tags:

views:

877

answers:

5
+3  Q: 

Work flow for authentication and API use with Twitter on OAuth

I'm a bit confused about all this OAuth bruhaha in the sense that all the examples I can find are for web applications and none of them for desktop applications.

I understand the Web application work flow, but that includes some redirections between the web app and twitter.

  • How does one do this in an desktop application?
  • How does the redirects work?
  • Should I have to include a Web Browser object?
  • Is there a way to go around this?
  • Could anyone point me to resources instead of a full blown solution please?

Thanks

+3  A: 

Not sure which language you're using, but the .NET library for Twitter called Tweetsharp has a post on using Tweetsharp from a desktop app and authenticating via OAuth. See http://tweetsharp.com/?p=68. If you're not using .NET then perhaps it will inspire something you can do?

Basically, what tweetsharp does is launch the browser to the authentication URL and then waits for the user to return. I don't know of any way to do this other than something like that (Or include a WebBrowser control of some kind to launch the authentication URL in your own window).

Ryan Farley  2009-06-08 16:53:00
Thanks mate, but that still involves going out of my way and wait for some external app. I need to contain it all in my App. It makes sense to have the login and password in your desktop app, hell, tell me of one that doesn't have... That really does not solve my problem, but thanks anyway.
Gustavo Carreno  2009-06-08 21:23:57
Yeah, I understand. However, for OAuth in a desktop app, there is no other option. The whole point of OAuth is to *not* have your app ask for credentials.
Ryan Farley  2009-06-08 22:40:30
A: 

After some poking around and asking some questions about this subject to some other programmers, it looks like it's still an ongoing discussion, with no visible light at the end of the tunnel.

But for people interested on the ongoing discussion, here's the best link to have:
OAuth Desktop Discussion

Gustavo Carreno  2009-06-09 11:21:17
After my "conversation" with xoxo it looks like a possible answer can be better than mine. Will hold for xoxo to get some stuff up.
Gustavo Carreno  2009-08-19 21:02:52
A: 

I've seen a few desktop apps get around this by effectively embedding a browser into their program, so they can just open the in-app browser window to let you do the login and authorisation. This strikes me as a bit of a cheat or defeat of purpose because you still end up typing your ID and password inside the application anyway.

One possibility I was thinking of was, your desktop application could embed a mini HTTP server inside it. So then it launches the default browser to perform the authorisation, with a callback URL something like http://127.0.0.1:8765/oauthorized and then just listen for it.

Would that work?

Not sure what you would do for console applications... spawn a copy of lynx?

Evan  2009-06-12 06:17:40
The HTTP server could work. I'll have to look into the localhost issue that aroused earlier just to confirm that it's still possible. Thanks for that suggestion, looks interesting.
Gustavo Carreno  2009-06-13 15:51:15
A: 
  1. Include a WebBrowser control in your app. Put it in a panel or a separate form that you'll Form.ShowDialog().
  2. Create a callback for the browser's successful posting of OAuth and one for a rejection. Don't forget to check for a FailWhale.
  3. In the callback, you close the panel or form and store the token.

Here's a nice overview with sample code and everything: http://tweetsharp.com/2009/04/how-to-authenticate-a-desktop-application-with-oauth/

Rap  2010-02-08 14:01:23
A: 

Here's a straightforward solution, implemented as a set of PHP scripts for running from the command line. Well documented and explained, with a helpful 'verbose' option for debugging.

http://nullinfo.wordpress.com/oauth-twitter/

Gabe  2010-05-16 22:46:27

related questions

What is the practical difference between xml, json, rss and atom when interfacing with Twitter?
Best way to poll a web service (eg, for a twitter app)
Can I suppress the browser’s login prompt on 401 response when using XmlHttpRequest with Twitter
Best Twitter PHP Library
What benefits does creating an API give to your service?
Large primary key: 1+ billion rows mySQL + InnoDB?
A little help with DOM manip and GreaseMonkey
OSS Twitter Clone written in .NET
An Easy Way to Consume a Twitter Search Feed With ASP.Net
Script to publish my SO Q's and A's on my twitter?
What Python tools can I use to interface with a website's API?
PHP app using Twitter API works on some accounts, not others
Consuming a REST service from WCF
Protecting user passwords in desktop applications (Rev 2)
Protecting user passwords in desktop applications
How can I use the Twitter Search API to return all tweets that match my search query, posted only within the last five seconds?
Good Programming Twitters
Does Twitter Help You Become a Better Developer or Distract You?
How do you write Valid XHTML 1.0 Strict code when you are using javascript to fill an element that requires a child?
What is search.twitter.com's "trending topics" algorithm?
Are there any MVC web frameworks that support multiple request types?
How do I get my Twitter feed to integrate with a blog (with individual comment threads)?
How can I integrate Laconica update stream into SharePoint?
if you reimplemented twitter, what would you do differently?
Two-way password encryption without ssl