Twitter API更改和客户端JavaScript
[英]Twitter API changes and client-side javascript
问题描述
I have a browser extension (google chrome) that fetches and displays some public tweets, based on user input. 
我有一个浏览器扩展程序(google chrome),它可以根据用户输入来获取并显示一些公共推文。
I've been using the Search API just fine, but according to the API changes , I have to migrate to API v1.1 where authenticated requests via oauth is required. 我一直在使用Search API ,但是根据API的更改 ,我必须迁移到API v1.1,在此需要通过oauth进行身份验证的请求。
I have no previous experience with oauth, but it seems like a bad idea to implement it in pure client-side javascript, as the consumer key/secret will be exposed. 我以前没有使用oauth的经验,但是用纯客户端javascript来实现它似乎是一个坏主意,因为消费者密钥/秘密将被公开。
If I implement the authentication via a browser npapi/ppapi plugin, will it provide the needed security ? 如果我通过浏览器npapi / ppapi插件实现身份验证,它将提供所需的安全性吗? or does this mean that I have to dump this project and simply move on ? 还是这意味着我不得不放弃这个项目并继续前进?
Thanks. 谢谢。
1 个解决方案
解决方案1
0 2013-04-26 13:54:08
You need to obtain an access token so that you can read data on behalf of your users. 您需要获取访问令牌,以便您可以代表用户读取数据。 This involves implementing Twitter's 3-legged auth, which is very similar to implementing Twitter sign in (which thankfully is well documented). 这涉及到实现Twitter的3足身份验证,这与实现Twitter登录(非常幸运的是有据可查)非常相似。
The link below will take you to Twitter's overview of the differences between the two approaches to authenticating. 下面的链接将带您进入Twitter两种身份验证方法之间的区别概述。 From there you can get to the code samples that you'll need to implement this securely yourself. 从那里可以找到自己安全地实现此功能所需的代码示例。
https://dev.twitter.com/docs/auth/3-legged-authorization https://dev.twitter.com/docs/auth/3-legged-authorization
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.