Wednesday, December 23, 2009

Desktop OAuth/Python Question

This post is slightly more tech-heavy than most of my recent posts. If that's not your thing, feel free to move on now.

[Update 20091223: NEVERMIND. I got it sorted. The url you re-direct a user to with OAuth doesn't need extra OAuth headers. So you really could just use webbrowser.open(). My bad.]

Suppose I want to interact with the twitter API via some python code running on my personal computer. Suppose, for grins, that instead of using the Basic Authentication I'd rather try OAuth (even though it's all running locally...). Part of the flow of OAuth authentication is that my script is supposed to direct the user to an address at twitter (oauth/authorize), with some OAuth specification headers in the HTTP request for that address (I hope I'm saying things within a few shades of correctly). Well, python provides the webbrowser module which should open up a url in the users browser of choice. And it does, pretty easily (based on my 1-test sample). The problem is that for the OAuth dealings, I'm supposed to pass additional HTTP headers, and I can't figure out how to do that with the webbrowser module. I tried creating a Request object, from the urllib2 module. If I were just making a url request using this library, I could make the Request object, with the extra headers, and things would go fine. But the webbrowser.open() method seems to want its url parameter to be a string, not a Request object.

So... how am I supposed to do this? Or am I not supposed to do this?

Am I supposed to use some other existing python based browser? How is the user supposed to feel like I'm not still in the middle of the authentication process? I mean, if my script displays a webpage using some graphical widget, and waits for the user's input, then I could just be grabbing their username and password while they log in to twitter, no? The point of having the user go to twitter and get a pin is that the user then tells me that pin. I don't put myself in the middle and grab the pin (or their username/password) somehow.

Does any of this make sense? Can somebody point me at a solution? Existing code that solves this problem?

1 comment:

sumidiot said...

Followup: It seems like there are python libraries for interacting with twitter, like tweepy, that will handle all but the crucial step of sending the user to the right place to get a pin from twitter. Unless I just haven't looked at the code enough or something...