I have a similar, perhaps broader, issue and a suggestion for a

My problem is that my site, http://twxlate.com, supports 40+ languages
for its user interface, not just the two supported by twitter.com. By
that I mean that the user interface is available in 40+ languages, not
just that it can handle information obtained from twitter that could
be in any one of the 40+ languages.

The site currently supports Basic Authentication, with the prompts in
one of the 40+ languages of the user's choosing. It works quite
nicely, thank you, for user's that are comfortable in giving the site
their user id and passwords.

When I add support for OAuth, which I am doing, I can present the link
to twitter's OAuth page in that language of the user's choosing. But
the OAuth page itself is only available in two languages. This could
result in a roadblock to users that are not fluent in either of those
two languages using my site. Especially when twitter turns off Basic
Authentication sometime in the (hopefully distant :-) ) future.

My suggestion for a fix to this (and other related problems) is to add
a method to the API that requires only Basic Authentication and that
returns the same information as the OAuth callback (i.e., consumer
secret) just as if the authenticated user had gone to the OAuth page
and approved the application to access twitter on its behalf.

My rational for this is as follows: if the user was comfortable, for
whatever reason, with giving the information necessary to authenticate
them (i.e, user id and password) to my site and twitter accepts it on
a request by request basis with Basic Authentication now, why should
they not continue to accept it in the future? If twitter wants to do
away with Basic Authentication on a request by request basis and
require OAuth preauthorization for API requests, why should they not
accept a Basic Authorization "bridge" into OAuth for users that are
comfortable, for whatever reason, with giving the necessary
information to the application that will access twitter on their

BTW, this solution would also solve the much discussed problems of
client applications, especially mobile device applications, that have
difficulty getting back and forth to the twitter OAuth page because
of, e.g., limited device functionality.

Comment welcome and definitely expected on this one! :-)

Jim Renkel

P.S.: How do users that aren't fluent in English or Japanese get
twitter accounts in the first place? I'll leave a proposal for that to
another day, another post.

On Aug 22, 12:40 am, bang <bang...@gmail.com> wrote:
> I'm the builder of Twitese (http://twitese.appspot.com/), a chinese
> web client for Twitter. I know that if a new web appwantto show from
> [myApp], the only way is touseOAuth, but in china that's infeasible,
> because twitter has been block in china, chinese people can not access
> twitter.com touseOAuth. So Ican'tuseOAuth. The only way to login
> isuseHTTP Basic, as the result, statuses post from Twitese just show
> "from web". So Iwanttoapplyasourcefor my Twitese, is that
> possible?

Reply via email to