[twitter-api-announce] Announcing Twurl: OAuth-enabled curl for the Twitter API
190 views
Skip to first unread message
Marcel Molina
Apr 20, 2010, 3:13:15 PM4/20/10
to twitter-deve...@googlegroups.com, twitter-ap...@googlegroups.com
We've announced that come June 2010, Basic Auth will no longer be supported via the Twitter API. All authenticated requests will be moving to OAuth (either version 1.0a or the emerging 2.0 spec). There are many benefits from this change. Aside from the obvious security improvements, having all requests be signed with OAuth gives us far better visibility into our traffic and allows us many more tools for controlling and limiting abuse. When we know and trust the origin of our traffic we can loosen the reigns a lot and trust by default. We've already made a move in this direction by automatically increasing rate limits for requests signed with OAuth made to the new versioned api.twitter.com host.
One of the often cited virtues of the Twitter API is its simplicity. All you have to do to poke around at the API is curl, for example, http://api.twitter.com/1/users/noradio.xml and you're off and running. When you require that OAuth be added to the mix, you risk losing the simplicity and low barrier to entry that curl affords you. We want to preserve this simplicity. So we've provided two tools to let you poke around at the API without having to fuss with all the extraneous details of OAuth. For those who want the ease of the web, we've already included an API console in our new developer portal at http://dev.twitter.com/console. And now today we're glad to make available the Twurl command line utility as open source software:
If you already have RubyGems (http://rubygems.org/), you can install it with the gem command:
sudo gem i twurl --source http://rubygems.org
If you don't have RubyGems but you have Rake (http://rake.rubyforge.org/), you can install it "from source". Check out the INSTALL file (http://github.com/marcel/twurl/blob/master/INSTALL).
Once you've got it installed, start off by checking out the README (http://github.com/marcel/twurl/blob/master/README) (you can always get the README by running 'twurl -T'):
+-------+
| Twurl |
+-------+
Twurl is like curl, but tailored specifically for the Twitter API.
It knows how to grant an access token to a client application for
a specified user and then sign all requests with that access token.
It also provides other development and debugging conveniences such
as defining aliases for common requests, as well as support for
multiple access tokens to easily switch between different client
applications and Twitter accounts.
+-----------------+
| Getting Started |
+-----------------+
The first thing you have to do is register an OAuth application
to get a consumer key and secret.
When you have your consumer key and its secret you authorize
your Twitter account to make API requests with your consumer key
and secret.
% twurl authorize --consumer-key the_key \
--consumer-secret the_secret
This will return an URL that you should open up in your browser.
Authenticate to Twitter, and then enter the returned PIN back into
the terminal. Assuming all that works well, you will beauthorized
to make requests with the API. Twurl will tell you as much.
If your consumer application has xAuth enabled, then you can use
a variant of the above
% twurl authorize -u username -p password \
--consumer-key the_key \
--consumer-secret the_secret
And, again assuming your username, password, key and secret is
correct, will authorize you in one step.
+-----------------+
| Making Requests |
+-----------------+
The simplest request just requires that you specify the path you
want to request.
% twurl /1/statuses/home_timeline.xml
Similar to curl, a GET request is performed by default.
You can implicitly perform a POST request by passing the -d option,
which specifies POST parameters.
% twurl -d 'status=Testing twurl' /1/statuses/update.xml
You can explicitly specify what request method to perform with
the -X (or --request-method) option.
% twurl -X DELETE /1/statuses/destroy/123456.xml
+------------------+
| Creating aliases |
+------------------+
% twurl alias h /1/statuses/home_timeline.xml
You can then use "h" in place of the full path.
% twurl h
Paths that require additional options such as request parameters for example can
be used with aliases the same as with full explicit paths, just as you might
expect.
% twurl alias tweet /1/statuses/update.xml
% twurl tweet -d "status=Aliases in twurl are convenient"
+-------------------------------+
| Changing your default profile |
+-------------------------------+
The first time you authorize a client application to make requests on behalf of your account, twurl stores your access token information in its .twurlrc file. Subsequent requests will use this profile as the default profile. You can use the 'accounts' subcommand to see what client applications have been authorized for what user names:
% twurl accounts
noradio
HQsAGcBm5MQT4n6j7qVJw
hhC7Koy2zRsTZvQh1hVlSA (default)
testiverse
guT9RsJbNQgVe6AwoY9BA
Notice that one of those consumer keys is marked as the default. To change the default use the 'set' subcommand, passing then either just the username, if it's unambiguous, or the username and consumer key pair if it isn't unambiguous:
% twurl set default testiverse
% twurl accounts
noradio
HQsAGcBm5MQT4n6j7qVJw
hhC7Koy2zRsTZvQh1hVlSA
testiverse
guT9RsJbNQgVe6AwoY9BA (default)
% twurl set default noradio HQsAGcBm5MQT4n6j7qVJw
% twurl accounts
noradio
HQsAGcBm5MQT4n6j7qVJw (default)
hhC7Koy2zRsTZvQh1hVlSA
testiverse
guT9RsJbNQgVe6AwoY9BA
+--------------+
| Contributors |
+--------------+
Marcel Molina <mar...@twitter.com> / @noradio
Raffi Krikorian <ra...@twitter.com> / @raffi
--
Marcel Molina
Twitter Platform Team
http://twitter.com/noradio
--
Twitter API documentation and resources: http://apiwiki.twitter.com
API updates via Twitter: http://twitter.com/twitterapi
Change your membership to this group: http://groups.google.com/group/twitter-api-announce?hl=en
Reply all
Reply to author
Forward
0 new messages