Opened at 2011-03-16T16:14:58Z
Closed at 2012-03-12T23:52:33Z
#768 closed defect (fixed)
identi.ca now supports oauth, but oauth token has twitter token url?
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | BitlBee | Version: | 3.0.1 |
| Keywords: | identi.ca oauth | Cc: | |
| IRC client+version: | irssi | Operating System: | Linux |
| OS version/distro: |
Description
Enable oauth for working identi.ca account: account # off account # set oauth true account # on go to url that is msg'd to you (on twitter?) get pin, response to msg with pin account # off Account # on oauth authentication fails and no oauth is reigstered on identi.ca
Attachments (0)
Change History (9)
comment:1 Changed at 2011-03-17T13:50:17Z by
comment:2 Changed at 2011-03-26T17:00:05Z by
Got a link for identi.ca OAuth details? API URLs, getting API keys, etc?
comment:3 Changed at 2011-03-26T18:54:47Z by
Well, the link for setting up an oauth app is here: http://identi.ca/settings/oauthapps/new
http://identi.ca/settings/oauthapps gives a particular user's list of registered oauth apps.
The api root for identi.ca is http://identi.ca/api other StatusNet sites can be figured out using API discovery: http://status.net/wiki/API_discovery
The StatusNet discussion of oauth API support is here: http://status.net/wiki/Twitter-compatible_API#OAuth_resources
comment:4 Changed at 2011-03-26T19:05:55Z by
Looking at protocols/twitter/twitter.c I'd say this is getting close (not sure if the keys made sense, so I blanked them out, since it's likely the app would have to be registered).
static const struct oauth_service identi_ca_oauth = {
"http://identi.ca/api/oauth/request_token", "http://identi.ca/api/oauth/access_token", "https://identi.ca/api/oauth/authorize", .consumer_key = "", .consumer_secret = "",
};
Of course, identi.ca is not the only StatusNet service...
comment:5 Changed at 2011-03-26T20:32:54Z by
I requested API keys/etc and added the right URLs + glue code but am getting "invalid signature" complaints. Can't really see what I'm doing differently and know this code does work with Twitter. I'm a bit out of guesses on what could be the problem here now.. :-(
comment:6 Changed at 2011-03-27T14:08:26Z by
I give up on this for now. bti (OAuth-enabled twitter/identica client) can log in, BitlBee can't. But if I use an access token from bti in BitlBee it logs me in and everything works.
ac 7 set password oauth_token=<token>&oauth_token_secret=<secret>
I guess I'll submit what I have now at least. Every operation works perfectly except converting the PIN into access credentials. The same code works for everything in Twitter. I don't know where the bug is or if it's even in BitlBee. I don't use identi.ca myself so I hope someone else who cares more about this can take a look.
comment:8 Changed at 2011-12-21T19:47:23Z by
changeset:xmpp-oauth,828 should fix this. Looks like Twitter's OAuth implementation accepts two (or maybe even more?) signatures to deal with buggy clients and thanks to that I never discovered BitlBee's OAuth implementation was in fact buggy.
I can't test this against identi.ca now, but this fix made http://term.ie/oauth/example/ accept my signature. If someone here could test this against identi.ca once they're up again and report here, that'd be great.
comment:9 Changed at 2012-03-12T23:52:33Z by
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
3.0.5 fixes this. Just make sure you use "Account add identica", not a twitter acct with changed base_url setting.
The reason for this is that in protocols/twitter/twitter.c the urls for oauth are hardcoded into the (static const) struct twitter_oauth
Instead, for indenti.ca, and other StatusNet-derived services which use the Twitter protocol, these URLs should be settable parameters.