Would appreciate any feedback or thoughts on this.

On Apr 13, 3:03 pm, YCBM <youcannotb...@gmail.com> wrote:
> Ok, so I'm a bit out of the loop so I've been doing a lot of catching
> up on oAuth Echo starting 
> withhttp://groups.google.com/group/twitter-development-talk/browse_thread....
> Scenario is large number of Twitter clients accessing media upload api
> for our site service along with end-users sharing via browser.
> I understand June 2010 is the cutoff for basic auth.  Some sites may
> be provided with xAuth on a limited basis in regards to "moving
> everybody off basic authentication, we originally envisioned this as a
> mechanism for developers to exchange all the username
> and passwords they have in their databases for OAuth tokens en masse."
> Still trying to wrap my head around oAuth Echo.  From what I
> understand, delegation from a Twitter app like TweetDeck (for example)
> would pass its oAuth access tokens to our site to pass to Twitter.
> A few questions:
> - xAuth seems straight-forward if granted temporary access.  I assume
> these tokens are the same as if the end-user went through the normal
> oAuth process in a browser?  New users to the 3rd party web site would
> be using oAuth.
> - Typically if a user is sharing a media file through our site and
> they are NOT registered (no account in our system) and have never
> logged in using oAuth on our site, we create an account for them.  Can
> we store the access tokens from an external app when we create their
> account?  If so, would there be a conflict if an event occurs in which
> we post a status update on their behalf without the delegation in the
> header?  Or is it a one-time use thing?
> - Once the user visits our site and logs into Twitter using oAuth,
> we'll store those tokens.  Is it best practice to use those whenever
> the same user shares a media file through an external app or should
> the delegated tokens always be used?
> - Finally, while Twitter may be depreciating basic auth and everyone
> (if they haven't already) will be using oAuth, is there a plan for
> users who use 3rd party Twitter apps for mobile devices that HAVE NOT
> upgraded to the latest version yet?  Although xAuth is geared towards
> desktop and mobile apps, there may be quite a few users who have not
> upgraded their app trying to either use it or share media with it
> through sites like ours.
> -
> I did notice that on this pagehttp://apiwiki.twitter.com/Authentication,
> its confusing as to whether or not basic auth will be completely
> depreciated.  If it will be, someone should update it as its
> misleading.
> Thanks in advance!
> Best,
> Y.

Reply via email to