OAuth for Web App


#1

I am working on post new tweet in a web app.
what I’ve done is to post a tweet but cannot avoid pressing enter key on the requesting pin code in command line.
Here is the code: ( with tweep api, which is a python api )

==============

import tweepy
import webbrowser

CONSUMER_KEY = 'mtDrByTcXQB1zCBXGkbOWw’
CONSUMER_SECRET = 'XXXXXX’
CALLBACK_URL = ‘http://www.twitter.com/

auth = tweepy.OAuthHandler(CONSUMER_KEY, CONSUMER_SECRET, CALLBACK_URL)
auth_url = auth.get_authorization_url()
webbrowser.open_new_tab(auth_url)
verifier = raw_input('PIN: ').strip()
auth.get_access_token(verifier)

ACCESS_KEY = auth.access_token.key
ACCESS_SECRET = auth.access_token.secret
auth.set_access_token(ACCESS_KEY, ACCESS_SECRET)

api = tweepy.API(auth)
api.update_status(sys.argv[1])

=================

Since i set a CALLBACK_URL, the program will redirect to my callback url, which is twitter.com, and even if i enter nothing in pin code command line, the new status can be posted.

If I try to use a oauth_verifier, I will need to get it from the webpage, which is generated after I click the AUTHENTICATE button, it will be done and the program will not act to that step before stop.

I don’t know how to avoid the pin code procedure.

Can someone help me please?
Thanks a million in advance.


#2

Keep this part in mind: once you’ve obtained an access token, you don’t need to re-negotiate it again. You can persist it and avoid all the steps to acquire the access token. You only need to do it once for the account you’re going to post as.

a) Make sure on dev.twitter.com/apps for the application you’re using that you’ve provided a placeholder callback URL. This URL could be something simple like “https://www.mysite.com” – you’re not going to use this URL, you’re just putting it where it needs to go.

b) Your code looks to skip a step of the OAuth process. You need a request token before you can generate an authorization URL. You generate the authorization URL from the request token. The request token step is where you’ll indicate a redirect URL (oauth_callback) that will be handled by YOUR application. This means you need a web server or a custom URI in your OS to redirect to at this step.