OAuth支持

[GoogleCodeExporter]

昨晚ep给代码加上了oauth支持，不过现在的身份验证方式比较�
��琐，作者可以考虑改
进一下。

现在的用法是这样的：
1. 注册OAuth，把OAuth的callback url设置为https://xxx.appspot.com/oauth
/twitter/callback
2. 把OAuth的key和secret填入oauth.py
3. 改好app.yaml之后上传到GAE
4. 
访问https://xxx.appspot.com/oauth/twitter/login注册，完成后会显示一�
��key
5. 
设置客户端的api地址为https://xxx.appspot.com/gtap_oauth/，用户名随
意，密
码为(4)显示的key即可登录

我测试过获取/发推/删除推都没问题，不过不确定还有没有其
它bug，请慎用。

(oauth.py原始作者为tav 
(http://github.com/tav/tweetapp/)，我作了部分修改）

Original issue reported on code.google.com by SAPika...@gmail.com on 20 Apr 2010 at 3:32

Attachments:

• gtap-oauth.7z

[GoogleCodeExporter]

gae上面有log出现么？

Original comment by SAPika...@gmail.com on 25 Jun 2010 at 3:52

[GoogleCodeExporter]

我试的https://gtapserver1.appspot.com/   ，没法看log

Original comment by ray.c...@gmail.com on 25 Jun 2010 at 4:35

[GoogleCodeExporter]

https://gtapserver1.appspot.com/ 这个URL早就被墙了
我试了，Twitter For Iphone 
3.0.1也不行，GAE上的Log和196楼是一样的，不知什么原因
但用Twitterrific就正常

Original comment by caojian...@gmail.com on 25 Jun 2010 at 4:49

[GoogleCodeExporter]

可以的话最好自己建个原版gtap试试。203楼用的是那个版本？

Original comment by SAPika...@gmail.com on 25 Jun 2010 at 5:13

[GoogleCodeExporter]

我用的rev6-2.7z

Original comment by caojian...@gmail.com on 25 Jun 2010 at 5:24

[GoogleCodeExporter]

试试gtap官方版

Original comment by SAPika...@gmail.com on 25 Jun 2010 at 5:52

[GoogleCodeExporter]

试了官方0.3.3版，重新建了个App，客户端报“Could not auth 
you”，GAE Log报的错仍一样，如下：
06-24 11:27PM 56.850 /oauth/access_token 404 9ms 19cpu_ms 0kb Twitter/3.0.1 
CFNetwork/485.2 Darwin/10.3.1,gzip(gfe)
 - - [24/Jun/2010:23:27:56 -0700] "POST /oauth/access_token HTTP/1.1" 404 124 - "Twitter/3.0.1 CFNetwork/485.2 Darwin/10.3.1,gzip(gfe)"

Original comment by caojian...@gmail.com on 25 Jun 2010 at 6:46

[GoogleCodeExporter]

用官方的话地址后面要加上/api/。。。之前忘记了，不好意思

Original comment by SAPika...@gmail.com on 25 Jun 2010 at 6:50

[GoogleCodeExporter]

我已经加了API了

Original comment by caojian...@gmail.com on 25 Jun 2010 at 6:59

[GoogleCodeExporter]

这样的话。。。试试不加？

Original comment by SAPika...@gmail.com on 25 Jun 2010 at 7:48

[GoogleCodeExporter]

试过了，加和不加都一样，报同样的错，郁闷了

Original comment by caojian...@gmail.com on 25 Jun 2010 at 7:53

[GoogleCodeExporter]

"POST /oauth/access_token HTTP/1.1"，看这一段的话应该无疑问twitter 
iOS是统一都用oauth来验证，不管是使用twitter.com还是第三方API�
��。

Original comment by ray.c...@gmail.com on 25 Jun 2010 at 9:22

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

Comment 211  by caojian.cn
---------------------------
我刚才测试过，如果app里面同时装了gtap和gtap-oauth是会出错，
因为url会冲突，但是只装gtap应该是没问题的，至少不会返回4
04。你的新app是同时装了两个版本么？

Original comment by SAPika...@gmail.com on 25 Jun 2010 at 12:45

[GoogleCodeExporter]

请教一下，第四步输入http://xxxxxx.appspot.com/oauth/twitter/login的��
�候，出现以下提示：

Twitter takes your privacy very seriously.

Please ensure that you trust this website with your information before 
proceeding!

By clicking "Allow" you continue to operate under Twitter's Terms of Service. 
You may revoke access to this application at any time by visiting your Settings 
page.
An application would like to connect to your account
The application xxxxx by would like the ability to access and update your data 
on Twitter. Sign out if you want to connect to an account other than xxxxxx.
Allow xxxxx access?

 但是我选择Allow之后，没有出现KEY，而是直接跳转至twitter已登录界面？我怎么得到KEY？

Original comment by luo...@gmail.com on 25 Jun 2010 at 4:27

[GoogleCodeExporter]

app的callback 
url设置成什么了？应该是https://xxxxxx.appspot.com/oauth/twitter/callba
ck

Original comment by SAPika...@gmail.com on 26 Jun 2010 at 2:05

[GoogleCodeExporter]

发现这个版本一个很严重的问题：与奶瓶腿，dabr等客户端不�
��容，表现在无法发推，提示403: Client must provide a 'status' 
parameter with a value.
检查调试了一下代码，发现问题出在这行上
data = client.post_raw(newUrl, method,  ** dict([(k, v) for k, v in 
parse_qsl(origBody)]))
作者愿意是认为post提交上来的数据和get一样，可以这样拆分�
��但实际我用logging捕获到的数据却是这样的：
#
06-25 10:57PM 22.087 ------------------------------841bb04c0551
#
E 06-25 10:57PM 22.359 Content-Disposition: form-data; name="source"
#
E 06-25 10:57PM 22.359
#
E 06-25 10:57PM 22.359 dabr
#
E 06-25 10:57PM 22.360 ------------------------------841bb04c0551
#
E 06-25 10:57PM 22.360 Content-Disposition: form-data; name="status"
#
E 06-25 10:57PM 22.361
#
E 06-25 10:57PM 22.361 这是发推的内容
#
E 06-25 10:57PM 22.361 ------------------------------841bb04c0551--
#
E 06-25 10:57PM 22.361

于是按照作者的步骤，提交给twitter的变成了
{' name': '"status"\r\n\r\n 
\xe7\xbb\xa7\xe7\xbb\xad\xe6\x8a\x98\xe8\x85\xbe\xe6\x88\x91\xe7\x9a\x84\xe5\xa5
\xb6\xe7\x93\xb6\xe8\x85\xbf\xe5\x92\x8cgt
很明显，确实没有status字段了

个人认为改进方法为利用self.request.get方法和arguments方法来获�
��提交的内容再转发，可能比较稳妥。

Original comment by ayanamist on 26 Jun 2010 at 6:13

[GoogleCodeExporter]

再提醒一下，gae的https在国内某些地区（例如我这里）是被屏
蔽的，根本无法连接……

Original comment by ayanamist on 26 Jun 2010 at 6:14

[GoogleCodeExporter]

原来dabr是用multipart来post么。。。之前都不知道，迟点我弄个
新版本吧。

GAE的HTTPS其实在大部分地区都没办法直接用了，需要改hosts，�
��前的版本出来之后GFW封掉了一大堆ip。

（话说如果是用网页客户端的话，为什么还要用gtap中转呢？�
��般都不会放在国内空间吧，很不安全

Original comment by SAPika...@gmail.com on 26 Jun 2010 at 6:33

[GoogleCodeExporter]

@SAPikachu
我是私用学校的服务器做的。而且放在国内有个好处是可以��
�通过功夫网，避免明文关键字。如果放国外，没有独立IP和SS
L证书，一旦时间线中出现敏感词，网页就打不开了……

Original comment by ayanamist on 26 Jun 2010 at 6:53

[GoogleCodeExporter]

@ayanamist

呃。。。放国内如果有HTTPS还好，没有的话更危险吧，你没办
法保证ISP不会在路由节点上监听数据，如果真的出现关键字��
�知道会有什么后果。。。

Original comment by SAPika...@gmail.com on 26 Jun 2010 at 7:19

[GoogleCodeExporter]

@SAPikachu
我能保证我们学校不存在这种监听。出学校了其实和从国外��
�来是一样的

Original comment by ayanamist on 26 Jun 2010 at 7:32

[GoogleCodeExporter]

@ayanamist
总之注意安全吧～

Original comment by SAPika...@gmail.com on 26 Jun 2010 at 8:01

[GoogleCodeExporter]

Comment 214 by SAPikachu
不好意思，这几天看球，一直没有关注这个消息
我试过第一个是合并的，不行之后又直接用的Gtap_oauth
在看了Comment 204后，我重建了一个App，用的Gtap 
0.3.3原版，还是一样，都不行
但只有Twitter for 
iPhone是这样，其它两个客户端TwitBird和Twitterrific都可以的

Original comment by caojian...@gmail.com on 1 Jul 2010 at 1:17

[GoogleCodeExporter]

我建的api在android客户端上都不能连接，倒是在电脑上可以。
求指教～

Original comment by dufa...@gmail.com on 1 Jul 2010 at 10:11

[GoogleCodeExporter]

Comment 224  by caojian.cn
-------------------------
GAE还是显示404错误么？

Original comment by SAPika...@gmail.com on 1 Jul 2010 at 11:52

[GoogleCodeExporter]

Comment 225  by dufanDF
----------------------
GAE的log里面显示什么错误？

Original comment by SAPika...@gmail.com on 1 Jul 2010 at 11:53

[GoogleCodeExporter]

Comment 226 by SAPikachu
是的，错误一样

Original comment by caojian...@gmail.com on 2 Jul 2010 at 7:17

[GoogleCodeExporter]

404的话确实奇怪。。。这几天比较忙，迟点有空再看看。对��
�，有试过svn的oauth分支么？

Original comment by SAPika...@gmail.com on 3 Jul 2010 at 11:20

[GoogleCodeExporter]

于是最近都很忙。。。基本没空弄了。。。各位试试官方版��
�，那个应该比我这个版本更方便了

Original comment by SAPika...@gmail.com on 11 Jul 2010 at 3:21

[GoogleCodeExporter]

allow的时候一直会返回allow介面是什么问题?

Original comment by xinyuxh8...@gmail.com on 20 Jul 2010 at 8:49

[GoogleCodeExporter]

确定consumer key/secret填好了么？另外callback url填了什么？

Original comment by SAPika...@gmail.com on 20 Jul 2010 at 9:33

[GoogleCodeExporter]

在电脑上访问 https://yourid.appspot.com/oauth/twitter/login
输入希望使用的twitter帐号和密码登录，然后选择Allow
没有输入api密码的地方

Original comment by beelink...@gmail.com on 21 Jul 2010 at 4:16

[GoogleCodeExporter]

出现了什么错误信息？

Original comment by SAPika...@gmail.com on 21 Jul 2010 at 5:14

[GoogleCodeExporter]

您好为什么我输入http://xxx.appspot.com/oauth/twitter/login 
（XXX已替换）后，页面显示的是这个：
Traceback (most recent call last):
  File "/base/python_runtime/python_lib/versions/1/google/appengine/ext/webapp/__init__.py", line 511, in __call__
    handler.get(*groups)
  File "/base/data/home/apps/drlihaosheng/1.343559857324239716/oauth.py", line 440, in get
    self.handle(service,action)
  File "/base/data/home/apps/drlihaosheng/1.343559857324239716/oauth.py", line 455, in handle
    self.response.out.write(getattr(client, action)())
  File "/base/data/home/apps/drlihaosheng/1.343559857324239716/oauth.py", line 227, in login
    return self.get_request_token()
  File "/base/data/home/apps/drlihaosheng/1.343559857324239716/oauth.py", line 238, in get_request_token
    self.service_info['request_token_url'], **self.request_params
  File "/base/data/home/apps/drlihaosheng/1.343559857324239716/oauth.py", line 346, in get_data_from_signed_url
    __url, __token, __meth, **extra_params
  File "/base/data/home/apps/drlihaosheng/1.343559857324239716/oauth.py", line 350, in get_signed_url
    return '%s?%s'%(__url, self.get_signed_body(__url, __token, __meth, **extra_params))
  File "/base/data/home/apps/drlihaosheng/1.343559857324239716/oauth.py", line 357, in get_signed_body
    'oauth_consumer_key': service_info['consumer_key'],
KeyError: 'consumer_key'

Original comment by dr.l...@gmail.com on 23 Jul 2010 at 5:26

[GoogleCodeExporter]

oauth_config.py改成怎么样了？

Original comment by SAPika...@gmail.com on 23 Jul 2010 at 5:42

[GoogleCodeExporter]

没有oauth_config.py啊。。。我用的是gtap-0.4

Original comment by dr.l...@gmail.com on 23 Jul 2010 at 6:00

[GoogleCodeExporter]

0.4请另开一个issue。。。那个是官方版了。。。

Original comment by SAPika...@gmail.com on 23 Jul 2010 at 6:19

[GoogleCodeExporter]

我换了个GAE....现在变成404 not found了。。

Original comment by dr.l...@gmail.com on 23 Jul 2010 at 6:22

[GoogleCodeExporter]

Traceback (most recent call last):
  File "/base/python_runtime/python_lib/versions/1/google/appengine/ext/webapp/__init__.py", line 511, in __call__
    handler.get(*groups)
  File "/base/data/home/apps/humenkeigobo/1.343562787913932973/oauth.py", line 440, in get
    self.handle(service,action)
  File "/base/data/home/apps/humenkeigobo/1.343562787913932973/oauth.py", line 455, in handle
    self.response.out.write(getattr(client, action)())
  File "/base/data/home/apps/humenkeigobo/1.343562787913932973/oauth.py", line 308, in callback
    self.service_info['access_token_url'], oauth_token
  File "/base/data/home/apps/humenkeigobo/1.343562787913932973/oauth.py", line 346, in get_data_from_signed_url
    __url, __token, __meth, **extra_params
  File "/base/python_runtime/python_lib/versions/1/google/appengine/api/urlfetch.py", line 241, in fetch
    return rpc.get_result()
  File "/base/python_runtime/python_lib/versions/1/google/appengine/api/apiproxy_stub_map.py", line 501, in get_result
    return self.__get_result_hook(self)
  File "/base/python_runtime/python_lib/versions/1/google/appengine/api/urlfetch.py", line 325, in _get_fetch_result
    raise DownloadError(str(err))
DownloadError: ApplicationError: 2 

出现这个！请问要怎么解决啊？谢谢！

Original comment by keigo...@gmail.com on 23 Jul 2010 at 8:01

[GoogleCodeExporter]

Traceback (most recent call last):
  File "/base/python_runtime/python_lib/versions/1/google/appengine/ext/webapp/__init__.py", line 511, in __call__
    handler.get(*groups)
  File "/base/data/home/apps/adamrestw/1.343563020653326797/oauth.py", line 534, in get
    self.handle(service,action)
  File "/base/data/home/apps/adamrestw/1.343563020653326797/oauth.py", line 549, in handle
    self.response.out.write(getattr(client, action)())
  File "/base/data/home/apps/adamrestw/1.343563020653326797/oauth.py", line 303, in login
    return self.get_request_token()
  File "/base/data/home/apps/adamrestw/1.343563020653326797/oauth.py", line 314, in get_request_token
    self.service_info['request_token_url'], **self.request_params
  File "/base/data/home/apps/adamrestw/1.343563020653326797/oauth.py", line 440, in get_data_from_signed_url
    __url, __token, __meth, **extra_params
  File "/base/python_runtime/python_lib/versions/1/google/appengine/api/urlfetch.py", line 241, in fetch
    return rpc.get_result()
  File "/base/python_runtime/python_lib/versions/1/google/appengine/api/apiproxy_stub_map.py", line 501, in get_result
    return self.__get_result_hook(self)
  File "/base/python_runtime/python_lib/versions/1/google/appengine/api/urlfetch.py", line 325, in _get_fetch_result
    raise DownloadError(str(err))
DownloadError: ApplicationError: 2 

奇怪。。我和樓上的兄弟一樣。都是出現這個。。

Original comment by adam...@gmail.com on 23 Jul 2010 at 8:08

[GoogleCodeExporter]

是的！就是不知道怎么解决！试了很多种办法了！

Original comment by keigo...@gmail.com on 23 Jul 2010 at 8:13

[GoogleCodeExporter]

今天GAE的api全线rp。。。要等twitter官方修复。。。

Original comment by SAPika...@gmail.com on 23 Jul 2010 at 8:37

[GoogleCodeExporter]

原来这样！看来还是要等等了！

Original comment by keigo...@gmail.com on 23 Jul 2010 at 8:42

[GoogleCodeExporter]

e 和楼上的情况一样啊 到底咋解决啊

Original comment by DarkTrav...@gmail.com on 23 Jul 2010 at 8:43

[GoogleCodeExporter]

验证 http://xxx.appspot.com/oauth/twitter/login  时好时坏，89%的Error.

而且就算连接上了，直接出现twitter的登陆界面，也没有那个D
eny&Allow的界面。

然后输入自己的twitter ID&PW，显示403 拒绝了请求。

Original comment by golife...@gmail.com on 24 Jul 2010 at 3:59

[GoogleCodeExporter]

现在访问twitter应该是没什么问题了，403错误有具体的错误信�
��么？

Original comment by SAPika...@gmail.com on 24 Jul 2010 at 10:14

[GoogleCodeExporter]

Traceback (most recent call last):
  File "GoogleAppEngineLauncher.py", line 42, in <module>
  File "wx\_core.pyc", line 7913, in __init__
  File "wx\_core.pyc", line 7487, in _BootstrapApp
  File "launcher\app.pyc", line 53, in OnInit
  File "launcher\app.pyc", line 97, in _CreateModels
  File "launcher\maintable.pyc", line 35, in __init__
  File "launcher\maintable.pyc", line 86, in _LoadProjects
  File "launcher\project.pyc", line 63, in ProjectWithConfigParser
  File "launcher\project.pyc", line 260, in _LoadFromConfigParser
  File "ConfigParser.pyc", line 520, in get
ConfigParser.NoOptionError: No option 'name' in section: '0'

我出现以上错误，可以怎么办？

Original comment by daniell....@gmail.com on 25 Jul 2010 at 12:57

[GoogleCodeExporter]

非常悲剧啊，iphone 
3G联通阉割版没有wifi，这边3G又屏蔽了vpn。twitbird只要在setting
s里面更改设置就会崩溃，echofon 和 
twitterrific都需要登录进去才能设置我又没办法登录，twitter 
for iphone又死活不认这个api，下面是错误信息：

如果用 xxx.appspot.com/  报错如下：
Error: Could not authenticate you. (XAuth migration failed - no token/secret 
handed back).

xxx.appspot.com/api/  报错如下：
Error: Could not autenticate you. (Internal server error).

xxx.appspot.com/gtap_oauth/  报错如下：
Error: Could not autenticate you. (Internal server error).

跪求解答或解决。。。

Original comment by frank.ch...@gmail.com on 4 Aug 2010 at 12:21

[GoogleCodeExporter]

呃。。。这是老问题了，如果客户端内部使用oauth就不能用这
个api

Original comment by SAPika...@gmail.com on 4 Aug 2010 at 1:21