search

twitter / twurl

OAuth-enabled curl for the Twitter API
https://developer.twitter.com
MIT License
1.8k stars 301 forks source link

Add v2 API examples in README? #181

Open cmdcolin opened 2 years ago

cmdcolin commented 2 years ago

I was just trying to use the examples in the README but they appeared to need an elevated access

" twurl -d 'status=Testing twurl' /1.1/statuses/update.json

{"errors":[{"message":"You currently have Essential access which includes access to Twitter API v2 endpoints only. If you need access to this endpoint, you’ll need to apply for Elevated access via the Developer Portal. You can learn more here: https://developer.twitter.com/en/docs/twitter-api/getting-started/about-twitter-api#v2-access-leve","code":453}]}"

I could try to apply for this but having v2 API examples available may be useful

manzt commented 2 years ago

Yes, just ran into this with https://github.com/manzt/cron-tweet...

Not sure if twurl supports the authentication that v2 requires.

cmdcolin commented 2 years ago

I am not very knowledgeable about authentication but I wrote a short article writing a nodejs twitter client that posts tweets (with media). interestingly the media upload is a v1 api and the posting is a v2 api, they said they are working on a v2 media upload api on their forums but it is fine to mix and match them in this case). I did not have to apply for any elevated access to twitter using this approach!

short article here https://cmdcolin.github.io/posts/2022-08-26-twitterbot

manzt commented 2 years ago

Thanks for sharing. I also wrote something in deno today which seems to work for the v2 endpoint: https://gist.github.com/manzt/d6cbf7f901a6e7b68c145d3820fbed7b

manzt commented 2 years ago

Ok I figured it out!

twurl /2/tweets \
    --data '{"text": "Testing twurl"}' \
    --header 'Content-Type: application/json' \
    --consumer-key $TWITTER_API_KEY \
    --consumer-secret $TWITTER_API_SECRET \
    --access-token $TWITTER_ACCESS_TOKEN \
    --token-secret $TWITTER_ACCESS_TOKEN_SECRET

You need the content-type header in this syntax to avoid twurl url-form-encoding the data by default (like for v1.1 APIs).

andypiper commented 2 years ago

Legacy OAuth 1.0A authentication continues to work with twurl for now, and so it will work for the v2 endpoints that can support authentication without granular scopes. For now, that does include the v2 Tweet create endpoint.

At the moment, twurl does not support OAuth 2 user authentication (with PKCE) and there is nobody actively working on adding this. This means that you cannot use twurl with (for example) the new Bookmarks endpoints, as these require specific OAuth 2.0 scopes that provide access to bookmarks data.

Over time, I would expect OAuth 1.0A to be phased out, and we prefer OAuth 2.0 for new apps (although at the current time unfortunately, the media upload functionality still uses the legacy flow).

I appreciate that this is not an ideal situation at the moment!

If anyone would like to fork twurl to work on the new authentication scheme, feel free to do so; otherwise I anticipate that it will gradually be sunset over time as v2 comes to the fore.

manzt commented 2 years ago

Thanks for the clarification! I'm afraid I'm not knowledgeable enough about authentication to take this on at the moment.

lukepighetti commented 2 years ago

@andypiper is there an alternative to twurl which can be used with the v2 api? If not, the Twitch CLI is good inspiration for what I'm hoping to find

ElfQrin commented 1 year ago

twurl /2/tweets --data '{"text": "Testing twurl"}' --header 'Content-Type: application/json' --consumer-key $TWITTER_API_KEY --consumer-secret $TWITTER_API_SECRET --access-token $TWITTER_ACCESS_TOKEN --token-secret $TWITTER_ACCESS_TOKEN_SECRET

returns

You must authorize first.

If I add the bearer token

twurl /2/tweets --data '{"text": "Testing twurl"}' --header 'Content-Type: application/json' --consumer-key $TWITTER_API_KEY --consumer-secret $TWITTER_API_SECRET --access-token $TWITTER_ACCESS_TOKEN --token-secret $TWITTER_ACCESS_TOKEN_SECRET --bearer $TWITTER_ACCESS_BEARER

returns

/var/lib/gems/3.1.0/gems/twurl-0.9.7/lib/twurl/oauth_client.rb:81:in load_client_for_non_profile_app_only_auth': undefined methodto_hash' for nil:NilClass (NoMethodError)

        'bearer_token' => rcfile.bearer_tokens.to_hash[options.consumer_key]
                                              ^^^^^^^^
    from /var/lib/gems/3.1.0/gems/twurl-0.9.7/lib/twurl/oauth_client.rb:15:in `load_from_options'
    from /var/lib/gems/3.1.0/gems/twurl-0.9.7/lib/twurl/cli.rb:23:in `dispatch'
    from /var/lib/gems/3.1.0/gems/twurl-0.9.7/lib/twurl/cli.rb:19:in `run'
    from /var/lib/gems/3.1.0/gems/twurl-0.9.7/bin/twurl:4:in `<top (required)>'
    from /usr/local/bin/twurl:25:in `load'
    from /usr/local/bin/twurl:25:in `<main>'