What are the difference in simple and OAuth autentication in Tweeter for?

Question

I was checking out the Tweet# API, and notice that there are 2 ways to authenticate.

 .AuthenticateAs(TWITTER_USERNAME, TWITTER_PASSWORD)

and

.AuthenticateWith(OAUTH_CONSUMER_KEY,
                      OAUTH_CONSUMER_SECRET,
                      OAUTH_TOKEN,
                      OAUTH_TOKEN_SECRET)

if I just want to post as message on a user's behalf, whats the difference? Thanks

Answer 1

The first uses Twitter's basic authentication. It uses an HTTP request, so it's not secure.

The second uses OAuth, more complicated but also more secure.

Both work for updating status (a.k.a posting a message)

More info here: http://apiwiki.twitter.com/Authentication.

Answer 2

Basic Auth is not secure and going to be deprecated soon. Its sends the user password as plain text (base64 encoded)

OAuth is a (relative?) new method for authentication where no password is needed.

In a few, quick and rough words:

• Your app ask Twitter a request token
• You redirect the user with the request token to Twitter's login
• User logs in and accepts your application
• User is redirected back to your app, and a access token is granted for the app.
• Any request for consuming user data is made with the access token, so Twitter knows you are one of the good guys.

Keep in mind that OAuth auth is a server-to-server communication.

EDIT:

Official link: http://oauth.net/documentation/getting-started/

OAuth is way more complex and painful than Basic, but in the end you have a more secure app. Your users will thank you.