with OAuth.
  /1/statuses/update.xml


** I don't know how to obtain THE auth_signature,oauth_nonce and the
timestamp.

THKS!!!

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] Oauth issue : popup window asking for twitter api credentials

[Bounce]

Hello All,

I am currently developing an app in actionscript. I have followed a
sample code written by the guys from swfjunkie (
http://blog.swfjunkie.com/2010/08/tweetr-tutorials-pinless-oauth-in-air/
)  which works great. It does pinless authentication. The way the
sample code works is very simple: it opens a web view with the login
of twitter and when you enter your credentials you get back in the
console the authorization token and secret.

Now here is the problem. I copied some of that code in my own app.The
glitch is that when i use my own credentials (ie: my consumer key and
secret) instead of opening the web view with the twitter login page i
get a popup window asking for credentials to access the twitter API
area. I can enter anything in there it just pops it back up.

So my second test was to simply replace the consumer key and secret by
the ones in the swfjunkie code (ie the one given to the guys when they
registered their little sample app) and hey presto it works fine !

What is going on ? Why does my consumer key and secret generate a
popup window but the one from the swfjunkie guys works great in the
EXACT same code?

I insist on the fact that the only variable changed in both tests is
the consumer key and secret!

Thanks for your help!
Bounce.

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] OAuth status pages no longer show client numbers?

[mcdade]

Has anyone else seen this problem?  I look on my application pages for
the number of people who have completed the OAuth process and they are
no longer there.

On top of that one of the apps no longer even says my name, it just
says "Application name by  " and the rest is blank.

very weird.. the number I like to use since the downloads and actual
usage of the application never did match, one of the apps are a little
difficult to install so the failure to compete is a bit high.

Thanks

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] OAuth request token URL

[玉柱九天]

you can refer to the demo program "gridtwit":
http://code.google.com/p/gridtwit/

especially the files: "gridtwit_client_oauth_demo\Demo_Description.doc" and
"gridtwit_client_oauth_demo\liboauth-0.9.1\tests\gridtwit.c"

It details oauth authentication flow and coding(c++, liboauth).








--


2010/9/23 Taylor Singletary 

> Our system is quirky. There technically isn't a boolean flag set on an
> application that dictates whether it's a "web" or "desktop" application --
> instead the boolean is a derived value based on the presence of a default
> callback URL. Think of this callback URL as a placeholder -- while it should
> have some relevance to your application, it doesn't need to strictly
> correlate to an actual callback location. To practice "correct" OAuth, you
> still need to provide an oauth_callback on the request token step of the
> OAuth negotiation phase. The callback provided at that time always
> takes precedence.
>
> Taylor
>
>
> On Thu, Sep 23, 2010 at 12:23 AM, Scott Wilcox  wrote:
>
>> Yes, you can dynamically provide a callback URL, but you still need to
>> enter one in the applications settings.
>>
>> Scott.
>>
>> On 23 Sep 2010, at 07:34, kengimel wrote:
>>
>> > Hi,
>> >
>> > I recently register my twitter application and obtained my OAuth
>> > consumer credentials.
>> >
>> > However i noticed that when registering i choose the browser option as
>> > my application will run solely via a web browser, But to my surprise
>> > when i dispatched this: POST https://twitter.com/oauth/request_token,
>> > I recieved this error mesage from my console.
>> >
>> > 
>> > 
>> >  /oauth/request_token
>> >  Desktop applications only support the oauth_callback value
>> > 'oob'
>> > 
>> >
>> > I have tried several times to select the browser option on my
>> > application's settings page, but it says it requires me to define a
>> > callback URL, which according to the OAuth standard, allows me to
>> > dynamically define my callback URL in the request token stage.
>> >
>> > can someone tell me what i may be doing wrongly.
>> >
>> > Cheers
>>
>> --
>> Twitter developer documentation and resources: http://dev.twitter.com/doc
>> API updates via Twitter: http://twitter.com/twitterapi
>> Issues/Enhancements Tracker:
>> http://code.google.com/p/twitter-api/issues/list
>> Change your membership to this group:
>> http://groups.google.com/group/twitter-development-talk
>>
>
>  --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] oauth and tokens what up with that?

[玉柱九天]

you can refer to the demo program "gridtwit":
http://code.google.com/p/gridtwit/

It details oauth authentication flow and coding(c++, liboauth).





2010/9/24 Taylor Singletary 

> Hi Mike,
>
> We have a fairly easy path to acquiring an access token just for your own
> account/application combination. You can find out more about it at
> http://dev.twitter.com/pages/oauth_single_token
>
> Taylor
>
>
> On Thu, Sep 23, 2010 at 10:33 AM, Mike the Pike wrote:
>
>> require_once('twitteroauth.php');
>> $connection = new TwitterOAuth('app consumer key', 'app consumer
>> secret', 'my access token', 'my access token secret');
>> $connection->format = 'xml';
>> $result = $connection->post('statuses/update', array('status' =>
>> $message));
>> $resultArray = $connection->http_info;
>>
>>
>> This is my script. I stole it from someone on this group. Much
>> appreciated. I registered my app and got the consumer key and secret
>> consumer key. As I understand it I also require 2 tokens to
>> authenticate with oauth and typically from the apps I've already built
>> these are generated when I log in. However, i don't want to have to
>> log in there I just want to genereate a feed that I can compare to a
>> criteria and output should it match that criteria. This script looks
>> promising but how do I get those tokens?
>>
>> Any help would be appreciated.
>>
>>
>> Thanks,
>> Mike the Pike
>>
>> --
>> Twitter developer documentation and resources: http://dev.twitter.com/doc
>> API updates via Twitter: http://twitter.com/twitterapi
>> Issues/Enhancements Tracker:
>> http://code.google.com/p/twitter-api/issues/list
>> Change your membership to this group:
>> http://groups.google.com/group/twitter-development-talk
>>
>
>  --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] oauth and tokens what up with that?

[Taylor Singletary]

Hi Mike,

We have a fairly easy path to acquiring an access token just for your own
account/application combination. You can find out more about it at
http://dev.twitter.com/pages/oauth_single_token

Taylor

On Thu, Sep 23, 2010 at 10:33 AM, Mike the Pike  wrote:

> require_once('twitteroauth.php');
> $connection = new TwitterOAuth('app consumer key', 'app consumer
> secret', 'my access token', 'my access token secret');
> $connection->format = 'xml';
> $result = $connection->post('statuses/update', array('status' =>
> $message));
> $resultArray = $connection->http_info;
>
>
> This is my script. I stole it from someone on this group. Much
> appreciated. I registered my app and got the consumer key and secret
> consumer key. As I understand it I also require 2 tokens to
> authenticate with oauth and typically from the apps I've already built
> these are generated when I log in. However, i don't want to have to
> log in there I just want to genereate a feed that I can compare to a
> criteria and output should it match that criteria. This script looks
> promising but how do I get those tokens?
>
> Any help would be appreciated.
>
>
> Thanks,
> Mike the Pike
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] oauth and tokens what up with that?

[Mike the Pike]

require_once('twitteroauth.php');
$connection = new TwitterOAuth('app consumer key', 'app consumer
secret', 'my access token', 'my access token secret');
$connection->format = 'xml';
$result = $connection->post('statuses/update', array('status' =>
$message));
$resultArray = $connection->http_info;


This is my script. I stole it from someone on this group. Much
appreciated. I registered my app and got the consumer key and secret
consumer key. As I understand it I also require 2 tokens to
authenticate with oauth and typically from the apps I've already built
these are generated when I log in. However, i don't want to have to
log in there I just want to genereate a feed that I can compare to a
criteria and output should it match that criteria. This script looks
promising but how do I get those tokens?

Any help would be appreciated.


Thanks,
Mike the Pike

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] OAuth request token URL

[Taylor Singletary]

Our system is quirky. There technically isn't a boolean flag set on an
application that dictates whether it's a "web" or "desktop" application --
instead the boolean is a derived value based on the presence of a default
callback URL. Think of this callback URL as a placeholder -- while it should
have some relevance to your application, it doesn't need to strictly
correlate to an actual callback location. To practice "correct" OAuth, you
still need to provide an oauth_callback on the request token step of the
OAuth negotiation phase. The callback provided at that time always
takes precedence.

Taylor

On Thu, Sep 23, 2010 at 12:23 AM, Scott Wilcox  wrote:

> Yes, you can dynamically provide a callback URL, but you still need to
> enter one in the applications settings.
>
> Scott.
>
> On 23 Sep 2010, at 07:34, kengimel wrote:
>
> > Hi,
> >
> > I recently register my twitter application and obtained my OAuth
> > consumer credentials.
> >
> > However i noticed that when registering i choose the browser option as
> > my application will run solely via a web browser, But to my surprise
> > when i dispatched this: POST https://twitter.com/oauth/request_token,
> > I recieved this error mesage from my console.
> >
> > 
> > 
> >  /oauth/request_token
> >  Desktop applications only support the oauth_callback value
> > 'oob'
> > 
> >
> > I have tried several times to select the browser option on my
> > application's settings page, but it says it requires me to define a
> > callback URL, which according to the OAuth standard, allows me to
> > dynamically define my callback URL in the request token stage.
> >
> > can someone tell me what i may be doing wrongly.
> >
> > Cheers
>
> --
> Twitter developer documentation and resources: http://dev.twitter.com/doc
> API updates via Twitter: http://twitter.com/twitterapi
> Issues/Enhancements Tracker:
> http://code.google.com/p/twitter-api/issues/list
> Change your membership to this group:
> http://groups.google.com/group/twitter-development-talk
>

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

Re: [twitter-dev] OAuth request token URL

[Scott Wilcox]

Yes, you can dynamically provide a callback URL, but you still need to enter 
one in the applications settings.

Scott.

On 23 Sep 2010, at 07:34, kengimel wrote:

> Hi,
> 
> I recently register my twitter application and obtained my OAuth
> consumer credentials.
> 
> However i noticed that when registering i choose the browser option as
> my application will run solely via a web browser, But to my surprise
> when i dispatched this: POST https://twitter.com/oauth/request_token,
> I recieved this error mesage from my console.
> 
> 
> 
>  /oauth/request_token
>  Desktop applications only support the oauth_callback value
> 'oob'
> 
> 
> I have tried several times to select the browser option on my
> application's settings page, but it says it requires me to define a
> callback URL, which according to the OAuth standard, allows me to
> dynamically define my callback URL in the request token stage.
> 
> can someone tell me what i may be doing wrongly.
> 
> Cheers

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk

[twitter-dev] OAuth request token URL

[kengimel]

Hi,

I recently register my twitter application and obtained my OAuth
consumer credentials.

However i noticed that when registering i choose the browser option as
my application will run solely via a web browser, But to my surprise
when i dispatched this: POST https://twitter.com/oauth/request_token,
I recieved this error mesage from my console.



  /oauth/request_token
  Desktop applications only support the oauth_callback value
'oob'


I have tried several times to select the browser option on my
application's settings page, but it says it requires me to define a
callback URL, which according to the OAuth standard, allows me to
dynamically define my callback URL in the request token stage.

can someone tell me what i may be doing wrongly.

Cheers

-- 
Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 
http://groups.google.com/group/twitter-development-talk