Hi -
I was playing with OAuth authentication and in the process decided to test it against Twitter and since it's kind of fun, I thought I'd share it with the rest of the world. You can run the (very simple) demo here: http://ardemo.seasidehosting.st/seaside/twitter All it does is after you log in via Twitter it shows you the account info that Twitter shares with the app and allows you to tweet a little. The OAuth part itself is now integrated in WebClient's suite of auth methods and the little Twitter demo is available in http://www.squeaksource.com/ar.html and can be installed via (Installer ss project: 'ar') install: 'Twitter-Squeak'. Since I found OAuth to be a pretty major PITA I hope that this example will prove helpful for people who have to deal with this stuff. Lastly, a Seaside question that came up in the above: Part of the OAuth process requires passing a specific callback url to the remote site (which is the url the user gets redirected to after authentication was successful). Since I couldn't figure out how to obtain the url otherwise, I've been stashing it away in a rendering method (since there's access to the rendering context's callback store) like here: renderLoginPageOn: html "Set up the callback url for Twitter to return to" callback := WAActionCallback on: [self twitterCallback]. url := html actionUrl copy addField: (html callbacks store: callback). "We need the host and the scheme here; the scheme is guesswork" urlString := 'http://', host, '/', url asString. oauthParams at: 'oauth_callback' put: urlString encodeForHTTP. and then later the callback is passed to Twitter and the user sent back to the app. This works, but I'm wondering if that's the right thing to do, and if not, how one would set up and register such a callback url outside of rendering. Cheers, - Andreas |
On 13.08.2010, at 05:50, Andreas Raab wrote: > Hi - > > I was playing with OAuth authentication and in the process decided to test it against Twitter and since it's kind of fun, I thought I'd share it with the rest of the world. You can run the (very simple) demo here: > > http://ardemo.seasidehosting.st/seaside/twitter > > All it does is after you log in via Twitter it shows you the account info that Twitter shares with the app and allows you to tweet a little. > > The OAuth part itself is now integrated in WebClient's suite of auth methods and the little Twitter demo is available in http://www.squeaksource.com/ar.html and can be installed via > > (Installer ss project: 'ar') > install: 'Twitter-Squeak'. > > Since I found OAuth to be a pretty major PITA I hope that this example will prove helpful for people who have to deal with this stuff. > thanks, Norbert > Lastly, a Seaside question that came up in the above: Part of the OAuth process requires passing a specific callback url to the remote site (which is the url the user gets redirected to after authentication was successful). Since I couldn't figure out how to obtain the url otherwise, I've been stashing it away in a rendering method (since there's access to the rendering context's callback store) like here: > > renderLoginPageOn: html > > "Set up the callback url for Twitter to return to" > callback := WAActionCallback on: [self twitterCallback]. > url := html actionUrl copy addField: (html callbacks store: callback). > > "We need the host and the scheme here; the scheme is guesswork" > urlString := 'http://', host, '/', url asString. > oauthParams at: 'oauth_callback' put: urlString encodeForHTTP. > > and then later the callback is passed to Twitter and the user sent back to the app. This works, but I'm wondering if that's the right thing to do, and if not, how one would set up and register such a callback url outside of rendering. > > Cheers, > - Andreas > _______________________________________________ > seaside-dev mailing list > [hidden email] > http://lists.squeakfoundation.org/mailman/listinfo/seaside-dev |
In reply to this post by Andreas.Raab
On 2010/08/13 05:50, Andreas Raab wrote:
> Hi - > > I was playing with OAuth authentication and in the process decided to > test it against Twitter and since it's kind of fun, I thought I'd share > it with the rest of the world. You can run the (very simple) demo here: > > http://ardemo.seasidehosting.st/seaside/twitter > > All it does is after you log in via Twitter it shows you the account > info that Twitter shares with the app and allows you to tweet a little. > > The OAuth part itself is now integrated in WebClient's suite of auth > methods and the little Twitter demo is available in > http://www.squeaksource.com/ar.html and can be installed via > > (Installer ss project: 'ar') > install: 'Twitter-Squeak'. > > Since I found OAuth to be a pretty major PITA I hope that this example > will prove helpful for people who have to deal with this stuff. > > Lastly, a Seaside question that came up in the above: Part of the OAuth > process requires passing a specific callback url to the remote site > (which is the url the user gets redirected to after authentication was > successful). Since I couldn't figure out how to obtain the url > otherwise, I've been stashing it away in a rendering method (since > there's access to the rendering context's callback store) like here: > > renderLoginPageOn: html > > "Set up the callback url for Twitter to return to" > callback := WAActionCallback on: [self twitterCallback]. > url := html actionUrl copy addField: (html callbacks store: callback). > > "We need the host and the scheme here; the scheme is guesswork" > urlString := 'http://', host, '/', url asString. > oauthParams at: 'oauth_callback' put: urlString encodeForHTTP. > > and then later the callback is passed to Twitter and the user sent back > to the app. This works, but I'm wondering if that's the right thing to > do, and if not, how one would set up and register such a callback url > outside of rendering. James Robertson has been working on OAuth lately too, and also saying it's a PITA. Maybe there's some common ground/useful ideas between the two implementations. frank |
In reply to this post by NorbertHartl
On 8/13/2010 2:11 AM, Norbert Hartl wrote:
> > On 13.08.2010, at 05:50, Andreas Raab wrote: > >> Hi - >> >> I was playing with OAuth authentication and in the process decided to test it against Twitter and since it's kind of fun, I thought I'd share it with the rest of the world. You can run the (very simple) demo here: >> >> http://ardemo.seasidehosting.st/seaside/twitter >> >> All it does is after you log in via Twitter it shows you the account info that Twitter shares with the app and allows you to tweet a little. >> >> The OAuth part itself is now integrated in WebClient's suite of auth methods and the little Twitter demo is available in http://www.squeaksource.com/ar.html and can be installed via >> >> (Installer ss project: 'ar') >> install: 'Twitter-Squeak'. >> >> Since I found OAuth to be a pretty major PITA I hope that this example will prove helpful for people who have to deal with this stuff. >> > That sounds really good, Andreas. Can the implementation be used to offer an OAuth authenticated seaside service? Not easily. An OAuth server needs to implement a bit more than what I did and although it's a logical extension of the work that I've done I wouldn't expect it to be any easier than the client bits. Cheers, - Andreas > thanks, > > Norbert > >> Lastly, a Seaside question that came up in the above: Part of the OAuth process requires passing a specific callback url to the remote site (which is the url the user gets redirected to after authentication was successful). Since I couldn't figure out how to obtain the url otherwise, I've been stashing it away in a rendering method (since there's access to the rendering context's callback store) like here: >> >> renderLoginPageOn: html >> >> "Set up the callback url for Twitter to return to" >> callback := WAActionCallback on: [self twitterCallback]. >> url := html actionUrl copy addField: (html callbacks store: callback). >> >> "We need the host and the scheme here; the scheme is guesswork" >> urlString := 'http://', host, '/', url asString. >> oauthParams at: 'oauth_callback' put: urlString encodeForHTTP. >> >> and then later the callback is passed to Twitter and the user sent back to the app. This works, but I'm wondering if that's the right thing to do, and if not, how one would set up and register such a callback url outside of rendering. >> >> Cheers, >> - Andreas >> _______________________________________________ >> seaside-dev mailing list >> [hidden email] >> http://lists.squeakfoundation.org/mailman/listinfo/seaside-dev > > > |
Free forum by Nabble | Edit this page |