I'm pretty new to Meteor and a total beginner with the Twitter API. I am creating a simple application in Meteor for demonstration purposes only. I need to be able to search Twitter for a specific hashtag. I just need to be able to get the tweets using that hashtag and display them in a list. Super simple.
I've registered my app, received keys and such. I just need to see an example of the code flow from starting before Oauth to receiving the results of the Twitter search.
I will be running this app locally and just need to be able to send a GET request and receive a RESTful response.
I have seen documentation about how jQuery isn't supported due to security risks. Since my backend is JS I need to be able to do this with JS.
Can anyone suggest documentation on how I can do this where I can see code examples?
Since the v1.1 of Twitter API (may 2013), it's not possible to search without being authorized using OAuth.
If you want to do it client side in a simple way, you may want to use OAuth.io.
I've just made an example in jsfiddle to make a simple search using Twitter API
The code is quite simple:
//Initialize the SDK with my OAuth.io public key, then display the OAuth authorization form
OAuth.initialize('YOUR-PUBLIC-KEY')
OAuth.popup('twitter', function(err, twitter) {
var search = encodeURIComponent("#oauth.io")
twitter.get('/1.1/search/tweets.json?q=' + search)
.done(function(data) {
console.log(data); //your search results are in data
})
})
Good question. You are correct, the Twitter 1.1 API requires oAuth tokens even for simple GET requests like the one you need. Yeah, requesting an oAuth key and secret from the twitter dev site can seem like overkill for a locally running project, but it's required for every one of their API endpoints.
Once you have the oAuth consumer key and secret, you are all set to make your API calls. Casual googling on the twitter dev site suggests that sending oAuth creds via JQuery is not supported by Twitter for security reasons. You can read more about that here.
I am not sure what you need to do with the Twitter data, so I'm not embedding any code samples for oAuth. In the mean time, check out how oAuth works as you think about how to implement your solution. PHP? Python? Ruby? Perhaps these oAuth code samples from Twitter are a good place to start?
There is a meteorite library intended to get around this exact problem.
https://github.com/subhog/meteor-twit
You can follow the documentation for use:
https://github.com/ttezel/twit
Below is some example code:
if (Meteor.isServer) {
Meteor.methods({
twit_get: function() {
Twit = new TwitMaker({
consumer_key: 'foo',
consumer_secret: 'foo',
access_token: 'foo',
access_token_secret: 'foo'
});
Twit.get(
'search/tweets',
{
q: 'banana since:2013-12-11',
count: 10
},
function(err, reply) {
console.log(reply);
});
}
});
}
Related
I'm currently building an app and I would like people to be able to sign up with their LinkedIn account.
I'm using Firebase for the back-end and LinkedIn isn't currently supported by the FirebaseAuth framework.
I know Firebase allows Custom Auth System but even after reading the doc about this, I still struggle to understand how I can plug LinkedIn there and what the so-called authentification server is.
Has someone managed to make this work?
Thanks in advance for your inputs.
Firebase Authentication supports only four federated Identity Providers out of the box: Google, Facebook, Twitter and GitHub.
For every other provider you have to use custom tokens (you will need an external Webservice).
You can read more here for a full example (the link is for Instagram but it will also work for LinkedIn as they say).
See this example in official Firebase repo: Use LinkedIn Sign In with Firebase
In this sample we use OAuth 2.0 based authentication to get LinkedIn
user information then create a Firebase Custom Token (using the
LinkedIn user ID).
Looks like the post is few years old, so not sure if you have found the solution, but for the benefit of everyone. in the current version of firebase, this is how I was able to use LinkedIn.
export function signUpWithLinkedIn() {
return auth
.setPersistence(firebase.auth.Auth.Persistence.SESSION)
.then(()=>{
const provider = new firebase.auth.OAuthProvider('linkedin.com');
provider.addScope('r_emailaddress');
provider.addScope('r_liteprofile');
auth
.signInWithPopup(provider)
.then(result=>{
console.group('LinkedIn');
console.log(result);
console.groupEnd();
return result;
})
.catch(error=>{
console.group('LinkedIn - Error');
console.log(error)
console.groupEnd();
throw error;
});
});
}
I'm currently building an app and I would like people to be able to sign up with their LinkedIn account.
I'm using Firebase for the back-end and LinkedIn isn't currently supported by the FirebaseAuth framework.
I know Firebase allows Custom Auth System but even after reading the doc about this, I still struggle to understand how I can plug LinkedIn there and what the so-called authentification server is.
Has someone managed to make this work?
Thanks in advance for your inputs.
Firebase Authentication supports only four federated Identity Providers out of the box: Google, Facebook, Twitter and GitHub.
For every other provider you have to use custom tokens (you will need an external Webservice).
You can read more here for a full example (the link is for Instagram but it will also work for LinkedIn as they say).
See this example in official Firebase repo: Use LinkedIn Sign In with Firebase
In this sample we use OAuth 2.0 based authentication to get LinkedIn
user information then create a Firebase Custom Token (using the
LinkedIn user ID).
Looks like the post is few years old, so not sure if you have found the solution, but for the benefit of everyone. in the current version of firebase, this is how I was able to use LinkedIn.
export function signUpWithLinkedIn() {
return auth
.setPersistence(firebase.auth.Auth.Persistence.SESSION)
.then(()=>{
const provider = new firebase.auth.OAuthProvider('linkedin.com');
provider.addScope('r_emailaddress');
provider.addScope('r_liteprofile');
auth
.signInWithPopup(provider)
.then(result=>{
console.group('LinkedIn');
console.log(result);
console.groupEnd();
return result;
})
.catch(error=>{
console.group('LinkedIn - Error');
console.log(error)
console.groupEnd();
throw error;
});
});
}
At least a year ago, if I go to
http://gdata.youtube.com/feeds/api/videos?v=2&max-results=1&q=intitle:"Relapse"+intitle:"Eminem"&orderby=viewCount
from FireFox browser, I could the list of video titles that meet the search query in this address.
But now it doesn't work.
Has it been deprecated?
#user3123767 The YouTube Data API (v2) has been officially deprecated as of March 4, 2014. Please refer to our deprecation policy for more information. Please use the YouTube Data API (v3) for new integrations and migrate applications still using the v2 API to the v3 API as well. Ref
All calls to Google APIs now require that you send Your Api Key, which you can obtain one from Here
Once you got your API Key You can Make various calls
For example Search for videos using the key word "Hollywood"
Run this code and see the result in console
(function($){
function SearchYouTube(queryToSearch,pageToken,ApiKey,maxResults){
var
YoutubeUrl="https://www.googleapis.com/youtube/v3/",
pageToken=pageToken,
maxResults=maxResults,
ApiKey=ApiKey,
$.get(YoutubeUrl+"search?q="+queryToSearch,{
part : 'snippet',
pageToken:pageToken,
key:ApiKey,
maxResults:maxResults
},
function(data) {
//let check if request is granted with our Api Key
if(!data.items[0]){console.log("System Configuration Error");}
//If request granted okay
var
videoId=data.items[0].id.videoId,
videoImgUrl=data.items[0].snippet.thumbnails.high.url,//medium | default | high
videoTile=data.items[0].snippet.title,
nextPageToken=data.items[0].nextPageToken;// Useful if you want the next set of datas
//Display data on page here if you want
//See console Log of results that you can use
console.log(data);//Dump data
}//Success
);
}
//Usage
SearchYouTube("Hollywood","","xxx Your Api Key xxx",5);
//==================All Closed==========
})(jQuery);
See Working Sample Here
could be a few reasons.
YouTube API v2.0 is deprecated not sure if it totally down now or not.
All calls to Google APIs now I think require that you send a at the very least a public API key. I just tested the following
http://gdata.youtube.com/feeds/api/videos?q=skateboarding+dog&start-index=21&max-results=10&v=2&key=[api
key]
It returned
This webpage is not available
I think I am going to have to say that its not working anymore you should try and use YouTube API v3 instead.
** UPDATE **
It truly seems that Google has just screwed every single person on the planet by absolutely requiring user interaction to upload a video. Of course I know, they are free. Exactly what I warned the client years ago about, so I don't need to be reminded. Thank You.
So I would like to try to take this in a different direction and just find a loophole and a workaround to still keep doing what we are doing in spite of Google's complete lack of support or caring in any way about the developers and what they have to deal with.
It would be different if you can actually call a phone number and talk to a human being about YouTube Partner access, but you can more quickly get access to the Illuminati.
OAuth 2.0 is now the only supported authentication method period. It does require user interaction.
But what about that token? Does anybody know how long the token lasts?
If I can obtain a token just once using user interaction and place it in the database, I can automate possibly hundreds or thousands of interactions afterwards.
In other words, I'm trying to turn the user interaction into a speed bump instead of a concrete wall.
If anybody has any examples of obtaining that token, caching it, and using it afterwards, that would be a godsend to me right now.
Thanks for the comments and the help. I'm not surprised that the YouTube Developers Forum just folded and said to come here instead :)
It seems that Google has completely pulled the plug on the existing dashboard.
https://code.google.com/apis/youtube/dashboard/gwt/index.html
That link is now 404'd. Tried from several different browsers on different systems.
Registered under the new Google APIs Console already, but still get the problem.
// Set the authentication URL for this connection object
$authenticationURL= 'https://www.google.com/youtube/accounts/ClientLogin';
// Try to connect to YouTube with the channel credentials passed
try {
$httpClient =
Zend_Gdata_ClientLogin::getHttpClient(
$username = $channelfields['EMAIL_ADDRESS'],
$password = $channelfields['PASSCODE'],
$service = 'youtube',
$client = null,
$source = 'Redacted Data',
$loginToken = $channelfields['CACHED_TOKEN'],
$loginCaptcha = '',
$authenticationURL);
} catch (Zend_Gdata_App_HttpException $httpException) {
$update_error['response_body'] = $httpException->getRawResponseBody();
$update_error['error'] = 1;
} catch (Zend_Gdata_App_Exception $e) {
$update_error['message'] = $e->getMessage();
$update_error['error'] = 1;
}
This code has worked perfectly fine before, but does not work with the older API key, or the newer one generated inside the Google APIs console.
I'm attempting a simple upload and this concerns me greatly:
"The service account flow supports server-to-server interactions that do not access user information. However, the YouTube Data API does not support this flow. Since there is no way to link a Service Account to a YouTube account, attempts to authorize requests with this flow will generate a NoLinkedYouTubeAccount error."
From all reports it seems that Google has forced YouTube uploads to become interactive in all cases precluding all possibility of platforms that automatically upload generated content from working at all.
Any help or insights into the process is appreciated.
P.S - Ohhh, it's been awhile since I looked at that system and Google shut down the YouTube Developer Forums and said "YOU" were responsible for their support now :)
OAuth2 does support the ability to avoid user interaction through the offline access type parameter (ie, using access_type=offline). Check out Google documentation for details.
The solution is really rather simple. Your app needs to use oauth to request offline access. It will be given an access cide which you convert to a refresh token, which is the thing you store in your database. This doesn't expire. Well actually it sometimes does, but that's another story. Whenever you need to access the api, use the stored refresh token to request an access token which you include in each api call.
See https://developers.google.com/accounts/docs/OAuth2WebServer for details.
I don't know what you did but https://code.google.com/apis/youtube/dashboard/gwt/index.html works perfectly fine for me. Maybe it was a temporary issue. If you want no user interaction you HAVE to use YouTube API v2 OR you have to use v3 with methods that don't require authentification OR you have to provide your own youtube account credentials which is not recommended and probably not appropriate for you situation.
Several issues to respond here, I think.
1) The older API console has not been removed, but I've noticed intermittent outages to it and to the newer API console while Google is rolling out their new "cloud console."
2) ClientLogin was officially deprecated in April of 2012, not just 48 hours ago. Jeff Posnick has detailed all the changes over the months (and related ones, such as AuthSub, Youtube Direct, etc.) at his blog (apiblog.youtube.com).
3) You're right that, with v3 of the APIs, you cannot do automatic uploads across the board, as the oAuth2 flow requires user interaction. However, given the limited description of your use case, using refresh tokens is probably your best bet. If the content is user generated, somewhere they must be logging into your app, correct? (so that your app knows which credentials to leverage to do the uploads). At the point they're logging into your app, and you're starting the oAuth2 flow, you just have to hit the first oAuth endpoint and pass it the parameter access_type=offline (along with any other parameters). This will ensure that, when they grant that initial permission, you're returned a refresh token instead of an access token. With that refresh token, you can exchange it for multiple access tokens as needed (an access token lives for about an hour. I don't know how long a refresh token lives, but I've never had one expire before my own login cookies did, and then I just get a new one when my users re-login to my app).
Here's some more info on how to use the refresh token; note, too, that the various google api client libraries make it pretty smooth.
https://developers.google.com/accounts/docs/OAuth2WebServer#refresh
Also, this video tutorial from a Google Developers Live broadcast a couple of months ago might help illustrate the point: http://www.youtube.com/watch?v=hfWe1gPCnzc -- it's using the oAuth playground rather than a client library, but the concept is the same.
The answer is to use google-api-php-client, create an interactive auth page, and set up YouTube API v3 correctly with the new API console.
You can create a very simple page that will authenticate for the supplied channel and then store the correct token in your database. Is already working and uploading hundreds of videos on one channel. You do need to remember to fully activate yourself under the new API console and add the services required. Just keep authenticating and adding the services it says it needs. After that, the regular v3 upload process works just fine. On failure send a group an email and they can get a new token in 10 seconds.
Not the most elegant solution, but the documentation from Google is far from elegant anyways that Stack Overflow is now their front line support.
Just hang in there, a solution is always found. Don't give up!
I didn't get here by myself either, the other answers on this page helped me get all the way to this point. Thanks guys.
P.S - Don't forget the scopes
$client->setScopes("https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/youtube.upload");
I'm trying to get a iOS client to make use of Yammer's Oauth2 to validate a user. I first tried the GTM-OAuth2 code, but I cannot get it to understand the response from Yammer. It appears that the GTM code is expecting the access_code as a query parameter, where as Yammer is returning it as a uri fragment. I hack he GTM code to see the fragment, but now it appears to be thinking that there is an error because the code and message fields are not in the response from Yammer.
I've also tried to use OAuth2Client api but the problem there is that Yammer does not seem to want to use the redirect_uri I pass to it, so Safari never gets the custom url and therefore never calls back to the app.
Does anyone have a working example of using Yammer's OAuth2?
I would also be interested if anyone has got GTM-OAuth2 to work with Facebook?
Yeah Yammer has a shitty implementation of oAuth. Looks like each service has taken its own implementation of oauth. anyway yammer requires the user to copy a 4-digit code from its website, go back to your service paste that code in your website. Only then you can request for access code.
check this - http://www.tutorialjinni.com/2011/04/yammer-api-example.html (its in php but hope you can get the gist).
Nothing you can do about it but a fun read - Yammer API sucks