Discussion around the release of application-only authentication

pix_test · 2013-06-19T11:21:31.000Z

Hey i am using below code to display tweets on my site, now how can i convert this code to json with oAuth.

$this->realNamePattern = ‘/((.*?))/’;
$this->searchURL = ‘http://search.twitter.com/search.atom?lang=en&q=’;

Please see this discussion https://dev.twitter.com/discussions/18548. and give comments.

Basic4android · 2013-06-19T12:06:00.000Z

Same issue here. The timeline API works but the search API returns: {“errors”:[{“message”:“Your credentials do not allow access to this resource”,“code”:220}]}

ajadarti · 2013-06-19T15:04:59.000Z

hi i need to developpe an API to search tweets by key word
Kind regards,

MohanDeoche · 2013-06-19T15:33:43.000Z

API v1.1 support json does i need to make changes in my application code because code getting response from API v1 which returns xml response

EricJHiggins · 2013-06-25T00:09:05.000Z

I’d like to request some way to debug requests sent to ‘oauth2/token’. I’m sending what appear to be well-formed requests, expecting to receive an access token, but instead I receive a 400: Bad Request. The body contains no errors. The Developer site contains no logs. The documentation provides no guidance. Now I’m shaving yaks instead of getting real work done.

Requiring that these requests come from authorized URLs also makes this quite difficult to test in a development environment.

froginthevalley · 2013-06-25T17:17:43.000Z

You can use the OAuth tool for a quick check, for example at https://dev.twitter.com/docs/api/1.1/get/search/tweets in the right hand column (all endpoint documentation pages have this). Choose your specific app from the drop down, then click “generate signature”. This is a good way to make sure you generate a good signature. You can also use the cURL output to test it directly in the terminal.

EricJHiggins · 2013-07-11T19:25:28.000Z

@froginthevalley The OAuth tools seems to only support OAuth1, but I’m trying to work with OAuth2 for Application-only authentication.

bryan_m · 2013-06-26T09:37:32.000Z

I’m now getting entirely random 401 and 403’s. The OAuth process works fine, I can then send some updates but then some are just randomly dropped with a 401, every now and then I get 403’s as well.

This is all entirely random. It should either just work or not work, I am not hitting rate limits because if I was I wouldn’t see a 401 error, they would be entirely different.

How about fixing this bug twitter?

oieatstate · 2013-06-30T21:22:34.000Z

How do I obtain and application only authentication. I’m using a dashboard in codeigniter that collects twitters subscribers for multiple users. No account id or username needed as it is an application.
Can someone please help I’ve been struggling for 4 days now. My customer don’t have any data to view, it’s all blank.

Getting a blank page.

froginthevalley · 2013-07-02T18:01:24.000Z

Some URL encoding errors are known to cause 401 and 403, make sure you URL encode parameters you send. Please post more details if you need help, at least the request, headers and the response.

froginthevalley · 2013-07-02T18:03:31.000Z

See the [node:13439] documentation, the step by step process is outlined there in the “Issuing application-only requests” section.

songdna · 2013-07-03T15:45:30.000Z

Hi, I made a full working Android 1.5+ example application and tips & tricks you might encounter when implementing the new 1.1 API in Java. The example app contains app-only and user-context related API v1.1 sample code. Hope it helps some of you!

Details at: Tech Team Lead News: Integrating Twitter 1.1 api in Android with oauth including app-only authentication

leadconcept1 · 2013-07-05T16:08:09.000Z

Any one can help me please, i want to search tweets against hash tags stored against different user’s profiles. but the widget available on twitter website is only providing the functionality to search tweets by static hash tag only. please any one can help me how i can get tweets dynamically …

GameZino · 2013-07-06T06:59:45.000Z

I would like to hire a Developer to create a Twitter application. Contact me on Twitter.

GameZino · 2013-07-06T06:58:58.000Z

I would like to hire a Developer to create a Twitter application. Contact me on Twitter.

TenHorsesMobile · 2013-07-06T13:32:05.000Z

@Twitter engineers: Do the app-only access tokens have an expiry date? I have an iPhone app using app-only authorization in order to display search results using the 1.1 API. With the current source code, the app will request a token every time it is launched. Is that necessary? I would prefer to store the access token in the app’s and use it on subsequent app launches. That way, in the future only the search http call needs to be made and the initial step (getting the token) can be skipped. As a result, the app’s performance will be better. Obviously this will only make sense if the token remains unchanged and valid for an indefinite period of time, not if it expires after, say, 30 days. So please tell, do app-only access tokens have an expiry date? Thank you!

GeeWebSolutions · 2013-07-08T16:02:00.000Z

I’ve done this and so tired. I’ve been working on this for over a week now. My application is using a widget to display information. the user information is stored in a database and the widget reads from a couple of fields. I can’t access any data using app-only. I tested it with user only it worked. but this is for 1 user, i need to get all 312 user timeline.

//Twitter
elseif($_POST[‘platform’] == ‘twitter’):

    $rate = @file_get_contents('http://api.twitter.com/1.1/account/rate_limit_status.json');
	$rate = json_decode($rate);
	
	if($rate->remaining_hits == 0):
		$error = 'Sorry, rate limited';
	else:
		$account_data = @file_get_contents('http://api.twitter.com/1.1/users/show.json?screen_name='.$_POST['account_id'].'&include_entities=true');
		$account_data = json_decode($account_data);
	endif;
	
	if($account_data != false):
		$new_account = array(
			'id' => $account_data->screen_name,
			'username' => $account_data->screen_name,
			'name' => $account_data->name,
			'link' => 'http://twitter.com/'.$account_data->screen_name,
			'picture' => $account_data->profile_image_url,
			'platform' => 'twitter'
	    );
	else:
		$error = "Account Not Found";
	endif;

c_r_w · 2013-07-09T17:40:16.000Z

Bearer tokens do not have an expiration date. See [node:13439]. To quote @episod from: https://dev.twitter.com/discussions/15744#comment-34989:

At this time, bearer tokens never expire on any kind of fixed or dynamic schedule. If you issue a request to invalidate a bearer token, the existing bearer token will cease working.

It’s a good practice to get in the habit of using oauth2/token every 15 minutes or so and issuing a request for a bearer token. If one is already negotiated for the application, the same token will be returned in the response. If it has since been invalidated, you’ll be awarded the new bearer token.

pratap511 · 2013-07-12T06:21:00.000Z

here , i am using twitter API 1.0 like this URL

http://api.twitter.com/1/statuses/user_timeline.json?screen_name=myname&count=4

Now when i try to use in V1.1
http://api.twitter.com/1.1/statuses/user_timeline.json?screen_name=myname&count=4

i am getting " {“errors”:[{“message”:“Bad Authentication data”,“code”:215}]} "
can you please help me out how to get twitters users data without login … like as in V1.0 get response in JSON /XML Formatte

ajaxan · 2013-07-16T18:30:50.000Z

Making a straightforward request to rate_limit_status using app auth and getting a 400 bad auth data. I’ve tried posting directly from a MITM proxy as well and I get the same result. I’ve validated my bearer token is accurate so I’m not sure what gives.


httpc:request(get, {"https://api.twitter.com/1.1/application/rate_limit_status.json", [AuthHeader]}, [], []).

AuthHeader = “Authorization: Bearer AAAAZZZZ” (where AAAAZZZZ is the token returned from the oauth2 call).

Thoughts?