We are building an application client that is browser based.  We're
very comfortable with using OAuth from our server side code and are
using it fine with the REST API (users sign in, authenticate with
Twitter, we store their access tokens and reuse as requested - at the
moment we mimic the required Twitter API on our server and when a user
does something like a POST, we call our stub, use their token to then
make the call via OAuth to Twitter).

So far so good, but we'd like to implement User Streaming directly
into the client side application.

I've been browsing the Twitter Development documentation and there's a
couple of points I'd like clarification on:

* http://dev.twitter.com/pages/auth_overview says Streaming supports
Basic and OAuth.

* http://dev.twitter.com/pages/user_streams says that the user streams
supports OAuth only "HTTPS, OAuth and JSON only".  No problems here, I
just raise it to point out the auth_overview doco is slightly out of

* http://dev.twitter.com/pages/oauth_libraries talks about a JS
library but says "Javascript really shouldn't be used for OAuth 1.0A
with respect to websites in web browsers. Ideally, you'll only use
Javascript to perform OAuth operations when using server-side."

The points I'd like some clarification on:

1. Given user_streams API is the intended way for clients to access
Twitter going forwards, I presume it's intended not just for desktop,
but also web clients too?
2. If 1 is correct, then is it OK to use JavaScript for the OAuth?  If
it's not, what is the recommended approach for a client side web
application to connect and authenticate to the user_stream?



Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 

Reply via email to