3

I'm trying to get a website to connect to LinkedIn, I know I have to use OAuth tokens to connect to it, and I have seen the examples on the LinkedIn developer site, however, they all use the OAuth2 library and the site that I'm working with uses the rauth library, which seems to skip a few of the steps. It already has Twitter integrated, so I'll include the code below in case anyone doesn't quite understand what I mean.

twitter.py:

import json

from django.http import HttpResponse
from django.conf import settings
from rauth.service import OAuth1Service

def twitter(request, username):
    twitter = OAuth1Service(
    name='twitter',
    consumer_key=settings.TWITTER_CONSUMER_KEY,
    consumer_secret=settings.TWITTER_CONSUMER_SECRET,
    request_token_url=settings.TWITTER_API_URL + 'oauth/request_token',
    access_token_url=settings.TWITTER_API_URL + 'oauth/access_token',
    authorize_url=settings.TWITTER_API_URL + 'oauth/authorize',
    header_auth=True)

url = '{0}1/statuses/user_timeline.json?include_rts=false' \
    '&exclude_replies=true&count=50&screen_name={1}'.format(
        settings.TWITTER_API_URL, username)

r = twitter.request('GET', url, access_token=settings.TWITTER_USER_KEY,
                    access_token_secret=settings.TWITTER_USER_SECRET)

return HttpResponse(content=json.dumps(r.response.json),
                    status=r.response.status_code,
                    content_type=r.response.headers['content-type'])

Since it isn't commented, I think it's makes a request to the url which returns the user's timeline when sent, but how come there's no request token creation OR access token creation? It has the TWITTER_USER_KEY and TWITTER_USER_SECRET, but the rauth documentation says you should call explicit methods to get the tokens. What am I missing here?

EDIT: I'd quite like to just use the rauth library, and not meddle around with other libraries too.

maxcountryman
  • 1,562
  • 1
  • 24
  • 51
Hassan Khan
  • 766
  • 3
  • 9
  • 21

1 Answers1

3
r = twitter.request('GET', url, access_token=settings.TWITTER_USER_KEY,
                access_token_secret=settings.TWITTER_USER_SECRET)

The function twitter creates an OAuth1Service and returns the object. The above code requests the users timeline and it seems that the access tokens and secrets are present in the settings object. It could be that the authentication routine for obtaining the access token and secrets is elsewhere.

A typical example of the usage of the library (taken directly from the rauth documentation http://packages.python.org/rauth/)

service = OAuth1Service(
           name='example',
           consumer_key='123',
           consumer_secret='456',
           request_token_url='http://example.com/request_token',
           access_token_url='http://example.com/access_token',
           authorize_url='http://example.com/authorize')

request_token, request_token_secret = service.get_request_token()
authorize_url = service.get_authorize_url(request_token)

The authorize URL is passed to the browser so that it will redirect the user to the oAuth provider's website and he can grant permission for the application and thereafter redirected to the client and the below request can be sent to obtain the access token using which requests to fetch data can be made.

response = service.get_access_token(method='GET'
                             request_token=request_token,
                             request_token_secret=request_token_secret)
request_token, request_token_secret = service.get_request_token()

Happy coding :)

Ifthikhan
  • 1,484
  • 10
  • 14
  • 1
    Excellent answer! I would also point out that in newer versions of rauth you are expected to manually pass in whatever parameters the provider is expecting, e.g. `oauth_callback`. Previously we handled this for you, but because providers vary and there are different authentication flows, we leave this up to the client now. – maxcountryman Mar 28 '13 at 21:38