Could someone just show an example of simple twitter api request?
Apparently, i'm setting wrong headers, but i don't get what exactly is wrong.
URL:
'https://api.twitter.com/1.1/followers/ids.json?username=J7mbo'
Request headers:
{
'oauth_access_token': '...'
'oauth_access_token_secret': '...'
'consumer_key': '...'
'consumer_secret': '...'
}
Please, don't overcomplicate this with language-specific snippets or additional libraries. All i need is working REST api request.
If it's important, i'm using superagent, which means JavaScript.
If you are logged in and have a Application already registered then the form at the bottom of the page will show you an example.
https://dev.twitter.com/rest/reference/get/followers/ids
Any concrete example with specific headers would leak access to a twitter account and be invalid soon due to time stamps in the signing process.
Related
Essentially what I'm looking for is how to get the results like in this API request but by using just a url to make my results appear on a webpage. I think I need to add all of the data in the "request" Tab to the url written at the top of the picture and I'm not really sure how add it correctly:
You can't.
Twitter's API requires an "Authorization" header in the request. You can't do it through a URL alone. See Authorizing Requests.
LinkedIn api provides access token to use it in url to post a message which uses oauth2 in Rest client. So by using the url in my application, i can post the message.
Twitter api uses oauth1 to tweet by accepting parameter.But the problem is timestamp,nounce,oauth_signature parameters gets auto generated and keep on changing for every request in Rest client.Here url is not sufficient to tweet, it need parameters but 3 parameters keep on changing on Rest client.
I tried to pass every parameter in url, it throws
error: code 32, could not authenticate you
i am dependent only on url to send a tweet.My application supports parameters too but three parameters are auto generating.I cant auto generate bcz i am hardcoding it in my application.
Is there any solution to tweet by using url?
Is there any way to make those 3 parameters fixed?
It's hard to tell what's going on here. Perhaps you could post more of the code and what you expected to happen?
By definition the nonce is a number only used once, and shouldn't be hardcoded. The timestamp also should reflect the current time on each request.
https://en.wikipedia.org/wiki/Cryptographic_nonce
I'm trying to authorize my standalone application. But after I click "Allow" it always redirects to http://oauth.vk.com/error?err=2 and gives this as response body:
{"error":"invalid_request", "error_description":"Security Error"}
Here's the request URL (I do have correct client_id):
https://oauth.vk.com/authorize?client_id=...&scope=messages,offline&redirect_uri=https://oauth.vk.com/blank.html&display=page&v=5.37&response_type=token
It seems that I've tried everything:
Turning application on and off
Passing scope as bit mask
URI encoding some parameters to have correct URL
and so on
After hour of searches I've found this.
So, it means that user has an old session and must re-login in browser.
Space in state parameter causes this.
OAuth 2 RFC, sections 4.1.1 on authorization request and 4.1.2 on authorization response, recommends using state parameter to maintain state in authorization code flow, particularly to prevent CSRF.
When I set this field to CSRFTOKEN123 http://my.site/next/url, I got this error. Replacing (space) with : to get CSRFTOKEN123:http://my.site/next/url helps.
By the way, I couldn't find any mention of state parameter on VK documentation website but VK OAuth 2 authorization system actually supports it. It couldn't be called OAuth 2 otherwise. So I find it legit to use state parameter.
The topic https://vk.com/topic-17680044_30635058 mentioned by author is closed now, current discussion is https://vk.com/topic-1_24428376. There are number of questions on this. All in Russian.
I'm using YoutubeAPI v3.0 to automatically upload videos to my own channel. However the script still needs manual intervention during Oath2.0 authorization. How to make it completely automatic?
1) Access the API using username and password
2) Or find a way to create permanent OAuth2.0 authentication
P/S: I use this script to upload
https://developers.google.com/youtube/v3/guides/uploading_a_video
The only thing I can think of is web scraping. Basically, programmatically open the web page and get its HTML. Then find the authorization code, and store it as a string. I don't know if your scripting language of choice can do it, but Python has Beautiful Soup (links at the bottom). The problem, of course, is accessing the contents of a page like that which is pretty clearly designed to be reached by a logged in user from a web browser. I've never done that, but there's some concept of a "login handshake" where you post the data to the server that's needed as you access the page. I've a few links at the bottom.
Anyway, to give you a better idea of what I mean in pseudo-code (for those who may be confused), it'd be something like:
webURL = 'http://any-url.net";
webPageObject = openPage(webURL);
pageHTML = webPageObject.getHTML();
theHTMLTag = searchForTagById(pageHTML, "<p id='oAuthMessage'>");
//And from there, figure out where the string containing the code is.
//Probably just by getting a substring from the end of the text in the <p>
//backward until you reach the length of the oAuth code.
You'll have to look at the page source to know which tags to look for specifically, but this can all just be done programmatically/automatically, as you wanted.
Links:
Login handshake - Scraping from a website that requires a login?
Beautiful Soup - http://www.crummy.com/software/BeautifulSoup/
google.gov/webScraping - https://www.google.com/search?ie=UTF-8&oe=utf-8&q=how+to+web+scrape+logged+in+page
You can use get Google OAUTH2 for devices in order to have fully automatic token renewal process.
So all you need now is:
Request a device code and confirmation code
Enter confirmation code to confirm your application have access for specific account
Generate new or renew existing ACCESS_TOKEN for your device code
Upload Video using your device code and valid ACCESS_TOKEN
Here is documentation for it.
And here is some examples.
I am trying to make a GET request with AFNetworking to facebook's graph api. For various reasons, I'd rather not use the facebook SDK's native objects and would prefer to make those requests via AFNetworking. However, I'm a bit new to the networking side of things and I am unsure how to include the access token along with my GET request. Can anyone point me in the right direction?
I've tried setting the http header field to include this:
Authentication : {my access token}
but that doesn't seem to be working.
You need to add access_token as a URL query parameter for GET requests. See the docs here.