Skip to main content

Posts

Showing posts from September, 2010

Using Twitter @Anywhere Bridge Codes

Update: Twitter has removed oauth_bridge_code support from the API

At @appworkshop in July @themattharris pre announced @Anywhere oauth_bridge_code support. The official announcement has yet to appear but this blog post provides everything you need to get started.

An @Anywhere oauth_bridge_code can be used to get a long lived OAuth 1.0a access_token for the REST API. This allows sites to use @Anywhere and the REST API while only requiring users to only use one authentication method.

The basics are that after a users completes the sign in process for @Anywhere the browser gets an oauth_bridge_code. This oauth_bridge_code can be passed to the /oauth/access_token API endpoint signed with your applications consumer key and secret. If everything checks out Twitter will return a standard access_token for the REST API.

Now lets see some code!

Lets start with authenticating the user using the direct link method described in Hacking Twitter OAuth. You will need to change the oauth_client_ident…

Social App Workshop Wrap-Up: A Ton of Developers, a Few APIs, and a Whole Lot of Magic

Presentations by Oren Teich of Heroku on cloud services and hacker advocate Abraham Williams on minimalism in feature design shared a common theme: simplicity is key - both for applications and the infrastructure, tools and languages that are used to build them. With the immediacy of social tech, increasing mobility, and intense app competition, fast and easy is the new imperative.

Hacking Twitter @Anywhere's authentication

Twitter @Anywhere uses the @OAuth 2 draft (or at least some of it) for authentication and access so I started poking around to see what it supports.

First lets get an oauth_access_token. For OAuth 2 the oauth_access_tokens are short lived and will usually only be valid for a couple of hours. Visit http://abrah.am (or any other @Anywhere enabled site) click on the "Follow @abraham on Twitter" button. This will create a popup where you will log into twitter.com and connect with the @Anywhere application.


The @Anywhere application is now authorized to act on behalf of your Twitter application and there is an oauth_access_token in your browsers localStorage as twttr_anywhere. You can use the following JavaScript command to retrieve your oauth_access_token. It works in Google Chrome's built in console, Firebug's console in Firefox and I'm sure other browsers as well.


*Note that the oauth_access_token can be used by itself to act as your Twitter credentials so don'…