I am currently trying to use the Grackle Ruby GEM to integrate with the Twitter API, but I have encountered a little snag.
I am attempting to perform a GET to twitter.com/oauth/request_token, but according to the OAuth spec I need to provide the following values:
oauth_consumer_key
oauth_signature_method
oauth_signature
oauth_timestamp
oauth_nonce
I am a little stumped, as at this point Twitter has only given me a Consumer Key and a Consumer Secret. Am I just going about this the hard way? Because I cannot figure out how to correctly populate those values. No matter what I supply Twitter keeps returning:
Failed to validate oauth signature and
token
It sounds like my problem is just a general misunderstanding on how to properly integrate with Twitter and OAuth in general, and not so much the specifics of Grackle... but perhaps too much information is best in this case :-)
First of all, you should probably be reading the latest OAuth rev, which is 1.0a. There are no differences when obtaining the request token though so you should be fine in that regard.
Apart from that, it looks like a combination of general misunderstanding of the OAuth process and the scope of Grackle:
The process of acquiring the access
token and token secret are outside the
scope of Grackle and will need to be
coded on a per-application # basis.
Grackle comes into play once you've
acquired all of the above pieces of
information (source).
So, I would first look towards a library that can get you an access token before continuing with Grackle. Moomerman's twitter_oauth looks like a good choice: http://github.com/moomerman/twitter_oauth
Hope that helps!
I encountered this same issue, and all the examples for the oauth gem online I could find were out of date. I wrote an explanation with sample code here, but the basic flow is:
Get a Request Token from Twitter and save the details
Send the user to Twitter with that token
Get the user back, use details and response from Twitter to generate an Access Token
Use the Access Token's token and secret with your Consumer token and secret to make API calls.
Related
I am working with Spring 5 and Java 8 and creating a RESTful client that will login to CoinBase and make trades for me at given times. I know there is an unsupported Java SDK for Coinbase out there, and I am looking into that code as well for clues.
I am using the CoinBase Oauth2 client in my Spring app, and it has been very successful so far. I make the authorization call with a callback URL. This opens up a dialog box and if I am logged in, asks me to authorize My Coinbase Acct with MyApp and I get an email indicating that this is done. If I am not logged into Coinbase already, then I get asked for my Coinbase username/password and then it is authorized, again I get an email that this is ok.
The next step I see is that my redirect URL is called with a code that is passed back with it. That code, as you all know, then allows me to request an access token. Which I can do, and yes, I get my access token. I can now make calls to Coinbase API with that Access token. However, this access token is only good for 7200 (seconds?), so for two hours? I want to be able to get an access token and have this automatically login to coinbase for me. I don't want to have to re-authorize every time I want to make a trade ... or do I have to?
It seems to me that the "code" that comes back from authorizing is very short lived, and I can use it immediately to get that access token.
So, for me the big question is ... for Coinbase API, how can I keep myself authorized indefinitely? I want to be able to be authorized already, and then get an access token on a regular basis so I can make trades for myself????? Is this even possible with coinbase API?
Do I have to use Coinbase Pro for that ability, which I am fine with using? Is it even possible with Coinbase Pro?
I am a newbie with Coinbase as it's yet another third-party API that I have learn the nuances of. I am not a newbie when it comes to writing Java code to access third-party RESTful api's.
So, any help would be much appreciated. Thanks!
I guess you are missing 'refresh token' in your application.
What is the purpose of a "Refresh Token"?
It is hard to say how to implement it without code snippets but here some steps that should help:
Take a look at coinbase article about refresh tokens they provide
https://developers.coinbase.com/docs/wallet/coinbase-connect/access-and-refresh-tokens
Obtain and save refresh_token as well as token after authorization
Create function that will be using your refresh token to obtain new pair (token, refresh_token). You can find curl example in step (1)
a. Make ExceptionHandler that will call (3) if gets 401 (i guess it is 401 - if token expired)
b. Save 'expires_in' from step 2 and check it before each request. Call (3) if needed
I'm trying to figure out how to upload a file to google cloud storage using rest API , i don't want to use the client Library .
i read the documents but it was not helpful for a beginner in this flied ,
anyone can give me a step-by-step how to do this ? and how the URL/header/body format should look like , if also can give me an examples that would be very helpful .
If you're not going to use any of the helper libraries and are also a beginner, the hardest part of implementing an upload to GCS will likely be authenticating yourself. Let's ignore that for now.
The simplest way to upload an object to Google Cloud Storage is to make an HTTPS call to storage.googleapis.com that looks like this:
PUT /your-bucket-name/your-object.txt HTTP/1.1
Authorization: (YOUR ACCESS TOKEN GOES HERE)
Content-Length: 20
Content-Type: text/plain-or-whatever; charset=utf-8
Host: storage.googleapis.com
User-Agent: YourApplication/1.0
This is a test file
That will upload a file named "your-object.txt" of type "text/plain-or-whatever" to the bucket "your-bucket-name", with the contents "This is a test file."
If your bucket allows anonymous users to upload files (you shouldn't do that), then just don't include the Authorization line and you're done.
Now, since you really don't want to use any client libraries, and that presumably includes Google's OAuth libraries, you're going to need to implement authorization yourself, so let me give you an overview.
First, though, if you want to try this out immediately, install the "gcloud" tool, login with "gcloud auth login", and the print an access token with gcloud auth print-access-token. Then use the Authorization header Authorization: Bearer whatever.gcloudprintedout. That way you can be off and running with GCS quickly. But the token will only last an hour or so, so you'll need to implement OAuth for real.
Google Cloud APIs use OAuth to handle their requests, which is a powerful but not simple auth mechanism. There's extensive documentation on how OAuth with Google works: https://developers.google.com/identity/protocols/OAuth2
And there's also more general information on authorizing Google Cloud requests: https://cloud.google.com/docs/authentication
If you are running your application on a Google Cloud technology like App Engine or GCE, auth will be somewhat easier, but I will assume you're running this on your own machine. I will further assume that you want your application to have its own identity, rather than simply having you log in as part of the upload flow. For such a case, you'll need a service account, which will have an associated private key.
The basic flow for a service account is that you will create a JWT request for access credentials, then cryptographically sign that request with your private key, then send that signed request to Google. It will return you a token that may then be passed to your actual upload request later. You can keep using that token until it expires, at which time you'll need to build another JWT request to request another token.
Again, the client libraries entirely take care of this whole process for you. I am describing the approach of implementing everything exclusively on your own.
You can find the same example here:
https://stackoverflow.com/a/53955058/4345389
in which I already explained how to upload a file to google cloud storage using rest API.
Thanks
I had originally posted a question about what API to use in regards to making a SharePoint 2010 timer job able to access the twitter API and chose the Spring Social .NET api and have run into another roadblock.
I cannot get the OAuth handshake or 'dance' to work.
I have the consumer key and secret linked to my account, as well as an access token and secret, but any time I try to initialize a TwitterServiceProvider object, any time I attempt to query I get a 401 error.
The console/mvc and wp7.1 examples provided dont give much insight how I can get this code (which should run with no human involvement) to work.
Does anyone have any good resources regarding this?
Thanks in advance
If you already have access token value and secret, you can do something like that:
ITwitter twitter = new TwitterTemplate("consumerKey", "consumerSecret", "accessTokenValue", "accessTokenSecret");
// twitterApi.UserOperations.GetUserProfile();
that is equivalent to :
TwitterServiceProvider serviceProvider = new TwitterServiceProvider("consumerKey", "consumerSecret");
ITwitter twitterApi = serviceProvider.GetApi("accessTokenValue", "accessTokenSecret");
// twitterApi.UserOperations.GetUserProfile();
How do you get the access token secret and value?
I'm trying to create a ruby-based twitter client where I can post my status from command-line using ruby. I'm trying to understand the oauth right now, and it confused me a little bit. If I'm building a web application, I can provide a callback url when the request token is complete. How would I do that from the command-line? I don't want ruby to print out the authorized and copy and paste the url and click 'Allow' to get the token. I found something about out-of-band exchange or PIN. How would I do that with OAuth library in ruby, please thank you very much.
To use the callback url mechanism, you application should be a web application. It seems you are developing desktop application and if that's the case, you should follow "PIN code" flow by supplying an oauth_callback_url of "oob" (out-of-band) when you request token. Like this,
https://api.twitter.com/oauth/request_token?oauth_callback=oob
If you properly set a header of this HTTP request (setting HTTP header is the key part of OAuth and I think you already know how to do this), Twitter will give oauth_token, oauth_token_secret and oauth_verifier. Let's call this token "request_token". You need it to get "access_token" later.
Once you have request_token, you need to open web page with the below url
http://api.twitter.com/oauth/authorize?oauth_token=request_token
This will open the authorization page and let a user to decide whether the user wants to allow your application to access his or her Twitter account. If the use says okay, then Twitter gives PIN code. You need to allow a user to type the PIN code so that you can save it.
Now, it's time to get another token ("access_token") by using your comsumer_key / secret, request_token and the PIN code. You should set header with all these values correctly and do HTTP request again with this url,
https://api.twitter.com/oauth/access_token
If Twitter accepts your "access_token" request, it will give you oauth_token, oauth_token_secret, user_id and screen_name. Let's call this token "access_token". Now, you can perform any OAuth required Twitter API by using access_token and its secret (oauth_token_secret). You can save the two values in a file and keep using them whenever you need to access the user's Twitter account. The values will be always valid until the user revokes the access to your application.
I don't know Ruby but if you know how to perform HTTP/HTTPS requests (GET / POST) with custom headers in Ruby, this PIN code flow should work fine if you follow Twitter API document carefully. Good Luck!
It will ask for the PIN code until you specify the oauth_callback when getting the request token, not when forwarding the user to the authorization url
#consumer = OAuth::Consumer.new(
TWITTER_CONSUMER_KEY,
TWITTER_CONSUMER_SECRET,
{:site=>"https://api.twitter.com"})
#request_token = #consumer.get_request_token( :oauth_callback => CALLBACK_URL )
This was the result of surfing several hours of incomplete documentation.
use Twitter gem, it will make things easier for you. http://rdoc.info/gems/tweeter/2.0.0/frames
I have read the page on implementing OAuth that Twitter have written. I've registered my app, it will only access my account, so I skip all the request token stuff. I have, from the "Your apps" page:
consumer token
consumer token secret
access token
access token secret
I write some ruby code and test its output against Beginner’s Guide to OAuth (suggested reading in the Twitter docs). I get the same output, i.e. the signature, the base string and the Authorization headers are identical.
However, when I connect to the Twitter Rest API and try the verify credentials command the response is invariably "Incorrect signature".
I try using different code (very similar to mine) from a gist by erikeldridge on github but it doesn't work either. Instead of connecting via cURL (using the curb library) I use Net/Http - same error response is returned.
I change over to using the OAuth gem. It uses Net/Http to connect. Same error response comes back.
Verify credentials isn't the only command I've tried to use in the API, but they all give the same error, whether it's GET or POST, requires extra params or not. I've been using the Search API successfully using the curb library without problems so I don't think it's the connection method.
What might I do to fix this?
Ruby 1.9.2; cURL 7.21.2; oauth 0.4.4; curb 0.7.8; json 1.4.6; OSX 10.6.5;
Even though your application is only accessing your data, you can't simply 'skip the request token stuff'. The request token is integral to the OAuthentication process.
Summarised, the 3 main parts of the OAuth process are as follows:
Get Request Token Key and Request Token Secret
Use Request Token to authorise application to access your data. This will provided the user(you) with a PIN
Use the PIN to exchange the Request Token and Secret for an Access Token and Secret.
A more detailed OAuthentication flow can be found here.
It's fixed - I regenerated the Consumer key and secret on the Twitter site and it started working. I've no idea why the previous set didn't work - the code was solid (works all the time now) and the details were correct. Perhaps they (Twitter) could provide more detailed error messages? But I'm happy :)