However - will we ever see the ability for 3rd party applications to talk to eachother using oAuth tokens? For example a custom twitter oAuth application using TwitPic to publish photos?
On Feb 4, 6:26 pm, Raffi Krikorian <[email protected]> wrote: > totally. > > > > On Thu, Feb 4, 2010 at 3:23 PM, Abraham Williams <[email protected]> wrote: > > I would imagine that Twitter will require SSL for xAuth calls. > > > Abraham > > > On Thu, Feb 4, 2010 at 14:44, Dewald Pretorius <[email protected]> wrote: > > >> Interesting, Abraham. > > >> Don't we ever need OAuth Wrap, otherwise that x-auth-password will be > >> sent in clear text, kind of making a mockery of the whole OAuth thing. > > >> On Feb 4, 6:35 pm, Abraham Williams <[email protected]> wrote: > >> > I poked around Seesmic Look a little and this is what I found: > >>http://the.hackerconundrum.com/2010/02/sneak-peek-at-twitters-browser... > > >> > Abraham > > >> > On Thu, Feb 4, 2010 at 14:24, Dewald Pretorius <[email protected]> > >> wrote: > >> > > Zach, > > >> > > There's a soon to be published API method where you can silently get > >> > > the OAuth tokens when you have the account's Twitter username and > >> > > password, meaning the user does not experience any of the normal OAuth > >> > > flow. > > >> > > I presume that Seesmic just got early access to that method. > > >> > > So, in this case, user-to-app requires Basic Auth credentials, but > >> app- > >> > > to-Twitter uses OAuth once the app has obtained the tokens with the > >> > > new method. > > >> > > On Feb 4, 4:21 pm, Zac Bowling <[email protected]> wrote: > >> > > > Yes, what magic is this? > > >> > > > I'm confused. It takes username and password but then uses OAuth? > > >> > > > I wonder if they are injecting the username/password into the OAuth > >> form > >> > > on > >> > > > the page. > > >> > > > Twitter should really randomize that page or require captcha or > >> > > something. > > >> > > > Zac Bowling > > >> > > > On Wed, Feb 3, 2010 at 11:43 AM, Dewald Pretorius <[email protected] > > >> > > wrote: > >> > > > > Raffi, > > >> > > > > Have you tried it? There is no OAuth flow. I.e., the user types in > >> his > >> > > > > Twitter username and password. That's it. > > >> > > > > If it is indeed using OAuth, does that mean that the background > >> > > > > requesting of tokens when you have the Twitter credentials is now > >> > > > > available? Meaning, I can also now use it to convert all existing > >> > > > > Twitter accounts to OAuth in one fell swoop? > > >> > > > > On Feb 3, 3:02 pm, Raffi Krikorian <[email protected]> wrote: > >> > > > > > seesmic look, i believe, is using oauth talking to > >> api.twitter.com. > > >> > > > > > On Tue, Feb 2, 2010 at 8:09 PM, Dewald Pretorius < > >> [email protected]> > >> > > > > wrote: > >> > > > > > > Raffi, > > >> > > > > > > What's going on here? > > >> > > > > > > Your credibility is at stake here. You've been telling us in > >> many > >> > > > > > > posts that new apps must use OAuth to get a source > >> attribution, and > >> > > > > > > only old grandfathered apps have source attribution with Basic > >> > > Auth. > > >> > > > > > > On Feb 2, 11:18 pm, Dewald Pretorius <[email protected]> > >> wrote: > >> > > > > > > > At first I thought they must have changed the old Seesmic > >> source > >> > > to > >> > > > > > > > Seesmic Look. > > >> > > > > > > > But no. > > >> > > > > > > > Here's a recent tweet from Seesmic: > >> > > > > > >http://twitter.com/CathyBrooks/status/8570217879 > > >> > > > > > > > And here's a recent one from Seesmic Look: > >> > > > > > >http://twitter.com/adamse/status/8565271563 > > >> > > > > > > > Seesmic Look uses Basic Auth. > > >> > > > > > > > Does anyone else spot Mt Everest on this level playing field > >> of > >> > > ours? > > >> > > > > > > > On Feb 2, 10:41 pm, Pedro Junior <[email protected]> > >> wrote: > > >> > > > > > > > > *Seesmic Look is old? > >> > > > > > > > > * > >> > > > > > > > > - > >> > > > > > > > > Pedro Junior > > >> > > > > > > > > 2010/2/2 Lukas Müller <[email protected]> > > >> > > > > > > > > > Only old apps can do this. New apps cannot use it. > > >> > > > > > -- > >> > > > > > Raffi Krikorian > >> > > > > > Twitter Platform Teamhttp://twitter.com/raffi > > >> > -- > >> > Abraham Williams | Community Advocate |http://abrah.am > >> > Project | Out Loud |http://outloud.labs.poseurtech.com > >> > This email is: [ ] shareable [x] ask first [ ] private. > >> > Sent from Seattle, WA, United States > > > -- > > Abraham Williams | Community Advocate |http://abrah.am > > Project | Out Loud |http://outloud.labs.poseurtech.com > > This email is: [ ] shareable [x] ask first [ ] private. > > Sent from Seattle, WA, United States > > -- > Raffi Krikorian > Twitter Platform Teamhttp://twitter.com/raffi
