My favorites | Sign in
Project Home Downloads Wiki Issues Source
Search
for
TwitterAuthentication  
Updated Jul 27, 2010 by lyolik1...@gmail.com

How to authenticate using Twitter OAuth credentials

Introduction

We have created a new upload method that uses Twitter Echo OAuth, here is how to use it:

Send all OAuth upload requests using POST to:

http://yfrog.com/api/xauth_upload or https://yfrog.com/api/xauth_upload

Requirements

media (filename required)
key (your api key required)

X-Auth-Service-Provider: https://api.twitter.com/1/account/verify_credentials.xml (only XML is supported at this time).

You will need a header for authorization, here is it:

X-Verify-Credentials-Authorization: 

OAuth realm="http://api.twitter.com/",
oauth_consumer_key="",
oauth_signature_method="HMAC-SHA1",
oauth_token="",
oauth_timestamp="",
oauth_nonce="",
oauth_version="1.0",
oauth_signature=""

Here is a sample POST from php via command line: 

# php yfrog_test.php ./test.jpg

[jack@zero ~]$ php yfrog_test.php ./test.jpg

* About to connect() to yfrog.com port 80 (#0)
*   Trying 208.94.0.29... * connected
* Connected to yfrog.com (208.94.0.29) port 80 (#0)
> POST /api/xauth_upload HTTP/1.1
Host: yfrog.com
Accept: */*
X-Auth-Service-Provider:
https://api.twitter.com/1/account/verify_credentials.xml
X-Verify-Credentials-Authorization:
oauth_consumer_key="kgmLtpVA6ipyBcePT7MKaQ",
oauth_nonce="6c893cf4adb9f9d28aadc86b16fe837b",
oauth_signature="U7KgIJPBtaEtRN8BfxTRFVoL9kE%3D",
oauth_signature_method="HMAC-SHA1", oauth_timestamp="1274651607",
oauth_token="139881639-MePpdaz3Kvz6WuOeKFeQgLOdg3f54gVMGXcQRryY",
oauth_version="1.0"
Content-Length: 923876
Expect: 100-continue
Content-Type: multipart/form-data;
boundary=----------------------------a21ff70823f9
* Closing connection #0

Response is:

<?xml version="1.0" encoding="UTF-8"?>
<rsp stat="ok">
<mediaid>af11zj</mediaid>
<mediaurl>http://yfrog.com/af11zj</mediaurl>
</rsp>

In which case an image was uploaded to the User's YFrog account.

API below this line is going to continue to work, but we recommend using the API described above

If user have been already authenticated using OAuth, when posting images to YFrog on his behalf (using 'upload' method) you may want to pass his identity, so later on he can manage and delete his posted images at Yfrog web site.

See working example (PHP) here: http://imageshackapi.googlecode.com/files/upload-to-yfrog-example-with-xauth.php

Old oauth request method api

When you are using unified upload API, you can pass following parameters:

  • auth=oauth
  • username - twitter username
  • verify_url - a signed URL that points to twitter's vertify_credentials page in form: 
https://twitter.com/account/verify_credentials.xml?oauth_version=1.0&oauth_nonce=NONCE&oauth_timestamp=STAMP&oauth_consumer_key=CONSUMER_KEY&oauth_token=TOKEN&oauth_signature_method=HMAC-SHA1&oauth_signature=SIGNATURE

The request must be signed using your Twitter OAuth credentials and user Token.

We'll check if account described by OAuth parameters is the same as specified in a_username and will use this information to link a picture or video to user's account.

Then, user can manage all hist posted images/videos at

http://yfrog.com/froggy.php?username=TWITTER_USERNAME

See working example (PHP) here: http://imageshackapi.googlecode.com/files/upload-to-yfrog-example.php

Comment by rhyland, May 22, 2010

Please can you support oAuth Echo instead of this method, oAuth Echo makes much more sense and is being supported by almost every other provider.

Comment by project member magn...@gmail.com, May 22, 2010

We are planning to get this done in a day or two.

-Jack

Comment by engineer...@gmail.com, May 25, 2010

Can you please update your API documentation for oauth echo?

Comment by mathieut...@gmail.com, May 25, 2010

What about OAuth Echo? It's becoming urgent now. Thanks,

Comment by project member magn...@gmail.com, May 25, 2010

its available, I am posting now.

Comment by fab...@fabian-kreiser.com, May 26, 2010

Thank you!

Comment by gregory....@gmail.com, May 27, 2010

Do you have any a PHP example of this like you did for the old method? That would be helpful.

Comment by eric.ola...@gmail.com, Jul 4, 2010

Thanks for the OAuth Echo. I had this working in an app, but am getting "invalid username or verification url errors now." Did anything change recently?

Comment by project member clifford...@gmail.com, Jul 20, 2010

Make sure to sign your url with 'https://api.twitter.com/1/account/verify_credentials.xml' and not 'https://twitter.com/account/verify_credentials.xml'. Also .json is not supported for signing the url at this time.

Comment by thatsple...@gmail.com, Jan 3, 2011

I did uploadAndPost method, but I can't do this. I am getting err message, <err code="1001" msg=" Invalid username or verification URL specified"/>. Is there an Obj-C example?

Comment by lcai...@gmail.com, May 11, 2011

For some reason as of May 5th I can no longer post to yfrog/twitter. My last successful upload was May 5th. Get the cannot post OAuth error. PLEASE help. I've spent 2 days trying to figure this out on my own.

thanks cain81@mtco.com

Comment by xtranoph...@gmail.com, Oct 7, 2011

Is it possible to send message/status in post array? Also, is there a uploadAndPost kind of thing for this?

Comment by laddi69s...@gmail.com, Oct 14, 2011

I want to build application. Tell me in c++ CODE. THANK YOU

Comment by kamesh.S...@gmail.com, Jan 3, 2012

how can i upload image and post the tweet at the same time using this API? because i am not storing the credentials of the user.

Comment by saif4...@gmail.com, Jan 4, 2012

Can anyone help me with this one?

403: Client must provide a 'status' parameter with a value.

function twitter_yfrog_page($query) {

if (user_type() == 'oauth') {

//Has the user submitted an image and message? if ($POST['message']) {
$yfrogURL = 'http://yfrog.com/api/xauth_upload';
//Set the initial headers $header = array(
'X-Auth-Service-Provider: https://api.twitter.com/1/account/verify_credentials.xml', 'X-Verify-Credentials-Authorization: OAuth realm="http://api.twitter.com/"'
);
//Using Abraham's OAuth library require_once('OAuth.php');
// instantiating OAuth customer $consumer = new OAuthConsumer(OAUTH_CONSUMER_KEY, OAUTH_CONSUMER_SECRET);
// instantiating signer $sha1_method = new OAuthSignatureMethod_HMAC_SHA1();
// user's token list($oauth_token, $oauth_token_secret) = explode('|', $GLOBALS['user']['password']); $token = new OAuthConsumer($oauth_token, $oauth_token_secret);
// Generate all the OAuth parameters needed $signingURL = 'https://api.twitter.com/1/account/verify_credentials.xml'; $request = OAuthRequest::from_consumer_and_token($consumer, $token, 'GET', $signingURL, array()); $request->sign_request($sha1_method, $consumer, $token);
$header1? .= ", oauth_consumer_key=\"" . $request->get_parameter('oauth_consumer_key') ."\""; $header1? .= ", oauth_signature_method=\"" . $request->get_parameter('oauth_signature_method') ."\""; $header1? .= ", oauth_token=\"" . $request->get_parameter('oauth_token') ."\""; $header1? .= ", oauth_timestamp=\"" . $request->get_parameter('oauth_timestamp') ."\""; $header1? .= ", oauth_nonce=\"" . $request->get_parameter('oauth_nonce') ."\""; $header1? .= ", oauth_version=\"" . $request->get_parameter('oauth_version') ."\""; $header1? .= ", oauth_signature=\"" . urlencode($request->get_parameter('oauth_signature')) ."\"";
//open connection $ch = curl_init();

//Set paramaters curl_setopt($ch, CURLOPT_HTTPHEADER, $header); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);

//set the url, number of POST vars, POST data curl_setopt($ch,CURLOPT_URL,$yfrogURL);

//yFrog requires the data to be sent as POST $media_data = array(
'media' => '@'.$FILES['media']['tmp_name'], 'message' => ' ' . stripslashes($POST['message']), //A space is needed because yfrog b0rks if first char is an @ 'api_key' =>yfrog_API_KEY
);

curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch,CURLOPT_POSTFIELDS,$media_data);
//execute post $result = curl_exec($ch); $response_info=curl_getinfo($ch);
//close connection curl_close($ch);
if ($response_info['http_code'] == 200) { //Success
//Decode the response $json = json_decode($result); $id = $json->response->media->id; $yfrogURL = $json->response->media->url; $text = $json->response->media->text; $message = trim($text);
//Send the user's message to twitter $request = API_URL.'statuses/update.json';
$post_data = array('source' => 'dabr', 'status' => $message); $status = twitter_process($request, $post_data);
//Back to the timeline twitter_refresh("yfrog/confirm/$id");
} else {
$content = "<p>yfrog upload failed. No idea why!</p>"; $content .= "<pre>";

$json = json_decode($result); $content .= "<br / ><b>message</b> " . urlencode($_POST['message']); $content .= "<br / ><b>json</b> " . print_r($json); $content .= "<br / ><b>Response</b> " . print_r($response_info); $content .= "<br / ><b>header</b> " . print_r($header); $content .= "<br / ><b>media_data</b> " . print_r($media_data); $content .= "<br /><b>URL was</b> " . $yfrogURL; $content .= "<br /><b>File uploaded was</b> " . $_FILES['media']['tmp_name']; $content .= "</pre>"; } } elseif ($query[1] == 'confirm') { $content = "<p>Upload success. Image posted to Twitter.</p>"; } else { $content = "<form method='post' action='yfrog' enctype='multipart/form-data'>Image <input type='file' name='media' /><br />Message (optional):<br /><textarea name='message' style='width:90%; max-width: 400px;' rows='3' id='message'></textarea><br><input type='submit' value='Send'><span id='remaining'>110</span></form>"; $content .= js_counter("message", "110"); }

return theme('page', 'yfrog Upload', $content); } }


Sign in to add a comment
Powered by Google Project Hosting