Tweetr AS3 logout function? - actionscript

i'm making a program which used twitter connect as its core and it is developed with adobe AIR, the library i used it Tweetr, and everything is perfect until i don't find any example on how to logout and login again. I've used tweetr.destroy() and tweetr.endSession() but there is no effect in the program. Now i'm in very desperate situation, would thanks to anyone that can help me through this.

As far as I'm aware, there is no way to log a user out using Tweetr, because the Twitter API does not provide a method for this. If you need to log in again, you can simply restart the oAuth process, or alternatively you could try pinging http://twitter.com/logout with URLloader to log you current user out of Twitter. This is the URL used on the oAuth popup when the user wishes to change account before authorising an app.
endSession only ends your current API session.

Try tweetr.endSession()
As per the Tweetr documentation:
public function endSession():void
Ends the session of the authenticating user. and Returns a HashData object with the response.
This method requires Authentication
http://tweetr.swfjunkie.com/docs/

Know this is old. But will post the answer anyway.
Try this: htmlLoader.manageCookies=false;
Works for me:
htmlLoader = HTMLLoader.createRootWindow(false, null, true, new Rectangle(0,0, stage.stageWidth, stage.stageHeight));
htmlLoader.stage.nativeWindow.alwaysInFront = true;
htmlLoader.manageCookies=false;
addChild(htmlLoader);
oauth.oauthToken=new String();
oauth.oauthTokenSecret=new String();
oauth.htmlLoader = htmlLoader;
oauth.getAuthorizationRequest();

Related

YouTube API broken by Google. 'Authentication with Google failed. Reason: NoLinkedYouTubeAccount'

** UPDATE **
It truly seems that Google has just screwed every single person on the planet by absolutely requiring user interaction to upload a video. Of course I know, they are free. Exactly what I warned the client years ago about, so I don't need to be reminded. Thank You.
So I would like to try to take this in a different direction and just find a loophole and a workaround to still keep doing what we are doing in spite of Google's complete lack of support or caring in any way about the developers and what they have to deal with.
It would be different if you can actually call a phone number and talk to a human being about YouTube Partner access, but you can more quickly get access to the Illuminati.
OAuth 2.0 is now the only supported authentication method period. It does require user interaction.
But what about that token? Does anybody know how long the token lasts?
If I can obtain a token just once using user interaction and place it in the database, I can automate possibly hundreds or thousands of interactions afterwards.
In other words, I'm trying to turn the user interaction into a speed bump instead of a concrete wall.
If anybody has any examples of obtaining that token, caching it, and using it afterwards, that would be a godsend to me right now.
Thanks for the comments and the help. I'm not surprised that the YouTube Developers Forum just folded and said to come here instead :)
It seems that Google has completely pulled the plug on the existing dashboard.
https://code.google.com/apis/youtube/dashboard/gwt/index.html
That link is now 404'd. Tried from several different browsers on different systems.
Registered under the new Google APIs Console already, but still get the problem.
// Set the authentication URL for this connection object
$authenticationURL= 'https://www.google.com/youtube/accounts/ClientLogin';
// Try to connect to YouTube with the channel credentials passed
try {
$httpClient =
Zend_Gdata_ClientLogin::getHttpClient(
$username = $channelfields['EMAIL_ADDRESS'],
$password = $channelfields['PASSCODE'],
$service = 'youtube',
$client = null,
$source = 'Redacted Data',
$loginToken = $channelfields['CACHED_TOKEN'],
$loginCaptcha = '',
$authenticationURL);
} catch (Zend_Gdata_App_HttpException $httpException) {
$update_error['response_body'] = $httpException->getRawResponseBody();
$update_error['error'] = 1;
} catch (Zend_Gdata_App_Exception $e) {
$update_error['message'] = $e->getMessage();
$update_error['error'] = 1;
}
This code has worked perfectly fine before, but does not work with the older API key, or the newer one generated inside the Google APIs console.
I'm attempting a simple upload and this concerns me greatly:
"The service account flow supports server-to-server interactions that do not access user information. However, the YouTube Data API does not support this flow. Since there is no way to link a Service Account to a YouTube account, attempts to authorize requests with this flow will generate a NoLinkedYouTubeAccount error."
From all reports it seems that Google has forced YouTube uploads to become interactive in all cases precluding all possibility of platforms that automatically upload generated content from working at all.
Any help or insights into the process is appreciated.
P.S - Ohhh, it's been awhile since I looked at that system and Google shut down the YouTube Developer Forums and said "YOU" were responsible for their support now :)
OAuth2 does support the ability to avoid user interaction through the offline access type parameter (ie, using access_type=offline). Check out Google documentation for details.
The solution is really rather simple. Your app needs to use oauth to request offline access. It will be given an access cide which you convert to a refresh token, which is the thing you store in your database. This doesn't expire. Well actually it sometimes does, but that's another story. Whenever you need to access the api, use the stored refresh token to request an access token which you include in each api call.
See https://developers.google.com/accounts/docs/OAuth2WebServer for details.
I don't know what you did but https://code.google.com/apis/youtube/dashboard/gwt/index.html works perfectly fine for me. Maybe it was a temporary issue. If you want no user interaction you HAVE to use YouTube API v2 OR you have to use v3 with methods that don't require authentification OR you have to provide your own youtube account credentials which is not recommended and probably not appropriate for you situation.
Several issues to respond here, I think.
1) The older API console has not been removed, but I've noticed intermittent outages to it and to the newer API console while Google is rolling out their new "cloud console."
2) ClientLogin was officially deprecated in April of 2012, not just 48 hours ago. Jeff Posnick has detailed all the changes over the months (and related ones, such as AuthSub, Youtube Direct, etc.) at his blog (apiblog.youtube.com).
3) You're right that, with v3 of the APIs, you cannot do automatic uploads across the board, as the oAuth2 flow requires user interaction. However, given the limited description of your use case, using refresh tokens is probably your best bet. If the content is user generated, somewhere they must be logging into your app, correct? (so that your app knows which credentials to leverage to do the uploads). At the point they're logging into your app, and you're starting the oAuth2 flow, you just have to hit the first oAuth endpoint and pass it the parameter access_type=offline (along with any other parameters). This will ensure that, when they grant that initial permission, you're returned a refresh token instead of an access token. With that refresh token, you can exchange it for multiple access tokens as needed (an access token lives for about an hour. I don't know how long a refresh token lives, but I've never had one expire before my own login cookies did, and then I just get a new one when my users re-login to my app).
Here's some more info on how to use the refresh token; note, too, that the various google api client libraries make it pretty smooth.
https://developers.google.com/accounts/docs/OAuth2WebServer#refresh
Also, this video tutorial from a Google Developers Live broadcast a couple of months ago might help illustrate the point: http://www.youtube.com/watch?v=hfWe1gPCnzc -- it's using the oAuth playground rather than a client library, but the concept is the same.
The answer is to use google-api-php-client, create an interactive auth page, and set up YouTube API v3 correctly with the new API console.
You can create a very simple page that will authenticate for the supplied channel and then store the correct token in your database. Is already working and uploading hundreds of videos on one channel. You do need to remember to fully activate yourself under the new API console and add the services required. Just keep authenticating and adding the services it says it needs. After that, the regular v3 upload process works just fine. On failure send a group an email and they can get a new token in 10 seconds.
Not the most elegant solution, but the documentation from Google is far from elegant anyways that Stack Overflow is now their front line support.
Just hang in there, a solution is always found. Don't give up!
I didn't get here by myself either, the other answers on this page helped me get all the way to this point. Thanks guys.
P.S - Don't forget the scopes
$client->setScopes("https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/youtube.upload");

Need help understanding ios http auth for app

I need an idiots guide explanation to understand generally how do you authenticate users in your ios app when you have a web based backend? I use tornado and django and understand how to use get/post/delete/update using restkit but theoretically i don't understand authentication requests.
P.S. I have found a good tutorial using restkit for authentication which helped here:
http://benoitc.github.com/restkit/authentication.html
That can be done in multiple ways ill explain the easiest, first lets setup our enviroment, we do have:
www.yourSite.com/login.php: this will take user="name" and passowrd="password", and it will echo back a session ID.
www.yourSite.com/isloggedin.php: to check if user is logged in
www.yoursite.com/logout.php: to logout from your session
First you would call login.php sending the user name and the password (login.php?user=someuser&passowd=pass) this call will echo back a session ID (that will be kept alive for you at the server side)
Then later on you could call isloggedin.php?session=here_set_the_session_returned_earlier, if you didnt log out this will return yes for example
Later if you want to logout you could call www.yoursite.com/logout.php?session=same_session, that will destroy the session saved in the login function
There are alot of other ways to implement this, but in my opinion this is the easiest way
You can use Cookie.
The web server side can respond some cookies when receiving the request that contains username and password information, then the next time app will send request with the cookies the web server has responded.
You can use ASIHTTPRequest, it can handle cookie automatically.
Hope this can help you. :)

Twitter #anywhere login having issues

I'm using the new twitter #anywhere api for logging in on the client using a popup. The api docs are here
https://dev.twitter.com/docs/anywhere/welcome#auth-events
Ive created a very simple example of their api, but after hitting "connect" on the popup, twitter just says "Something is technically wrong" as seen here in this screenshot
http://cl.ly/0A321R1Z2W1o3v0P0t0z
Here is my setup for doing this (note ive already created my app on twitter)
var api = "http://platform.twitter.com/anywhere.js?id={MY_API_KEY}&v=1";
$.getScript(api,function() {
twttr.anywhere(function (tw) {
console.log("tw",tw);
// bind auth compelte event
tw.bind("authComplete", function (e, user) {
console.log("tw auth complete",e,user);
});
// calling sign in triggeers the above event
tw.signIn();
});
});
So it opens the popup, lets me sign into twitter, and then when I hit connect, i get that odd error from twitter.
Any ideas what could be going wrong?
Thanks!
Update - I found this page of people having similar problems, but the solution they offered didn't change anything.
https://dev.twitter.com/discussions/1286
And it might be important to note the domain I'm using is http://changeup.dev its a local domain. I have it setup in my hosts file already.
SO, i Figured it out. You NEED to have a callback URL for your app, (on the developer page) even though it says you don't. The callback URL needs to match your authorized domain as well.
Then, in your app, the URL that the callback is calling, NEEDS to include the twitter api. THEN, and only THEN will the window automatically close and execute the authComplete callback.
I did this on the same page I was logging in from
if(location.hash && location.hash.indexOf("oauth_access_token") != -1) {

Facebook: stay in canvas after oauth callback

I'm working on an app using facebook & oauth. The app lives inside a facebook canvas, and the authentication is done server side. The app is done w/ Ruby on Rails 3.2, using Koala for dealing with the api (and mongodb as backend, for what it's worth), and hosted on heroku.
So, I supply the heroku url as redirect_url for the callback. Which makes the user go out of the canvas after the authentication, and well, I want it to stay inside. I read a few threads about this that suggested I redirect to the canvas url with js once the authentication is done. I did that, but now it seems that my session token is never set, and the user goes through the auth flow every time he tries to see a non-public page (which means he loops on the welcome page, having an "invisible" exchange with facebook each time).
I don't really get what I'm doing wrong here, so any help is welcome. If you need more informations, just ask.
Thanks for your time!
So I found what was my problem : the page my canvas pointed to was a "public" page, and did not handle anything authentication related, meaning it didn't parse the signed_request, or anything else. I ended up setting a special endpoint for the canvas in charge of handling the signed_request logic, and now it works as one would expect.

google oauth request callback return "http://mysite.com/callback#access_token=xxx" instead of "http://mysite.com/callback?access_token=xxx"

I'm writing a website which need get user contacts.
I use gmail oauth, and follow the step here: http://code.google.com/apis/accounts/docs/OAuth2.html
everything works fine except the callback, I set callback to :
http://mysite.com/callback
and google gives me:
http://mysite.com/callback#access_token=xxx
which I need is
http://mysite.com/callback&access_token=xxx
is there something I don't know? thanks.
For web applications, you need to request a code, and not a token; for this, set request_type=code in your authorization url, as described here:
https://developers.google.com/accounts/docs/OAuth2Login#responsetypeparameter
and here:
https://developers.google.com/accounts/docs/OAuth2Login#handlingresponse

Resources