search

codeminders / imageshackapi

Automatically exported from code.google.com/p/imageshackapi
0 stars 0 forks source link

Proposal to add OAuth to picpost API #5

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
I'd like to propose a way to support OAuth in picpost API calls, e.g. on 
yfrog.com and img.ly, however for this to work the site itself has to 
support OAuth (so twitpic has to start OAuth support for this to work)

(this idea started as a reply to my question to the img.ly guys about 
this, so it is worded as a reply)

I have looked a bit further into the problem and I think that chaining 
OAuth is not necessary to support using the API with OAuth. 

For this to work, you will have to exchange the password for the API call 
with an oauth_access_token that the user has previously created by logging 
into twitter (assume that the parameter is called oauth when the user 
wants to use OAuth and password when he wants to use a password).
The API web server has the respective secret so that it can access twitter 
with the oauth protocol and the access token by itself is useless on any 
other site that doesn't know the secrets.  

This will even work for third party apps that register their own 
application with twitter, however this requires the consumer key secret to 
be stored on your server as well, otherwise you cannot create a signed 
request to twitter. 

I have written a sample application as a POC, if anybody is interested, I 
can put it up on google code.

Original issue reported on code.google.com by alexl...@gmail.com on 15 Sep 2009 at 11:50

GoogleCodeExporter commented 9 years ago 
sorry, that is not a defect, rather a feature request

Original comment by alexl...@gmail.com on 15 Sep 2009 at 11:51

GoogleCodeExporter commented 9 years ago 
PLEASEEEEEEE do this. User's will not give us a password just to post a picture.

Original comment by JacobTho...@gmail.com on 19 Dec 2009 at 7:44

GoogleCodeExporter commented 9 years ago 
http://code.google.com/p/imageshackapi/wiki/TwitterAuthentication

Original comment by fab...@fabian-kreiser.com on 4 Mar 2010 at 5:32

GoogleCodeExporter commented 9 years ago 
Can you please implement oAuth Echo instead of passing attributes, most of the 
other clients are implementing 
this so I'll be dropping yFrog support unless I can use a single library for 
all of my providers

Original comment by rhyland on 22 May 2010 at 11:05

GoogleCodeExporter commented 9 years ago 
Please keep us updated on how OAuth Echo Support is going.

Original comment by fab...@fabian-kreiser.com on 24 May 2010 at 10:15

GoogleCodeExporter commented 9 years ago 
this request is obsolete by the support for oauth echo in twitter

Original comment by alexl...@gmail.com on 14 Jul 2010 at 8:01