Twitter API Retirement

[keab42]

On March 5th Twitter will retire the v1 API endpoint.

Are there plans to update jTweetsAnywhere to use the 1.1 endpoint?

[tbillenstein]

Yes there are, although I'm not yet sure how the solution will look like ...

[Defmoves]

That's good news, it'll be great to see jTweets live on!

[caschbre]

We've implemented a Drupal module for an upcoming project with the hopes of pushing twitter lists client side, however it sounds like that may not be feasible with the api changes.

@tbillenstein Any thoughts yet on what an approach might look like so we can start planning (and possibly help) on the solution?

[aqlong]

+1 for updates!

[badlydrawnrob]

Currently only option I've seen is a separate PHP script for Oauth and parsing JSON. I'd imagine it'd have to be server side as well as using jQuery:

• http://wordpress.org/extend/plugins/oauth-twitter-feed-for-developers/
• http://css.dzone.com/articles/using-new-twitter-api-v11
• http://www.webdevdoor.com/php/authenticating-twitter-feed-timeline-oauth/

Makes what was a simple implementation a royal pain in the arse.

[samtempledev]

Today it stopped working, any news on the updates?

[Nessworthy]

The main concern about this (and other full JS client side twitter apps) is security. Essentially, you now have to pass a token which is generated using an application. The token allows anyone with it to be able to use it for requests, so when you're sending out a request using JSONP to twitter, it is fairly easy to get this access token. The only exception is if you're making requests on behalf of a user, which gets a bit more complex and is a lot more secure.

If someone grabs your bearer token, they can spam queries until it gets your app blacklisted.

Given, you can deauth the token, but a safer route is to drop client <-> twitter calls and instead go via. client <-> server <-> twitter.

You can send an AJAX request to a server side script which will make the call, keeping your token safe. It will then return the data and allow the app to parse the feed.

In relation to JTA, to continue through the 1.1 api safely, there should be server side support added. Either that or request from twitter to add URL auth checks for apps.

Sources: Testing, https://dev.twitter.com/docs/auth/application-only-auth https://dev.twitter.com/docs/rate-limiting/1.1

[resarahman]

this is no longer working again since api v.1 retired. any plan to release the fixes ?

[rippo]

Are there any workarounds to get a quick fix? or is this something we need to drop?

[gasatrya]

Need the update too :)

[Nessworthy]

@rippo There can be a quick but unsafe update without using SS scripting by generating an access token for a twitter app and modifying the AJAX request to pass the authentication headers along with the request.

That said, each area of the script will need to be looked at to change the version1 urls to version1.1. So even a 'quick' update will take some time to implement.

[kambanwait]

I'm happy to have a look but just got to figure out the new api call we need to make ... Will update when I get a chance

K.S.Banwait Creative Developer www.scriptedpixels.co.uk Sent from my iPhone

On 13 Jun 2013, at 11:01, "M.Satrya" notifications@github.com wrote:

Need the update too :)

— Reply to this email directly or view it on GitHub.

[tbillenstein]

June 13th, 2013

jTweetsAnywhere stopped working since Twitter moved from API Version 1.0 to 1.1 and now turned off V1.0.

Due to personal reasons I was not able to work on my projects for the last 5 months. Therefor I couldn't update the plugin in time nor answer all your emails and requests. I really apologize for this.

I will try to supply a new release within the next weeks.

Since Twitter now requires applications to authenticate ALL requests with OAuth 1.0a or Application-only authentication the next version of jTweetsAnywhere will consist of the well-known client-side (updated) JavaScript and a server-side component (written in PHP). That means for all users of the plugin that you have to update the client-side script and supply the PHP script on your server.

Thanks for your understanding, Thomas

[rippo]

Thanks for update, good luck. I do have a work around as I have code elsewhere (I use C#), thanks for your effort over the last few years. Wish you luck

[tbillenstein]

How does that workaround look like? Is it JS only, without make your Twitter application secrets public???

[rippo]

nah I developed some server code in C# using LinqToTwitter on another project. Ripping code into my the project that used JTweets now. Downside is all my users will need to reauthorise, but hey ho

[tbillenstein]

Ah, ok.

[resarahman]

@tbillenstein - I've success integrate oAuth server side and the js script. and got the response sucessfull. However the response doesn't append into html template. You know on which line of the code (method/function) that indicate json response append to the html jtweet body. it's keep loading.. right now. would be nice if you can point me to that function/method. If I success with it, I'm gonna fork this repo and show you my version.