[squeak-dev] OAuth/Twitter demo in Squeak

Frank Shearar frank.shearar at angband.za.org
Fri Aug 13 11:04:37 UTC 2010 

On 2010/08/13 05:50, Andreas Raab wrote:
> Hi -
>
> I was playing with OAuth authentication and in the process decided to
> test it against Twitter and since it's kind of fun, I thought I'd share
> it with the rest of the world. You can run the (very simple) demo here:
>
> http://ardemo.seasidehosting.st/seaside/twitter
>
> All it does is after you log in via Twitter it shows you the account
> info that Twitter shares with the app and allows you to tweet a little.
>
> The OAuth part itself is now integrated in WebClient's suite of auth
> methods and the little Twitter demo is available in
> http://www.squeaksource.com/ar.html and can be installed via
>
> (Installer ss project: 'ar')
> install: 'Twitter-Squeak'.
>
> Since I found OAuth to be a pretty major PITA I hope that this example
> will prove helpful for people who have to deal with this stuff.
>
> Lastly, a Seaside question that came up in the above: Part of the OAuth
> process requires passing a specific callback url to the remote site
> (which is the url the user gets redirected to after authentication was
> successful). Since I couldn't figure out how to obtain the url
> otherwise, I've been stashing it away in a rendering method (since
> there's access to the rendering context's callback store) like here:
>
> renderLoginPageOn: html
>
> "Set up the callback url for Twitter to return to"
> callback := WAActionCallback on: [self twitterCallback].
> url := html actionUrl copy addField: (html callbacks store: callback).
>
> "We need the host and the scheme here; the scheme is guesswork"
> urlString := 'http://', host, '/', url asString.
> oauthParams at: 'oauth_callback' put: urlString encodeForHTTP.
>
> and then later the callback is passed to Twitter and the user sent back
> to the app. This works, but I'm wondering if that's the right thing to
> do, and if not, how one would set up and register such a callback url
> outside of rendering.

James Robertson has been working on OAuth lately too, and also saying 
it's a PITA. Maybe there's some common ground/useful ideas between the 
two implementations.

frank

More information about the Squeak-dev mailing list