Home > Archive >  2009 >  February >  12

OAuth hail mary quick code clinic and plea for help

Thursday, February 12, 2009 by Dave Winer.

Hi everybody! Permalink to this paragraph

As you probably know Twitter is getting ready to support OAuth, and this is a good thing, cause it'll make it easier to trust websites with access to your account cause you won't have to give up your password. But OAuth is hard to implement, it's complicated, and because I'm basically programming the OPML Editor on my own, if I want to support it, I have to write the code. Which is okay cause it's interesting, and it'll mean I'll have a very deep background in OAuth when it's done. Permalink to this paragraph

I've been through one of these before. Flickr has a similar authentication system, although it's simpler than OAuth (probably fewer cooks and less compromise in the design). So last night I got coding finally and made a lot of progress, thanks to some help from a tutorial at Hueniverse. But as I was finishing it up I was pretty sure it wouldn't work when I tested it against a server running in Ireland, and sure enough it didn't. Permalink to this paragraph

At this point what you do is put up a source listing ahd ask other programmers to have a look. I bet there are a dozen things I'm not doing that I should be. Based on Leah Culver's code, I think I may have to set some headers, but I'm not doing any of that. What else?  Permalink to this paragraph

Anyway, here's the listing. Permalink to this paragraph

http://scripting.com/misc/programming/oauthlisting.txt  Permalink to this paragraph

Gratitude for any help will be psychically and demonstrably expressed! ;-> Permalink to this paragraph

A picture named accordion.gifUpdate at 11:50AM: I got signatures working. Here's the updated code listing. How I did it was to fill in the values in the Hueniverse tutorial and step through my code and check my values against theirs. There were differences. Where they disagreed, I made mine match theirs. Once I got them producing the same signature, I tested it against the server in Ireland and it worked. Anyone who's trying to get theirs to work, I recommend doing the same. It takes all the guesswork out of it. Now I have to step through the rest of the dance and see how it goes. ;-> Permalink to this paragraph

Update at 12:45PM: I'm done with my OAuth library, I've worked through all the levels with the test server in Ireland, and have made arbitrary authenticated calls. I even see roughly how this will plug into Twitter. It means rewriting all my glue code, but should not effect any of the higher-level code. After a break I'll get started testing against twitter.com. Permalink to this paragraph


Recent stories:

A picture named dave.jpgDave Winer, 53, pioneered the development of weblogs, syndication (RSS), podcasting, outlining, and web content management software; former contributing editor at Wired Magazine, research fellow at Harvard Law School, entrepreneur, and investor in web media companies. A native New Yorker, he received a Master's in Computer Science from the University of Wisconsin, a Bachelor's in Mathematics from Tulane University and currently lives in Berkeley, California.

"The protoblogger." - NY Times.

"The father of modern-day content distribution." - PC World.

One of BusinessWeek's 25 Most Influential People on the Web.

"Helped popularize blogging, podcasting and RSS." - Time.

"The father of blogging and RSS." - BBC.

"RSS was born in 1997 out of the confluence of Dave Winer's 'Really Simple Syndication' technology, used to push out blog updates, and Netscape's 'Rich Site Summary', which allowed users to create custom Netscape home pages with regularly updated data flows." - Tim O'Reilly.


Dave Winer Mailto icon

My most recent trivia on Twitter.

© Copyright 1994-2009 Dave Winer Mailto icon.

Last update: 2/12/2009; 5:51:25 PM Pacific. "It's even worse than it appears."

Click here to view blogs commenting on  RSS 2.0 feed.