[twitter-dev] server app publishing twitter status updates with oauth?
52 views
Skip to first unread message
Simon
Apr 27, 2010, 10:26:59 PM4/27/10
to Twitter Development Talk
Hi All,
We currently have a java application running on a server (no user
interface) that publishes twitter status updates about new "special
deals" to one single twitter account. Users follow this account to
receive info about these specials.
This app currently uses basic authentication, so we'll need to update
it to use oauth. However I'm a little confused about what steps I need
to take. Advice will be appreciated.
Currently the code uses standard Java APIs to open a connection and
manually build a POST request (including basic-auth headers); this is
about 15 lines of Java code. The sole twitter account name and
password are stored in a configuration file on the server.
Questions:
(1)
Do I need to register an "application" here?
http://twitter.com/oauth_clients/new
Note that this app isn't something that users can download or directly
interact with.
(2)
Do I need to define a "connection" for the twitter account for this
app?
As I understand it, the option to allow a "connection" from the
twitter account only pops up after I have used a browser to log in
using the url generated by a getRequestToken call from my app. But my
app doesn't have a UI, and doesn't expect any users to log in via
browsers.
Is there perhaps some tool that I can paste the "consumer key" into,
and which will then do the getRequestToken + print the resulting URL
so I can then define a "connection" from the target twitter account?
(3)
Is xAuth the correct protocol to use here? There is only one
"user" (twitter account) used by this app.
(4)
Is there a good example of doing xauth followed by a simple status-
update in Java? Libraries like "twitter4j" or "signpost" seem like
overkill for this situation, given that the current basic-auth
implementation is about 15 lines of java.
Thanks,
Simon
We currently have a java application running on a server (no user
interface) that publishes twitter status updates about new "special
deals" to one single twitter account. Users follow this account to
receive info about these specials.
This app currently uses basic authentication, so we'll need to update
it to use oauth. However I'm a little confused about what steps I need
to take. Advice will be appreciated.
Currently the code uses standard Java APIs to open a connection and
manually build a POST request (including basic-auth headers); this is
about 15 lines of Java code. The sole twitter account name and
password are stored in a configuration file on the server.
Questions:
(1)
Do I need to register an "application" here?
http://twitter.com/oauth_clients/new
Note that this app isn't something that users can download or directly
interact with.
(2)
Do I need to define a "connection" for the twitter account for this
app?
As I understand it, the option to allow a "connection" from the
twitter account only pops up after I have used a browser to log in
using the url generated by a getRequestToken call from my app. But my
app doesn't have a UI, and doesn't expect any users to log in via
browsers.
Is there perhaps some tool that I can paste the "consumer key" into,
and which will then do the getRequestToken + print the resulting URL
so I can then define a "connection" from the target twitter account?
(3)
Is xAuth the correct protocol to use here? There is only one
"user" (twitter account) used by this app.
(4)
Is there a good example of doing xauth followed by a simple status-
update in Java? Libraries like "twitter4j" or "signpost" seem like
overkill for this situation, given that the current basic-auth
implementation is about 15 lines of java.
Thanks,
Simon
Simon
Apr 28, 2010, 7:32:30 PM4/28/10
to Twitter Development Talk
To reply to myself: I've figured most of this out now.
(1)
Yes, the app should be registered.
Log on to the twitter account that messages will be published to, then
go to "dev.twitter.com/apps" and add a new app.
(2)
When an app is defined by an account, the app is automatically added
to that account's connections.
(3)
No, xauth is not the right tool. On the app page (either just after
defining the app, or later by account settings | connections), the "my
access token" button will create an authentication (token, secret)
pair that can be used to authenticate the server app against the
account. The "web-based authentication" step is then unnecessary.
These auth tokes do not expire (unless you explicitly log onto the
account and revoke the token).
(4)
It looks like the signing is not too complicated, but also non-
trivial; oauth is simply more complex than basic auth. So using a lib
is probably the best solution. The Signpost project (google) appears
to have a nice small implementation.
(1)
Yes, the app should be registered.
Log on to the twitter account that messages will be published to, then
go to "dev.twitter.com/apps" and add a new app.
(2)
When an app is defined by an account, the app is automatically added
to that account's connections.
(3)
No, xauth is not the right tool. On the app page (either just after
defining the app, or later by account settings | connections), the "my
access token" button will create an authentication (token, secret)
pair that can be used to authenticate the server app against the
account. The "web-based authentication" step is then unnecessary.
These auth tokes do not expire (unless you explicitly log onto the
account and revoke the token).
(4)
It looks like the signing is not too complicated, but also non-
trivial; oauth is simply more complex than basic auth. So using a lib
is probably the best solution. The Signpost project (google) appears
to have a nice small implementation.
Taylor Singletary
Apr 29, 2010, 10:40:19 AM4/29/10
to twitter-deve...@googlegroups.com
Hi Simon,
You've figured out all the right answers! Glad to hear. SignPost should work fine for you with Twitter, but I'll just mention that it has some issues with other services with stricter OAuth implementations.
Wish you luck in finding your way to OAuth, and we're here to help if you get stuck along the way.
Lil Peck
Apr 29, 2010, 11:23:58 AM4/29/10
to twitter-deve...@googlegroups.com
Squeaky wheel here again. Some of us have been asking for oauth
examples for our single user web apps (currently basic auth) that
automatically post updates via either php curl or classic asp xhttp.
While we're all trying to wrap our heads around oauth, it seems to me
that there certainly must be lots of duplication of effort and wasted
time.
Does anyone have a simple working example of either that doesn't
require a PHP in computer programming to understand? 2 legged oauth
for dummies, anyone? ;)
examples for our single user web apps (currently basic auth) that
automatically post updates via either php curl or classic asp xhttp.
While we're all trying to wrap our heads around oauth, it seems to me
that there certainly must be lots of duplication of effort and wasted
time.
Does anyone have a simple working example of either that doesn't
require a PHP in computer programming to understand? 2 legged oauth
for dummies, anyone? ;)
Reply all
Reply to author
Forward
0 new messages