How can I access auth-only Twitter API methods from a web application
I have a web application for iPhone, which will ultimately run within a PhoneGap application - but for now I\'m running it in Safari.
The application needs to access twe
-
The oAuth stanza needs to be exact, as per http://dev.twitter.com/pages/auth#auth-request - I ended up building an Authorization: header that I could first check with curl.
I built it using the really helpful interactive request checker at http://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iv-signing-requests/
Here's a friends API request for a protected user:
curl -v -H 'Authorization: OAuth realm="https://api.twitter.com/1/friends/ids.json", oauth_consumer_key="XXXXXXXXXXXXXXXX", oauth_token="XXXXXXXXXXXXXXXX", oauth_nonce="XXXXXXXXXXXXXXXX", oauth_timestamp="1300728665", oauth_signature_method="HMAC-SHA1", oauth_version="1.0", oauth_signature="XXXXXXXXXXXXXXXX%3D"' https://api.twitter.com/1/friends/ids.json?user_id=254723679
It's worth re-iterating that as you've tried to do, instead of setting the Authorization header via e.g. jquery's beforeSend function, that for cross-domain JSONP requests (which can't add HTTP headers) you can make oAuth requests by putting all the relevant key/value pairs in the GET request. This should hopefully help out various other questioners, e.g
- Set Headers with jQuery.ajax and JSONP?
- Modify HTTP Headers for a JSONP request
- Using only JQuery to update Twitter (OAuth)
Your request looks like it has a couple of problems; it's missing the user's oauth_token plus the oauth_signature doesn't look like it has been base64 encoded (because it's missing a hex encoded = or ==, %3 or %3D%3D respectively).
Here's my GET equivalent using oAuth encoded querystring params, which you can use in a cross-domain JSONP call:
https://api.twitter.com/1/friends/ids.json?user_id=254723679&realm=https://api.twitter.com/1/friends/ids.json&oauth_consumer_key=XXXXXXXXXXXXXXXX&oauth_token=XXXXXXXXXXXXXXXX&oauth_nonce=XXXXXXXXXXXXXXXX&oauth_timestamp=1300728665&oauth_signature_method=HMAC-SHA1&oauth_version=1.0&oauth_signature=XXXXXXXXXXXXXXXX%3D
讨论(0) -
I was struggling with similar problem of making JSONP requests from Jquery, the above answer helped just to add what I did to achieve my solution.
I am doing server to server oauth and then I send oauth token, secret, consumer key and secret (this is temporary solution by the time we put a proxy to protect consumer secret). You can replace this to token acquiring code at client.
Oauth.js and Sha1.js download link! Once signature is generated.
Now there are 2 problems:
- JSONP header cannot be edited
- Signed arguments which needs to be sent as part of oauth have problem with callback=? (a regular way of using JSONP).
As above answer says 1 cannot be done. Also, callback=? won't work as the parameter list has to be signed and while sending the request to remote server Jquery replace callback=? to some name like callback=Jquery1232453234. So a named handler has to be used.
function my_twitter_resp_handler(data){ console.log(JSON.stringify(data)); }and getJSON did not work with named function handler, so I used
var accessor = { consumerSecret: XXXXXXXXXXXXXXXXXXXXXX, tokenSecret : XXXXXXXXXXXXXXXXXXXXXX }; var message = { action: "https://api.twitter.com/1/statuses/home_timeline.json", method: "GET", parameters: [] }; message.parameters.push(['realm', "https://api.twitter.com/1/statuses/home_timeline.json"]); message.parameters.push(['oauth_version', '1.0']); message.parameters.push(['oauth_signature_method', 'HMAC-SHA1']); message.parameters.push(['oauth_consumer_key', XXXXXXXXXXXXXXXX]); message.parameters.push(['oauth_token', XXXXXXXXXXXXXXX]); message.parameters.push(['callback', 'my_twitter_resp_handler']); OAuth.completeRequest(message, accessor); var parameterMap = OAuth.getParameterMap(message.parameters);Create url with base url and key value pairs from parameterMap
jQuery.ajax({ url: url, dataType: "jsonp", type: "GET", });讨论(0)
加载中...
- 热议问题