在潜望镜API Twitter的登录POST请求 [英] Twitter login POST request in Periscope API
问题描述
我想使用潜望镜API( https://github.com/在我的应用gabrielg / periscope_api / BLOB /主/ API.md )。正如API链接,我想发送POST请求 https://开头api.periscope.tv/api/v2/loginTwitter?build=v1.0.2
与请求正文如下
I am trying to use Periscope API (https://github.com/gabrielg/periscope_api/blob/master/API.md) in my application. As in the API link I am trying to send POST request to https://api.periscope.tv/api/v2/loginTwitter?build=v1.0.2 with request body as following
{
"bundle_id": "com.bountylabs.periscope",
"phone_number": "",
"session_key": "<twitter_user_oauth_key>",
"session_secret": "<twitter_user_oauth_secret>",
"user_id": "<twitter_user_id>",
"user_name": "<twitter_user_name>",
"vendor_id": "81EA8A9B-2950-40CD-9365-40535404DDE4"
}
我已经在 https://apps.twitter.com/ 但我不知道的twitter_user_oauth_key和twitter_user_oauth_secret使用什么。你能帮忙吗?
I already have an application in https://apps.twitter.com/ but I don't know what to use as twitter_user_oauth_key and twitter_user_oauth_secret. Can you help?
推荐答案
我必须说 https://开头github上。 COM / gabrielg / periscope_api / 实施是一个有点复杂。作者采用2套钥匙(IOS_ *和* PERISCOPE_)当你真正需要的只有一个访问API。我没试过播出,但在我的PHP库中的所有其他功能,无需麻烦的工作,只有他叫PERISCOPE_ *组键。
I must say https://github.com/gabrielg/periscope_api/ implementation is a bit complicated. Author using 2 sets of keys (IOS_* and PERISCOPE_*) when you actually need only one to access API. I didn't tried to broadcast but in my PHP library all other functions works without troubles with only what he call PERISCOPE_* set of keys.
您将获得访问它的潜望镜申请后获得 session_secret
和 session_key可以
从Twitter。
You will get session_secret
and session_key
from Twitter after getting access to it as Periscope application.
所以,通过Twitter的过程潜望镜的登录看起来像
So Periscope's login via Twitter process looks like
- https://api.twitter.com/oauth/request_token <请求的OAuth令牌/ LI>
- 重定向用户 https://api.twitter.com/oauth/authorize ?组oauth_token = [组oauth_token]
- 等待用户登录并获得
组oauth_token
和oauth_verifier
从重定向URL - 获取
组oauth_token
,oauth_token_secret
,USER_ID
和<通过请求code> USER_NAME 来的https:/ /api.twitter.com/oauth/access_token?oauth_verifier=[oauth_verifier]
- Request OAuth token via https://api.twitter.com/oauth/request_token
- Redirect user to https://api.twitter.com/oauth/authorize?oauth_token=[oauth_token]
- Wait for user login and get
oauth_token
andoauth_verifier
from redirect url - Get
oauth_token
,oauth_token_secret
,user_id
anduser_name
via request to https://api.twitter.com/oauth/access_token?oauth_verifier=[oauth_verifier] Send request to https://api.periscope.tv/api/v2/loginTwitter
{
"bundle_id": "com.bountylabs.periscope",
"phone_number": "",
"session_key": "oauth_token",
"session_secret": "oauth_token_secret",
"user_id": "user_id",
"user_name": "user_name",
"vendor_id": "81EA8A9B-2950-40CD-9365-40535404DDE4"
}
从去年的响应饼干
值,并将其添加到所有JSON API调用为某种身份验证令牌的。
cookie
value from last response and add it to all JSON API calls as some kind of authentication token.在1和4的步骤要求应适当授权
头签字要求潜望镜应用程序的 CONSUMER_KEY
和 CONSUMER_SECRET
。而 CONSUMER_KEY
可在第一步右嗅(如果你能绕过证书钉扎) CONSUMER_SECRET
永远不会离开你的设备你不能用简单的流量拦截得到它。
Requests in 1 and 4 steps should be signed with proper Authorization
header which requires Periscope application's consumer_key
and consumer_secret
. While consumer_key
can be sniffed right in first step (if you are able to bypass certificate pinning) consumer_secret
never leaves your device and you can't get it with simple traffic interception.
有是登录过程中的PHP例子 https://gist.github.com/bearburger/b4d1a058c4f85b75fa83一>
There is PHP example of login process https://gist.github.com/bearburger/b4d1a058c4f85b75fa83
这篇关于在潜望镜API Twitter的登录POST请求的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!