understood, but, right now, not in the plan. web apps will have to use the
standard oauth workflow.
On Tue, Feb 16, 2010 at 11:29 AM, Dewald Pretorius wrote:
> Actually, this whole Chinese user issue affects web apps as well.
> Because, with OAuth, any Chinese user (or any user whose company
>
Actually, this whole Chinese user issue affects web apps as well.
Because, with OAuth, any Chinese user (or any user whose company
blocks Twitter.com) cannot use the web app or add the Twitter account
to a web app that uses OAuth.
So, web apps should have the option of offering their users the xau
>
> But, for web apps you are still going to allow the one-time bulk
> conversion of existing users with xauth, correct?
>
yes.
--
Raffi Krikorian
Twitter Platform Team
http://twitter.com/raffi
> oauth. the caveat is that i stated that xauth will not be allowed for "web
> applications", but i can think of a few creative ways around that.
Raffi,
I assume that would be as a general rule for day-to-day operations of
web apps.
But, for web apps you are still going to allow the one-time b
Hi Raffi,
I've sent an eMail to a...@twitter.com requesting permission to use
xAuth in my S60 Twitter Client Gravity. Just curious if there's any
ETA for granting access to xAuth and/or providing documentation.
Many thanks in advance,
Ole
--
Jan Ole Suhr
s...@mobileways.de
On Twitter: http://twi
what i would do (with that caveat that i'm speaking as myself and not
necessarily as a twitter employee ;P):
make a proxy that uses xauth - you could still ask for a username/password,
use xauth to do the exchange with twitter, and then proxy the basic auth to
oauth. the caveat is that i stated
I read the WRAP draft. I have to say that it's much simpler than OAuth
1.0a.
It doesn't need too much modification to twitter client to support API
proxy, if xauth is widely available.
Thank you all for your replies and concerns :-)
On Feb 12, 7:04 pm, yegle wrote:
> Oh yes I forgot that HTTP p
Oh yes I forgot that HTTP proxy resolves the domain name at server
side :-)
On Feb 12, 6:18 pm, Harshad RJ wrote:
> On Fri, Feb 12, 2010 at 12:17 PM, yegle wrote:
> > Nope, it doesn't work :-(
> > All DNS queries to twitter.com inside China is poisoned and all
> > twitter's available IP is block
There is no detailed information about xauth right now, but the WRAP
specification did allow to fetch access token using username/password,
that makes a proxy script possible.I think this is xauth about: get
access token using username/password and then do the rest things using
oauth.
I'm still wa
On Fri, Feb 12, 2010 at 12:17 PM, yegle wrote:
> Nope, it doesn't work :-(
> All DNS queries to twitter.com inside China is poisoned and all
> twitter's available IP is blocked.
>
Oh btw, I meant HTTPS proxies that sit outside the firewall.
I assume that DNS queries for twitter.com would be run
Hi Brian,
Thank you, I just noticed the new OAuth specification.
I'll read the specification first and see if there is any workaround
available :-)
On Feb 12, 5:40 pm, Brian Smith wrote:
> yegle wrote:
> > Basically, a API proxy script works as a middleman between twitter and
> > twitter client,
On Fri, Feb 12, 2010 at 12:17 PM, yegle wrote:
> Nope, it doesn't work :-(
> All DNS queries to twitter.com inside China is poisoned and all
> twitter's available IP is blocked.
>
Ah, I hadn't implemented for the OAuth authorization page. Just done.
(Sorry for the spam, list. Last mail on the
Nope, it doesn't work :-(
All DNS queries to twitter.com inside China is poisoned and all
twitter's available IP is blocked.
Anyway, HTTPS should be enabled or at least provide an option :-)
On Feb 12, 2:38 pm, Harshad RJ wrote:
> Made me realise that my app (tDash) should be using HTTPS for all
Made me realise that my app (tDash) should be using HTTPS for all API calls.
Just made a new release now.
Hoping that helps users behind a firewall.
On Fri, Feb 12, 2010 at 11:12 AM, yegle wrote:
> Yes, but not all clients support HTTPS proxy, especially mobile
> clients.
>
> On Feb 12, 1:39 p
Yes, but not all clients support HTTPS proxy, especially mobile
clients.
On Feb 12, 1:39 pm, Harshad RJ wrote:
> Wouldn't a regular HTTPS proxy be sufficient?
>
>
>
>
>
>
>
>
>
> On Fri, Feb 12, 2010 at 11:00 AM, yegle wrote:
> > Hi all,
> > This could be a long email.
>
> > I read Raffi's post
15 matches
Mail list logo
