Python – 2 legged OAuth Woes
While I have been programming with Python I have found the following intricacies with the OAuth 2-legged approach, in regards to using web based APIs (all the examples are in Python & refer to the Vimeo API).
Note I don’t believe this is well documented, and have at times found the following confusing:
- When using Web based APIs, one does not need to be concerned about the concept of ‘tokens’ if you are using a 2-legged OAuth approach (even though alot of sites proclaim that one should always be requesting for tokens, and even the python OAuth APIs that exist in github.com don’t really indicate that one does not need tokens). This basically means you do not need a token if you are doing a HTTP ‘GET’ request (depending which web based API you are using).
- When using 2-legged OAuth (or 3-legged for that matter), you must indicate all the parameters that are going to be sent using the HTTP ‘GET’ request (equally this should apply for ‘POST’ requests as well) before you generate a ’signature method’.
- As of OAuth Standard 1.0a I believe there is a slightly broken nature in how OAuth is used and believe it is actually a flaw in the OAuth protocol, which I discovered by accident. When using a 2-legged approach (refer to example below), this method will ‘intermittently’ work, when I first tested this (using the vimeo API), it actually worked for the 1st iteration, but failed consecutively for 3 iterations before working again and then intermittently after that:
I originally thought it was a bug on the web API provider’s end, but it turned out to be a bug on how I perform the OAuth signing request. Basically, the bug was that I was signing the request before setting/applying the web API methods/parameter values I wanted (which obviously changed the hash of the signing request method). However, I believe that because it does not require a token, you can ‘brute force’ it to intermittently work if you call it enough times (possibly because the hash code for the request signature matches once in a while).
However, with a bit of help from using the php example provided by vimeo for their OAuth API, I figured out that one had to encode the parameters before signing the request:
consumer = oauth.OAuthConsumer(VIMEO_API_KEY, VIMEO_API_SEC)
oauth_request = oauth.OAuthRequest.from_consumer_and_token(consumer, http_url=VIMEO_API_URL)
oauth_request.set_parameter(‘format’, ‘json’)
oauth_request.set_parameter(‘method’, ‘vimeo.videos.getByTag’)
oauth_request.set_parameter(‘tag’, tagname)
oauth_request.sign_request(oauth.OAuthSignatureMethod_HMAC_SHA1() , consumer, None)
http_request = ‘http://vimeo.com/api/v2?’ + str(oauth_request.to_postdata())
Note: you could manually identify each OAuth required parameter without using the method: ‘from_consumer_and_token()’ but I found it easier to use it to save some code space (though I think the name is somewhat counterintuitive) as a non-token http url needs to be specified and is used for 2-legged OAuth.
iPhone 3.0 GM Seed Installation
I have found a problem with building in XCode after installing the SDK for the iPhone 3.0 GM Seed on top of the iPhone 3.0 Beta 5 release. When doing a build: Command + Enter, for a project built for iPhone 3.0 Beta 5, an error message pops up that indicates the developer certificate has been added, modified or deleted.
Solution: You have to go back to the target, and then toggle the Code Signing Identity->Any iPhone OS Device to iPhone Developer.
This might be because I had XCode running while doing the installation of the GM Seed and had to use the ‘kill’ terminal command.
Adding icon to iPhone springboard
Adding an icon is pretty easy. Make sure the picture is saved as a *.png.
Drag’n drop this into XCode, underneath your project, under the section/folder Resources.
You will be prompted if you want to copy the file or use the path. Copying is better as the picture will reside with the project. All you have to do then is build’n run.
iPhone 3.0 Beta Environment Setup
This is my first foray into iPhone development (especially with using iPhone beta firmware). This was slightly more challenging, as it required the use of a Beta OS, than rather a released iPhone OS firmware.
Firstly, you will need to enroll into the iPhone dev. This will require an Apple ID.
From my experience it was easier to enroll as a single developer than rather as a company/business (as it required less documentation) and the turnaround time was 1-2 days (this included acceptance of payment for developing).
Please checkout: http://developer.apple.com/iphone for further information
Follow the instructions as per the website above.
Generally, the process is the following:
- Download SDK, OS Firmware and iTunes images (these should be in format *.dmg)
- Install the software as usual (the OS Beta Firmware is a little different – read next point)
- When installing a beta version of the iPhone OS (eg. iPhone 3.0 Beta 5) in iTunes you have to hold the ‘Option’ key and then left mouse click on ‘Restore’. The restore button is located under ‘Devices’ ->your iPhone name->Summary->Version section. I found this counter intuitive and not well documented. This will open a dialog box for you to select your iPhone OS Firmware. Navigate and select the beta OS. Remember this will wipe out all the Apps on the iPhone but will not actually wipe anything else off (as long as you did a backup).
- Click on the ‘iPhone Developer Program Portal’ on the right hand pane. (This took me forever to find!)
- Follow the process of creating a team name, developer certificate, App ID and Provision certificates. Note the developer certificate and provision certificate are most important and have to be installed on both the KeyChain and in XCode Organizer, respectively.
- In XCode, for the respective applications, make sure the Target information is correct. That is:
- Base SDK = iPhone Device 3.0
- Code Signing Identity=iPhone <name> (this is the developer certificate name on the Key Chain).
- Identifier=com.domainname.AppName
When running XCode I had a simple ‘hello world’ app that . However, I ran into a few issues.
Error: XCode would not build the app as the Identifier: com.domain.AppName was incorrect or could not be recognised.
Fix: The fix was the Provisioning certificate was only dragged into the Provisioning section of the Devices->iPhone Name in XCode Organizer. However, this was NOT the only place to put the provisioning certificate, you also had to drag’n'drop it into IPHONE DEVELOPMENT->Provisioning Profiles as well!
Error: XCode and A signed resource has been added, modified, or deleted.
Fix: “*If you do not have the WWDR intermediate certificate installed, click here to download now.”
The above link basically downloads the following: AppleWWDRCA.cer (Apple World Wide Relations Certificate Authority). This means that you need two certificates installed on your Mac OS X keychain in order to build the application. Therefore, your keychain should have the following 2 certificates:
- iPhone Developer: <name> (this is the one you were told to generate and download via the iPhone portal)
- Apple Worldwide Developer Relations Certification Authority
Issue: XCode cannot find the software image to install this version.
This error can be seen when navigating to the IPHONE DEVELOPMENT->Software Images section as there is no 3.0 Beta version. This does not stop the app to be installed and run, but the ‘Console’ reports of ‘Unknown Kernel [0]‘ messages.
Fix: Unknown. The iPhone firmware images are placed at /Users/<username>/Library/iTunes/iPhone Software Updates. Note the firmware has an extension of: *.ipsw. Therefore, open the file iPhone OS 3.0 Beta .dmg and then copy the .ipsw file into the directory mentioned. This DOES NOT remove the message ‘Unknown Kernel [0]‘ but it appears to be just a notice message <Debug> and is not an actual error.
Website Name Change
Finally, I have had time & success in changing the domain name to debounce.org
Didn’t take much work. All it really required was buying 10 credits ($10USD) and changing the domain nameservers via my domain host provider. Sweet!
I will be conducting some restructuring of the site to ’synergise’ my social networks so that it can be accessed from the one location.
There will be a section on photography, with my first DSLR (Canon 1000D) takin centre stage, with the help of flickr, and the forays of a geek trying to get better at taking shots.
A section will be dedicated to iPhone dev and the angst and pros of developing on the platform (esp. with the upcoming iPhone 3.0)
Also, this site will try to be the one-stop shop for tech events or trends happening in Sydney (and possibly around the world!)
Hello world from the iphone
Trying out wordpress iPhone app.
It seems to be quite intuitive thought it lacks certain features.
