[Seaside] Re: Fwd: OAuth/Twitter demo in Squeak
andreas.raab at gmx.de
Fri Aug 13 16:31:08 UTC 2010
On 8/13/2010 8:21 AM, Miguel Enrique Cobá Martínez wrote:
> El jue, 12-08-2010 a las 21:01 -0700, Andreas Raab escribió:
>> [Oops, accidentally sent to seaside-*dev*; apologies for the noise]
>> -------- Original Message --------
>> Hi -
>> I was playing with OAuth authentication and in the process decided to
>> test it against Twitter and since it's kind of fun, I thought I'd share
>> it with the rest of the world. You can run the (very simple) demo here:
>> All it does is after you log in via Twitter it shows you the account
>> info that Twitter shares with the app and allows you to tweet a little.
>> The OAuth part itself is now integrated in WebClient's suite of auth
>> methods and the little Twitter demo is available in
>> http://www.squeaksource.com/ar.html and can be installed via
>> (Installer ss project: 'ar')
>> install: 'Twitter-Squeak'.
> Cool, thanks for the work, this would permit to connect to facebook to
> (Facebook Connect).
> This opens a lot of opportunities for seaside apps. :)
Facebook is *much* easier in comparison since it doesn't use OAuth's
obscure signature scheme and instead uses SSL. See
"OAuth 2.0 is a simpler version of OAuth that leverages SSL for API
communication instead of relying on complex URL signature schemes and
token exchanges. At a high level, using OAuth 2.0 entails getting an
access token for a Facebook user via a redirect to Facebook. After you
obtain the access token for a user, you can perform authorized requests
on behalf of that use by including the access token in your Graph API
>> Since I found OAuth to be a pretty major PITA I hope that this example
>> will prove helpful for people who have to deal with this stuff.
>> Lastly, a Seaside question that came up in the above: Part of the OAuth
>> process requires passing a specific callback url to the remote site
>> (which is the url the user gets redirected to after authentication was
>> successful). Since I couldn't figure out how to obtain the url
>> otherwise, I've been stashing it away in a rendering method (since
>> there's access to the rendering context's callback store) like here:
>> renderLoginPageOn: html
>> "Set up the callback url for Twitter to return to"
>> callback := WAActionCallback on: [self twitterCallback].
>> url := html actionUrl copy addField: (html callbacks store: callback).
>> "We need the host and the scheme here; the scheme is guesswork"
>> urlString := 'http://', host, '/', url asString.
>> oauthParams at: 'oauth_callback' put: urlString encodeForHTTP.
>> and then later the callback is passed to Twitter and the user sent back
>> to the app. This works, but I'm wondering if that's the right thing to
>> do, and if not, how one would set up and register such a callback url
>> outside of rendering.
> just use urlForAction method:
> html hiddenInput name: 'cancel_return'; value: (html urlForAction:
> [ self subscribeCanceled ]) ].
>> - Andreas
>> seaside mailing list
>> seaside at lists.squeakfoundation.org
More information about the seaside