you don't have to implement oauth 2.... oauth 1.0a is the supported and recommended version for now.
On Tue, Apr 20, 2010 at 12:38 PM, Dean Collins <d...@cognation.net> wrote: > Great so you are moving before oauth 2 is finished. You guys are crazy. > You’re making everyone change now and then change again in 3 months. > > > > > > > > > > Cheers, > > Dean > > > ------------------------------ > > *From:* email@example.com [mailto: > twitter-development-t...@googlegroups.com] *On Behalf Of *Marcel Molina > *Sent:* Tuesday, April 20, 2010 3:13 PM > *To:* firstname.lastname@example.org; > twitter-api-annou...@googlegroups.com > *Subject:* [twitter-dev] Announcing Twurl: OAuth-enabled curl for the > Twitter API > > > > We've announced that come June 2010, Basic Auth will no longer be supported > via the Twitter API. All authenticated requests will be moving to OAuth > (either version 1.0a or the emerging 2.0 spec). There are many benefits from > this change. Aside from the obvious security improvements, having all > requests be signed with OAuth gives us far better visibility into our > traffic and allows us many more tools for controlling and limiting abuse. > When we know and trust the origin of our traffic we can loosen the reigns a > lot and trust by default. We've already made a move in this direction by > automatically increasing rate limits for requests signed with OAuth made to > the new versioned api.twitter.com host. > > > > One of the often cited virtues of the Twitter API is its simplicity. All > you have to do to poke around at the API is curl, for example, > http://api.twitter.com/1/users/noradio.xml and you're off and running. > When you require that OAuth be added to the mix, you risk losing the > simplicity and low barrier to entry that curl affords you. We want to > preserve this simplicity. So we've provided two tools to let you poke around > at the API without having to fuss with all the extraneous details of OAuth. > For those who want the ease of the web, we've already included an API > console in our new developer portal at http://dev.twitter.com/console. And > now today we're glad to make available the Twurl command line utility as > open source software: > > > > http://github.com/marcel/twurl > > > > If you already have RubyGems (http://rubygems.org/), you can install it > with the gem command: > > > > sudo gem i twurl --source http://rubygems.org > > > > If you don't have RubyGems but you have Rake (http://rake.rubyforge.org/), > you can install it "from source". Check out the INSTALL file ( > http://github.com/marcel/twurl/blob/master/INSTALL). > > > > Once you've got it installed, start off by checking out the README ( > http://github.com/marcel/twurl/blob/master/README) (you can always get the > README by running 'twurl -T'): > > > > +-------+ > > | Twurl | > > +-------+ > > > > Twurl is like curl, but tailored specifically for the Twitter API. > > It knows how to grant an access token to a client application for > > a specified user and then sign all requests with that access token. > > > > It also provides other development and debugging conveniences such > > as defining aliases for common requests, as well as support for > > multiple access tokens to easily switch between different client > > applications and Twitter accounts. > > > > +-----------------+ > > | Getting Started | > > +-----------------+ > > > > The first thing you have to do is register an OAuth application > > to get a consumer key and secret. > > > > http://dev.twitter.com/apps/new > > > > When you have your consumer key and its secret you authorize > > your Twitter account to make API requests with your consumer key > > and secret. > > > > % twurl authorize --consumer-key the_key \ > > --consumer-secret the_secret > > > > This will return an URL that you should open up in your browser. > > Authenticate to Twitter, and then enter the returned PIN back into > > the terminal. Assuming all that works well, you will beauthorized > > to make requests with the API. Twurl will tell you as much. > > > > If your consumer application has xAuth enabled, then you can use > > a variant of the above > > > > % twurl authorize -u username -p password \ > > --consumer-key the_key \ > > --consumer-secret the_secret > > > > And, again assuming your username, password, key and secret is > > correct, will authorize you in one step. > > > > +-----------------+ > > | Making Requests | > > +-----------------+ > > > > The simplest request just requires that you specify the path you > > want to request. > > > > % twurl /1/statuses/home_timeline.xml > > > > Similar to curl, a GET request is performed by default. > > > > You can implicitly perform a POST request by passing the -d option, > > which specifies POST parameters. > > > > % twurl -d 'status=Testing twurl' /1/statuses/update.xml > > > > You can explicitly specify what request method to perform with > > the -X (or --request-method) option. > > > > % twurl -X DELETE /1/statuses/destroy/123456.xml > > > > +------------------+ > > | Creating aliases | > > +------------------+ > > > > % twurl alias h /1/statuses/home_timeline.xml > > > > You can then use "h" in place of the full path. > > > > % twurl h > > > > Paths that require additional options such as request parameters for > example can > > be used with aliases the same as with full explicit paths, just as you > might > > expect. > > > > % twurl alias tweet /1/statuses/update.xml > > % twurl tweet -d "status=Aliases in twurl are convenient" > > > > +-------------------------------+ > > | Changing your default profile | > > +-------------------------------+ > > > > The first time you authorize a client application to make requests on > behalf of your account, twurl stores your access token information in its > .twurlrc file. Subsequent requests will use this profile as the default > profile. You can use the 'accounts' subcommand to see what client > applications have been authorized for what user names: > > > > % twurl accounts > > noradio > > HQsAGcBm5MQT4n6j7qVJw > > hhC7Koy2zRsTZvQh1hVlSA (default) > > testiverse > > guT9RsJbNQgVe6AwoY9BA > > > > Notice that one of those consumer keys is marked as the default. To change > the default use the 'set' subcommand, passing then either just the username, > if it's unambiguous, or the username and consumer key pair if it isn't > unambiguous: > > > > % twurl set default testiverse > > % twurl accounts > > noradio > > HQsAGcBm5MQT4n6j7qVJw > > hhC7Koy2zRsTZvQh1hVlSA > > testiverse > > guT9RsJbNQgVe6AwoY9BA (default) > > > > % twurl set default noradio HQsAGcBm5MQT4n6j7qVJw > > % twurl accounts > > noradio > > HQsAGcBm5MQT4n6j7qVJw (default) > > hhC7Koy2zRsTZvQh1hVlSA > > testiverse > > guT9RsJbNQgVe6AwoY9BA > > > > +--------------+ > > | Contributors | > > +--------------+ > > > > Marcel Molina <mar...@twitter.com> / @noradio > > Raffi Krikorian <ra...@twitter.com> / @raffi > > > -- > Marcel Molina > Twitter Platform Team > http://twitter.com/noradio > -- Raffi Krikorian Twitter Platform Team http://twitter.com/raffi -- Subscription settings: http://groups.google.com/group/twitter-development-talk/subscribe?hl=en