|
You may or may not be aware that Twitter have
stopped third party applications from using Basic Authentication.
For those who are not quite clear on the mechanics of authentication, when using Basic Authentication you (or your program) send a Username and Password with each request.
The use of Basic Authentication raises a number of concerns;
Without going into too much depth, the OAuth process is as follows;
This process, quite understandably, can be very intimidating to developers who are not familiar with it. Before we look further into using OAuth to post to Twitter from a BASH script, let's break down what each token actually does;
Now that we know what each token does, how do we go about using OAuth in a BASH script? You'll notice that Step 4 requires the user to be directed to Twitter's authentication page, so how do we do that from a shell? We could use a text based browser such as lynx but that would inconvenience our users. So we won't redirect them to Twitter's page, we'll simply ask them to go there when the need arises. However, as the Tokens used are long and complex, it would be unrealistic to expect the user to manually enter these into the system. The OAuth specification does, however, cater for this eventuality with a slightly modified process for these 'Out of Band (oob)' requests. Steps 1 - 3 and 10 - 11 in the above process remain the same. Steps 4 - 9 are as follows;
You'll be pleased to know that we don't need to invent the wheel. An OAuth module has already been written in BASH, the author has even created a Twitter specific library and a CLI made them all available for free under a BSD License. The only slight drawback is that they are written to work as an installed application, in this article we are more interested in using the scripts as modules. This has the advantage that we can distribute the Twitter code with our application (rather than requiring the user to install the code as a dependancy). The disadvantages of using the scripts in this way are;
So let's write a simple BASH script to post information to Twitter.
We now have a very simple script that will count all files in the Temp Directory, delete any that aren't directories, and report to the SysAdmin any files that couldn't be deleted. However, we're not quite ready to add it to our crontab just yet! We need to configure and modify mod_Twitter to work in the way we want. Note: If you downloaded my tarball of ready modded files, you only need to follow step J.
We've now edited the modules to behave in the way we need. There is one last thing that we need to do before the script will work. You'll recall that in Stages 4 - 7 of the OAuth process, the user is asked to authenticate and allow access to the application. The script we've written isn't able to do this for us (as that would require storing their username and password - negating the point of OAuth). We only need to authenticate in this way once per account that we wish to post to (in this example - one). So complete the following steps.
The application should now be able to tweet without requiring the user to enter their credentials, a PIN or anything else. The user can manage which applications are authorised from their Twitter settings, and our application will continue to work even if the users password changes. If you want to be doubly sure that the system is able to tweet, run the following command from within the mod_Twitter directory;
As intimidating as OAuth may have seemed when we started, we've managed to write a simple script that uses OAuth to authenticate without user intervention. Our script will only fail to authenticate if either the user, or Twitter themselves, revoke its authorisation. Although using Twitter as a remote log is an unusual use of the service, the creating this script should hopefully have equipped you with the knowledge necessary to write more complex scripts. Whether it's a script for your website, a custom Twitter interface, or even a logging system, you should now have the resources you need to allow you to properly utilise OAuth. For your reference, you can download a copy of the script we have just written here. |
|
|||||||||||||||
This page contains a Benscomputer.no-ip.org Premium Article and is copyright Ben Tasker. No reproduction, distribution or adaption is permitted without express written authorisation being given in advance. If you would like to use this article, please use the Article Use option of the Contact Me form to request permission (please ensure you include contact details). |
||
All Images operate under a seperate license Please read this page for more information. The Full Image License can be read here |
|