开发者

Twitter Turning off Basic Auth - is OAuth overkill for some tasks?

Accord开发者_运维技巧ing to Twitter docs, basic auth is being turned off this month.

I can see the benefit of OAuth when your service accepts third party user twitter login/id's, but for a simple twitter bot that simply post to a single bot twitter account, does OAuth seem like overkill?

In the case of the latter, what's the least resource-expendful PHP way to get OAuth to auth for the simple purpose of posting to twitter.


I agree with you OAuth is an overkill and this is the wrong use case for OAuth. OAuth is designed to authorize third-party so its flow is complicated. However, Basic Auth is indeed insecure and there is not way you can revoke the access without changing password.

OAuth is not designed for bot, it requires user action. It's just too much trouble to simulate the whole flow in the server code. You can simply use examples here,

http://github.com/abraham/twitteroauth

Once you get the access token and token secret, save them in your bot. At posting time, simply include the token and sign your request.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜