Disqus - Latest Comments for onyxraven

Re: LUNCHTIME POLL: What’s Your Favorite Twitter Photo Sharing Service?

onyxraven — Fri, 06 Nov 2009 17:09:15 -0000

Twitgoo!

Re: Innovating outside the 140 (Scripting News)

onyxraven — Wed, 21 Oct 2009 10:08:04 -0000

Twitter can't keep their site up passing around 140 chars at a time, I have a feeling deep payloads are out of their grasp at this point. I think if you're going to try to plant your flag on a twitter-based 'fork' solution, there is a lot of opportunity to make more seamless solution - really, Twitgoo, Twitpic, even the url shortners, etc, are partway there - giving a unique identifier to something that could be that resource fork. Its just a matter of filling out those APIs and getting apps on board to connect the pieces. Currently, the experience even degrades well for apps that dont fully hook up the pieces, its just a link. Its more like the POSIX toolchain instead of the Windows registry.

Re: Why Flickr should do Realtime RSS (Scripting News)

dave — Fri, 02 Oct 2009 10:24:31 -0000

We may have some people with ideas how to manage the scaling issues.

Anything we can do to help -- getting Photobucket on board would be amazing.

Dave

Re: Why Flickr should do Realtime RSS (Scripting News)

onyxraven — Fri, 02 Oct 2009 10:20:51 -0000

I've been wanting to do this for Photobucket for a while - its a scaling issue for us, but we've got a few things in the pipes that may make it easier.

Re: Posting to twitpic and posterous? (Scripting News)

onyxraven — Sat, 02 May 2009 11:00:45 -0000

You can use Twitgoo with the same API as Twitpic/posterous, etc. Its a great extra alternative!

Re: I get ideas when I ski (Scripting News)

onyxraven — Wed, 25 Mar 2009 16:24:08 -0000

I've taken to recording my thoughts when skiing or taking a drive over 30 minutes somewhere. My brain seems to quickly go into ideamode, though I tend to forget them once i'm done with my activity.

Re: tinyarro.ws (Scripting News)

onyxraven — Thu, 12 Mar 2009 15:05:39 -0000

Its fun because you can pick a neat looking icon. I've had 3 people already complain that my url was 'mangled' though - either because their app didnt support the code, or when they copy-pasted, or 'copy link''d the thing, they didnt recognize it at all..

so fun toy, but confusing to users who arent on i18n standards supporting software.

Re: Another day banging my head against OAuth (Scripting News)

onyxraven — Sat, 14 Feb 2009 17:47:12 -0000

Photobucket? :-)

An 'ok' reference version of an OAuth client is the javascript library on the oauth.net code site, though it doesnt do the base64 '= append' which OAuth expects. I like to say that my php library is too - and gives good debug just by inspecting the core PBAPI object (Linked it in a previous post).

I dont have an OAuth key from twitter to test my library against, though. :-(

Re: OAuth hail mary quick code clinic and plea for help (Scripting News)

onyxraven — Thu, 12 Feb 2009 15:57:13 -0000

Thats one of those 'debatable' parameters - like Photobucket's API doesnt need it, but some expect it.

Re: OAuth hail mary quick code clinic and plea for help (Scripting News)

onyxraven — Thu, 12 Feb 2009 14:58:46 -0000

:-) thanks. let me know if you need any other help - twitter me at @onyxraven

Re: OAuth hail mary quick code clinic and plea for help (Scripting News)

dave — Thu, 12 Feb 2009 14:30:28 -0000

I'm often willing to "lend out" my blog to solving similar problems to these. If you make a case like the one I made here, I'll pass it on to my readers if I understand what's being asked of them.

Re: OAuth hail mary quick code clinic and plea for help (Scripting News)

dave — Thu, 12 Feb 2009 14:13:39 -0000

Thanks for the help Justin, I'm going through your concerns one by one.

1. In UserTalk, which is the language I'm coding in, variable names are not case sensitive, For the purposes of generating the signature, I used the exact same case as the spec for each of the names, so if it is case-sensitive (I believe it is), my code matches. Examples: oauth_nonce, oauth_consumer_key, oauth_signature_method. But this was definitely worth considering.

2. The parameters must be sorted by name, and they are. I could have sorted them by value, but the spec clearly says they must be sorted by name. So it seems this is not a problem either, but it was worth considering.

3. I think you got me here -- pretty sure I made this mistake.

GET&http%3A%2F%2Fterm.ie%2Foauth%2Fexample%2Frequest_token.php&oauth_consumer_key=key&oauth_nonce=zGncB5sjZ6&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1234382231&oauth_version=1.0

See the ampersands and equals -- they should be encoded, right? Hah! We got one. I will make this fix shortly.

4. I do encode the signature, per the Huevuniverse walk-through. Otherwise there would be binary characters in there. Here's the relevant code: string.urlencode (base64.encode (hmac (s, key), 255))

I'll report back shortly and thanks again!!

Re: OAuth hail mary quick code clinic and plea for help (Scripting News)

AndrewBurton — Thu, 12 Feb 2009 13:29:58 -0000

I knew about those, and have studied them trying to figure out OAuth. My PHP implementation is just an attempt to understand how it works, so I can implement in VB.NET, Perl, wherever in the future if I need. That said, toot away. The OAuth library with the Photobucket code is pretty tight code.

Re: OAuth hail mary quick code clinic and plea for help (Scripting News)

onyxraven — Thu, 12 Feb 2009 12:29:18 -0000

I hate to toot my own horn, but, well, I'll do it anyway.

http://code.google.com/p/photobucket-api-php5/ - the OAuth package there is independent, and tries to follow the standard relatively well. I've not done a huge amount of testing against other OAuth endpoints, but it seems to be doing all the right things. I'd love to see if it has problems against something other than Photobucket.

http://code.google.com/p/oauth-php/ is a community version of an OAuth client.

Re: OAuth hail mary quick code clinic and plea for help (Scripting News)

onyxraven — Thu, 12 Feb 2009 12:23:11 -0000

UX is an implementation issue - and yeah, there are some holes - but at some point you have to trust the givens - its just at what level do you do that? OAuth sort of starts to provide that gateway of trust where you are trying to make sure your user knows where they're signing in.

Also, for mobile devices, take a look at how Netflix is doing their device authorizations. That's OAuth at work. Chris Messina, et all, of the OAuth community are trying to work up better UX guidelines. Its still a 'young' standard.

Re: OAuth hail mary quick code clinic and plea for help (Scripting News)

onyxraven — Thu, 12 Feb 2009 12:19:29 -0000

Heh, a nice side effect of having a popular blog, you can get help when you need it! I'll write something on my blog, and its one reader wont respond.

Re: OAuth hail mary quick code clinic and plea for help (Scripting News)

dave — Thu, 12 Feb 2009 12:14:22 -0000

Those are all issues, I'm sure case does matter in the name of the variable
name, where it doesn't likely matter in the request itself it certainly does
in computing the signature.

I'll make all these changes and let you know how it goes -- and THANKS!!

Yesterday I wrote about making money with the blog, this is another way of
making money, by saving time and stress, and people like helpinng others, at
least readers of this blog do.

Re: OAuth hail mary quick code clinic and plea for help (Scripting News)

onyxraven — Thu, 12 Feb 2009 12:04:35 -0000

(btw, I did obfuscate my consumer key in the above - if you need a full sbs/request with working signature, I can send it privately.)

Re: OAuth hail mary quick code clinic and plea for help (Scripting News)

onyxraven — Thu, 12 Feb 2009 12:02:09 -0000

Yeah - the OAuth system was based on many of the Flickr design things, then generalized.

The language is somewhat unfamilliar to me, but I'll try here.

- does case matter for variable names (consumerkey in getrequest token)?
- all parameters in the SBS (base string) need to be in ascii-alphabetic order by key
- the entire params part of the SBS is urlencoded
- depending on the httpclient library, you may need to pre-encode the oauth_signature part of the request (make sure + is still +, not space)
Example SBS against Photobucket's API: (you can get a key at http://developer.photobucket.com)

SBS: GET&http%3A%2F%2Fapi.photobucket.com%2Fping&format%3Dxml%26oauth_consumer_key%3D12345678%26oauth_nonce%3D14916831e029b262eefcf293142314aa%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1234457923%26oauth_version%3D1.0

Request URL: http://api.photobucket.com/ping?format=xml&oaut...

Re: Measuring Feedburner's latency (Scripting News)

onyxraven — Thu, 08 Jan 2009 17:50:01 -0000

Ok - blame me for not RTFA and noticing you posted the links to the feeds. ;-)

Re: Measuring Feedburner's latency (Scripting News)

dave — Thu, 08 Jan 2009 16:48:23 -0000

Yes, I'm changing the guid every time. You don't have to take my word for it
you can check it yourself, just compare the two feeds, the original and
their version. You'll see the guids are always different.

Re: Measuring Feedburner's latency (Scripting News)

onyxraven — Thu, 08 Jan 2009 16:29:46 -0000

Dave, are you updating the guid, or just touching the same guid post over and over? my guess is that they promote new guids faster than refreshing the content of the same guid

Re: Bootstrapping thumbnails for photo apps (Scripting News)

onyxraven — Mon, 29 Dec 2008 16:08:26 -0000

err... realized obviously I just added extra attributes there... so some other format would need done, but you see what I intended.

Re: Bootstrapping thumbnails for photo apps (Scripting News)

onyxraven — Mon, 29 Dec 2008 15:55:45 -0000

This is great - is there anything like this in the microformats set yet? If not, make sure it gets added.

So, the opposite should be available too: in an <img> tag, one should be able to say something like 'thumbs:thumbof src="http://example.org/myfile.jpg" thumbs:fulltype="image/jpeg" thumbs:fullwidth="1024" thumbs:fullheight="768"' - so a proper parser could come along and be able to get the full version for you if you choose (rightclick context menu, for example)