imgur upload to authenticated api in c#
I've found a good amount of C# samples to upload images to imgur ... however they all seem to be using the anonymous API. Any thoughts from SO on whether any of these can be adapted to use the authenticated API, and/or what oAuth API should be used to do this without having to bring up a browser.
The sample I'm looking at (there are others if you search for "C# IMGUR") is here: http://api.imgur.com/examples#uploading_cs
then the API section that talks about the authenticated API says this:
To use the Authenticated API, the first thing you have to do 开发者_运维知识库is register an application and obtain your consumer key and secret. This key and secret scheme is used for the OAuth 1.0a authentication protocol.
But it's not apparent how this fits in when communicating with the API from a mobile device like WP7. In particular, the examples shown in the OAuth examples wiki for .net use the browser, and I want this application to use imgur seamlessly in the background ... ie. I registered an account for my app to upload into, so the user doesn't have to be the one who provides the authentication.
Thanks!
When you use Oauth the end user needs to have some sort of account with imgur. I just signed up and I needed to log in and choose a subdomain etc. It would appear that end users of your app would need to do the same before they can even get to the Oauth part. So far this is not very different from my other use of the APIs which require Oauth.
Once a user has an account they need to effectively get a delegated set of credentials through Oauth. This requires you to get an authorization URL, open that URL in a browser for a user to confirm that they authorize your application, and then they'll be given a verifier token to enter in the client application. Once these steps have been completed the client app should have all of the Oauth credentials required to call the API.
I think you can only avoid the browser step if you someone had possession of a user's cookies and were able to execute the HTTP requests required to retrieve and enter the verifier code.
If it is not essential, that you need to use imgur
, then I recommend you try yfrog
.
Example
Sorry that I have no time to cook up C# an example, but here is PHP one: ( source link )
<?php
/**
* This example demonstrates how to use OAuth credentials of your application to upload data to yfrog
* Usage: upload-to-yfrog-example.php <FILENAME-TO-UPLOAD>
*/
// TODO: PUT YOUR KEYS HERE
// your app's OAuth consumer & secret
define('OAUTH_CONSUMER_KEY', '');
define('OAUTH_CONSUMER_SECRET', '');
// your app user's token and secret, when twitter user granted access to your app
define('OAUTH_TOKEN_KEY', '');
define('OAUTH_TOKEN_SECRET', '');
// END OF TODO
// you can grab required file here:
// http://github.com/abraham/twitteroauth
require_once('OAuth.php');
// instantiating OAuth customer
$consumer = new OAuthConsumer(OAUTH_CONSUMER_KEY, OAUTH_CONSUMER_SECRET);
// instantiating signer
$sha1_method = new OAuthSignatureMethod_HMAC_SHA1();
// user's token
$token = new OAuthConsumer(OAUTH_TOKEN_KEY, OAUTH_TOKEN_SECRET);
// signing URL
$url = 'https://twitter.com/account/verify_credentials.xml';
$request = OAuthRequest::from_consumer_and_token($consumer, $token, 'GET', $url, array());
$request->sign_request($sha1_method, $consumer, $token);
$url = $request->to_url();
// OK, URL is signed, we can pass it to yfrog API
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://yfrog.com/api/upload');
$post = array
(
'username' => 'yfrogtests', // twitter's username
'verify_url' => $url, // signed URL
'media' => '@' . $argv[1], // filename
'auth' => 'oauth', // auth=oauth is mandatory to use verify_url method
'message' => 'see it live on yfrog' // message to be sent, will not be posted to twitter
);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
$response = curl_exec($ch);
curl_close ($ch);
echo $response;
// see http://twitter.com/yfrogtests
?>
Edit:
The normal flow dictates that applications send request tokens to oauth/authorize in Twitter's implementation of the OAuth Specification.
How long does an access token last?
We do not currently expire access tokens. Your access token will be invalid if a user explicitly rejects your application from their settings or if a Twitter admin suspends your application. If your application is suspended there will be a note on your application page saying that it has been suspended.
Source: http://dev.twitter.com/doc
You need to have the access token and to get that, user needs to first have approve your application - there is no way around that.
Besides, number of (write) accesses your application can have on 1 account is limited by ~300 a day. So unless your program is designed to work for 1-3 persons, you will be hitting that limit. My conclusion is : User needs to be the one who provides the authentication.
精彩评论