Wiederverwenden von OAuth1-Autorisierungstoken mit Berechtigung
Ich habe die folgende Implementierung von atwitter Client mitrauth (OAuth1), basierend auftwitter-timeline-cli.py Drehbuch in derrauth Beispiele:
from rauth.service import OAuth1Service
class TwitterClient:
KNOWN_USERS = {
'user1' : ("xxx", "yyy", "2342354"), # These should be real tokens
}
def __init__(self):
# Get a real consumer key & secret from https://dev.twitter.com/apps/new
self.twitter = OAuth1Service(
name='twitter',
consumer_key=TWITTER_CONSUMER_KEY,
consumer_secret=TWITTER_CONSUMER_SECRET,
request_token_url='https://api.twitter.com/oauth/request_token',
access_token_url='https://api.twitter.com/oauth/access_token',
authorize_url='https://api.twitter.com/oauth/authorize',
base_url='https://api.twitter.com/1/')
def authorize(self):
request_token, request_token_secret = self.twitter.get_request_token()
authorize_url = self.twitter.get_authorize_url(request_token)
print 'Visit this URL in your browser: ' + authorize_url
pin = raw_input('Enter PIN from browser: ')
return request_token, request_token_secret, pin
def init_session(self, user):
if user in self.KNOWN_USERS :
request_token, request_token_secret, pin = self.KNOWN_USERS[user]
else:
request_token, request_token_secret, pin = self.authorize()
session = self.twitter.get_auth_session(request_token,
request_token_secret,
method='POST',
data={'oauth_verifier': pin})
return session
def list_tweets(self, user):
session = self.init_session(user)
params = {'include_rts': 1, # Include retweets
'count': 10} # 10 tweets
r = session.get('statuses/home_timeline.json', params=params)
for i, tweet in enumerate(r.json(), 1):
handle = tweet['user']['screen_name'].encode('utf-8')
text = tweet['text'].encode('utf-8')
print '{0}. @{1} - {2}'.format(i, handle, text)
tc = TwitterClient()
tc.list_tweets('user1')
Die Idee ist, dass, wenn der Benutzer nicht bekannt ist, er aufgefordert wird, die Anwendung zu autorisieren. Wenn der Benutzer diese Anwendung hingegen bereits autorisiert hat, sollten die Autorisierungstoken (request_token, request_token_secret, pin) erneut verwendet werden (normalerweise befinden sich die Token in einer Datenbank; sie sind vorerst in der Datenbank fest codiert Skript)
Das funktioniert aber nicht:
Traceback (most recent call last):
File "my-twitter-timeline-cli.py", line 56, in <module>
tc.list_tweets('user1')
File "my-twitter-timeline-cli.py", line 43, in list_tweets
session = self.init_session(user)
File "my-twitter-timeline-cli.py", line 39, in init_session
data={'oauth_verifier': pin})
File ".../lib/python2.7/site-packages/rauth/service.py", line 326, in get_auth_session
**kwargs)
File ".../lib/python2.7/site-packages/rauth/service.py", line 299, in get_access_token
process_token_request(r, decoder, key_token, key_token_secret)
File ".../lib/python2.7/site-packages/rauth/service.py", line 25, in process_token_request
raise KeyError(PROCESS_TOKEN_ERROR.format(key=bad_key, raw=r.content))
KeyError: 'Decoder failed to handle oauth_token with data as returned by provider. A different decoder may be needed. Provider returned: <?xml version="1.0" encoding="UTF-8"?>\n<hash>\n <error>Invalid / expired Token</error>\n <request>/oauth/access_token</request>\n</hash>\n'
Ist es möglich, wiederzuverwendenOAuth1 Autorisierungs-Token?