I am doing a project for which I need a fairly small number of random Twitter users (about 20 for now) with a near-identical number of followers (within 45000 - 55000 for example). I brushed up on my Python, got Twython set up, and did some test runs and successfully queried the Twitter API for the list of a users followers and such.
Then I tried to just randomly search for users. I thought that I would just search for users where (q = " "), loop through them, and stop upon reaching my goal of 20 unique users.
However, I came across an error saying "Twitter API returned a 403 (Forbidden), Tour credentials do not allow access to this resource." When looking around for the issue, it appears that it has to do with the Authentication not having a user-context.
Below is my sample code to tell if I am pulling names, but I have a few questions:
What is the difference (in Twitter's context) in Oauth 1 and 2?
for someone not looking to develop an app but rather just pull some data, why would I need a user-context? I am not posting anything on anyone's behalf!
How do I go about fixing the issue (or is there a better way of doing this)?
Thanks!
from twython import Twython
APP_KEY = 'redacted'
APP_SECRET = 'redacted'
twitter = Twython(APP_KEY, APP_SECRET, oauth_version=2)
ACCESS_TOKEN = twitter.obtain_access_token()
twitter = Twython(APP_KEY,access_token=ACCESS_TOKEN)
print "hello twitterQuery\n"
search = twitter.search_users(q=' ')
for user in search['ids']:
print twitter.show_user(user_id=user)['screen_name']
print "\ndone"
I can't really answer everything you have asked, but I'll try here:-
In OAuth1 in twitter, access codes were for a lifetime, i.e., would never expire. In OAuth2, there are refresh codes, that are used for new access codes, after previous ones expire. There are many other differences, but this is what really stuck out to me in a Twitter context. You could look at these links to get more details.
How is OAuth 2 different from OAuth 1?
http://hueniverse.com/2010/05/introducing-oauth-2-0/
http://net.tutsplus.com/tutorials/oauth-2-0-the-good-the-bad-the-ugly/
This, I guess, is just Twitter trying to be more secure. I cannot think of any other reason for this.
I don't know about a solution, but maybe as a workaround, you could try and gather users from the followers list of some popular account, like Twitter's official account. You will get a wide range of users to choose from. Just retrieve the list and choose random users from it.
Related
I need to get a list of all friends' names and birthdates from facebook to make a program to automatically send out birthday messages, but even after going through the facepy, and facebook documentation I couldn't find anything up to date that works.This is the closest i have gotten, this returns the amount of friends I have.
from facepy import GraphAPI
graph = GraphAPI('user_token')
query = graph.get("me")['name'] # user's name
print(query)
friend_count = graph.get("me/friends")['summary']['total_count'] # user's friend count
print(friend_count)
Getting all friends is not possible anymore, since many years. You can only get friends who authorized your App too, and they need to authorize with the correct permission.
Automatically sending messages would not be possible anyway for other reasons too, there is no API to automatically send messages from user to user, for example.
I found it
GET
https://graph.facebook.com/v13.0/me?fields=friends%7Bbirthday%7D&access_token=
it doesn't get information when in "self" mode
I'm trying to create a very simple Facebook app (using the Python SDK) that does nothing more than post to its own page. The eventual app will make one post per day, and that's all it will do. (Please note that I am a novice programmer, and this is in part a learning exercise for me.)
My initial test code looks like this, and it successfully posts to the page:
import facebook
token = 'XXXXX'
graph = facebook.GraphAPI(access_token = token,
version = "2.1")
graph.put_object(parent_object='me',
connection_name='feed',
message='Test post to page')
The catch is that it only works if I plug in a value for token that is a valid page access token. For testing, I can get one from the Graph API Explorer, but obviously I'd like my app to be able to get one each time it runs, using its own credentials (e.g. app ID and app secret).
I have been searching for a way to do this with the Python SDK, but I have had no luck finding out how, in part because most apps are much more complicated (involving user logins and so forth). I don't see Is there a simple way to do this, or is the problem more complicated than I think it is?
There is no way to auto-generate a Page Token, but you can use an Extended Page Token - it is valid forever.
More information:
https://developers.facebook.com/docs/facebook-login/access-tokens/expiration-and-extension
http://www.devils-heaven.com/facebook-access-tokens/
Token debugger: https://developers.facebook.com/tools/debug/accesstoken/
I’ve seen a couple examples of this ( Storing auth tokens in a cookie )already; but I’d like to understand the reason for doing this.I think this would create more problems because you have to specifically remember to delete the cookie after you’re finished. For my specific example ; I am dealing with Instagram via the API
Thank you for any and all help
I`m not sure exactly what you're asking for. You need to know how to store the token? However, then is no need to remember to delete a cookie, just set an expiration date.
Regarding the API, you will need a valid token everytime you do a request to API, so don`t delete it, otherwise you will need to re-authenticate everytime.
Note: For Instagram Business Accounts you need to use Facebook API.
https://developers.facebook.com/docs/instagram-api/v2.10
I want to search through public playlists and get the tracks. So far I have code which can get the names of the playlists but not the tracks:
import spotipy
import sys
sp = spotipy.Spotify()
if len(sys.argv) > 1:
artist_name = ' '.join(sys.argv[1:])
results = sp.search(q=artist_name, limit=20, type='playlist')
for i, t in enumerate(results['playlists']['items']):
print(i,' ', t['name'])
This will print a list of the first 20 public playlists names given the search condition. What I want is to also print the tracks in each playlist! I thought this would be simple, but after searching it seems like the only way is to via authentication, which I do not want. These tracks are public, so why would I need to authenticate to list the tracks?! There are two reasons I think this. 1) if I add (in the loop):
print t['tracks']
the request response says "This request requires authentication". Additionally, I found this example on the spotipy documentation which is exactly what I want, but only for authenticated users. https://github.com/plamere/spotipy/blob/dd021c4087981b583ef0f2b276cd43bbc6fd429f/examples/user_playlists_contents.py
So, is there any way to view the tracks without authenticating as the owner of that playlist? Opening the desktop Spotify app can quickly show anyone that public playlist tracks are completely searchable and viewable so it must be possible.
I apologize if this is an extremely specific question -- but I'm not sure where else to ask seeing as this is my first time with this API or with an API like this at all. I have done quite a bit of research on this topic and now have resigned to asking for help.
This is a typical OAuth confusion. There are potentially three parties involved here.
Your application (that tiny little python snippet above)
Spotify Web API
A Spotify user
If your app wanted to find and delete a Spotify user's playlists that begin with X, the Spotify Web API would demand that your app first nicely ask the user for permission to do that. Feels natural...
In this scenario, your app Playlist X Deleter first has to authenticate to prove that it actually is Playlist X Deleter. The user then needs to authenticate with Spotify to prove that it actually is the user the Playlist X Deleter wanted to delete playlists for. Then, the user who we now know who it is needs to authorize Playlist X Deleter that we now know who it is to delete playlists.
So, you have an app that authenticates and a user who authenticates.
For information that is public, there is no obvious reason why a user needs to authenticate. There is also no obvious reason why an app needs to authenticate. However, Spotify has decided that the app must authenticate to get public playlist information. Maybe so it can disable bad users who spiders too much playlist data or otherwise abuse the api.
In this case, since there are no private playlists involved, and only read rights, no user needs to authorize anything. In the OAuth world, this is called client credentials flow https://www.rfc-editor.org/rfc/rfc6749#section-4.4
Go to the developer console and create an application to get a client_id and client_secret:
https://developer.spotify.com/my-applications/#!/applications/create
Then follow:
https://developer.spotify.com/web-api/authorization-guide/#client_credentials_flow
or in your case, supply the client_id and client_secret to spotipy through the SpotifyClientCredentials
doc: http://spotipy.readthedocs.io/en/latest/#spotipy.oauth2.SpotifyClientCredentials
example snippet (that doesn't fill in anything though): https://github.com/plamere/spotipy/blob/master/examples/client_credentials_flow.py
We're using GAE Python and allow users to login using their existing Google accounts. The login code is straightforward:
def _require_login(self, target_url="/"):
if not self.user_bundle.user:
return self.redirect(
self.user_bundle.create_login_url(target_url),
abort=True
)
This creates a redirect to Google for the user to login, then upon successful login gets sent back to wherever they were originally trying to navigate.
The problem seems to be that if a user has more than a certain number of Google / GApps accounts logged in simultaneously (we're guessing 3 or more I can successfully reproduce it once I hit 5 accounts), they get an "Error 414" from Google:
My brief search on the error states that the URL is too long, since it's a GET request. Just about all of the advice states to use POST instead. The problem is, we're using Google's built-in create_login_url method, which, as far as I can tell, doesn't provide a way to specify POST instead of GET.
How can we fix this?
According to the Google Cloud Platform's Twitter account:
Unfortunately, only current fix is to logout of some accounts. >4 accounts logged in makes the URL too long (> 2048 bytes).
So now we're going to either make a pre-login page where it tells the user to log out of enough user accounts to meet the maximum number, or find an external library that allows us to let users log in without having to work around the limit.