Hi, i want to create my desktop application, where my program get pin code automatically, i using twitcurl library


Hello, I create my Twitter desktop application using the library twitcurl. I want to my program automatically get pin code from twitter and then using in program.

Describing my problem:

  1. I registered my application in dev.twitter.com.
    Then i get two keys. There are Consumer_key and Consumer_secret.
  2. I send on “Request token URL” request. And then i get this url: http://twitter.com/oauth/authorize?oauth_token=y8z…Z5w
    I want to create Post request using curl library, using login and password, to get the pin code automatically.
    I using this function with example parameters curl_easy_setopt (curl , CURLOPT_POSTFIELDS ,“login=leonneon_89&password=").
    And this request return html page with not logged in. I want that this request will be logged in, containing pin code in html page.
    Can you help me please, what parameters i must use in this function curl_easy_setopt (curl , CURLOPT_POSTFIELDS ,"login=leonneon_89&password=
    ”), to get a right html page with pin code?
    Sorry for my english.
    Thanks for the help.


Don’t do this. You should open a browser to the authorize endpoint and allow the user to manually copy and paste the PIN into your app.


Can I use authorization xAuth, using the functions OAuth, to access the API twitter?


I understand the importance of this step, but it is very important to get access to the pin by sending a post request, because of this application work to a specific device, in which the input by using the remote control and which has a very slow browser. This application will be a multi-user mode. I will provide users with a login and password, but i want to deliver them from entering the PIN code.


This is forbidden and you cannot do it. If you’re using PIN-based OAuth, you must perform the operation as it is intended. If you don’t want the user to deal with PIN codes, use another form of OAuth.


why twitter don’t show the pin in the page url? They are forcing developers to scrape html and get the pin to automatize a software…


No, we aren’t forcing developers to do anything.

By scraping the HTML you’re violating the procedure of OAuth. Any access token you negotiate this way is suspect and invalid.

The purpose of the PIN code is clear – don’t circumvent it.

There are alternatives to the PIN code flow – such as callback-based OAuth or the permission-requiring xAuth. There’s absolutely no excuse for scraping the PIN from HTML.