[z_archive/twitter.git] / twitter / oauth.py

"""
Visit the Twitter developer page and create a new application:

    https://dev.twitter.com/apps/new

This will get you a CONSUMER_KEY and CONSUMER_SECRET.

When users run your application they have to authenticate your app
with their Twitter account. A few HTTP calls to twitter are required
to do this. Please see the twitter.oauth_dance module to see how this
is done. If you are making a command-line app, you can use the
oauth_dance() function directly.

Performing the "oauth dance" gets you an ouath token and oauth secret
that authenticate the user with Twitter. You should save these for
later so that the user doesn't have to do the oauth dance again.

read_token_file and write_token_file are utility methods to read and
write OAuth token and secret key values. The values are stored as
strings in the file. Not terribly exciting.

Finally, you can use the OAuth authenticator to connect to Twitter. In
code it all goes like this::

    from twitter import *

    MY_TWITTER_CREDS = os.path.expanduser('~/.my_app_credentials')
    if not os.path.exists(MY_TWITTER_CREDS):
        oauth_dance("My App Name", CONSUMER_KEY, CONSUMER_SECRET,
                    MY_TWITTER_CREDS)

    oauth_token, oauth_secret = read_token_file(MY_TWITTER_CREDS)

    twitter = Twitter(auth=OAuth(
        oauth_token, oauth_token_secret, CONSUMER_KEY, CONSUMER_SECRET))

    # Now work with Twitter
    twitter.statuses.update(status='Hello, world!')

"""

from __future__ import print_function

from time import time
from random import getrandbits

try:
    import urllib.parse as urllib_parse
    from urllib.parse import urlencode
    PY3 = True
except ImportError:
    import urllib2 as urllib_parse
    from urllib import urlencode
    PY3 = False

import hashlib
import hmac
import base64

from .auth import Auth


def write_token_file(filename, oauth_token, oauth_token_secret):
    """
    Write a token file to hold the oauth token and oauth token secret.
    """
    oauth_file = open(filename, 'w')
    print(oauth_token, file=oauth_file)
    print(oauth_token_secret, file=oauth_file)
    oauth_file.close()

def read_token_file(filename):
    """
    Read a token file and return the oauth token and oauth token secret.
    """
    f = open(filename)
    return f.readline().strip(), f.readline().strip()


class OAuth(Auth):
    """
    An OAuth authenticator.
    """
    def __init__(self, token, token_secret, consumer_key, consumer_secret):
        """
        Create the authenticator. If you are in the initial stages of
        the OAuth dance and don't yet have a token or token_secret,
        pass empty strings for these params.
        """
        self.token = token
        self.token_secret = token_secret
        self.consumer_key = consumer_key
        self.consumer_secret = consumer_secret

    def encode_params(self, base_url, method, params):
        params = params.copy()

        if self.token:
            params['oauth_token'] = self.token

        params['oauth_consumer_key'] = self.consumer_key
        params['oauth_signature_method'] = 'HMAC-SHA1'
        params['oauth_version'] = '1.0'
        params['oauth_timestamp'] = str(int(time()))
        params['oauth_nonce'] = str(getrandbits(64))

        enc_params = urlencode_noplus(sorted(params.items()))

        key = self.consumer_secret + "&" + urllib_parse.quote(self.token_secret, safe='~')

        message = '&'.join(
            urllib_parse.quote(i, safe='~') for i in [method.upper(), base_url, enc_params])

        signature = (base64.b64encode(hmac.new(
                    key.encode('ascii'), message.encode('ascii'), hashlib.sha1)
                                      .digest()))
        return enc_params + "&" + "oauth_signature=" + urllib_parse.quote(signature, safe='~')

    def generate_headers(self):
        return {}

# apparently contrary to the HTTP RFCs, spaces in arguments must be encoded as
# %20 rather than '+' when constructing an OAuth signature (and therefore
# also in the request itself.)
# So here is a specialized version which does exactly that.
# In Python2, since there is no safe option for urlencode, we force it by hand
def urlencode_noplus(query):
    if not PY3:
        new_query = []
        TILDE = '____TILDE-PYTHON-TWITTER____'
        for k,v in query:
            if type(k) is unicode: k = k.encode('utf-8')
            k = str(k).replace("~", TILDE)
            if type(v) is unicode: v = v.encode('utf-8')
            v = str(v).replace("~", TILDE)
            new_query.append((k, v))
        query = new_query
        return urlencode(query).replace(TILDE, "~").replace("+", "%20")

    return urlencode(query, safe='~').replace("+", "%20")
Commit	Line	Data
a6a7f763 MV	1	"""
	2	Visit the Twitter developer page and create a new application:
	3
	4	https://dev.twitter.com/apps/new
	5
	6	This will get you a CONSUMER_KEY and CONSUMER_SECRET.
	7
	8	When users run your application they have to authenticate your app
	9	with their Twitter account. A few HTTP calls to twitter are required
	10	to do this. Please see the twitter.oauth_dance module to see how this
	11	is done. If you are making a command-line app, you can use the
	12	oauth_dance() function directly.
	13
	14	Performing the "oauth dance" gets you an ouath token and oauth secret
	15	that authenticate the user with Twitter. You should save these for
	16	later so that the user doesn't have to do the oauth dance again.
	17
	18	read_token_file and write_token_file are utility methods to read and
	19	write OAuth token and secret key values. The values are stored as
	20	strings in the file. Not terribly exciting.
	21
	22	Finally, you can use the OAuth authenticator to connect to Twitter. In
	23	code it all goes like this::
3930cc7b	24
d4f3123e MV	25	from twitter import *
d4f3123e MV	26
a6a7f763 MV	27	MY_TWITTER_CREDS = os.path.expanduser('~/.my_app_credentials')
	28	if not os.path.exists(MY_TWITTER_CREDS):
	29	oauth_dance("My App Name", CONSUMER_KEY, CONSUMER_SECRET,
	30	MY_TWITTER_CREDS)
	31
	32	oauth_token, oauth_secret = read_token_file(MY_TWITTER_CREDS)
	33
	34	twitter = Twitter(auth=OAuth(
	35	oauth_token, oauth_token_secret, CONSUMER_KEY, CONSUMER_SECRET))
	36
	37	# Now work with Twitter
9319fd3a	38	twitter.statuses.update(status='Hello, world!')
a6a7f763 MV	39
	40	"""
	41
	42	from __future__ import print_function
568331a9 MH	43
	44	from time import time
	45	from random import getrandbits
3930cc7b MV	46
	47	try:
	48	import urllib.parse as urllib_parse
aeabd5b8	49	from urllib.parse import urlencode
aeabd5b8	50	PY3 = True
3930cc7b MV	51	except ImportError:
3930cc7b MV	52	import urllib2 as urllib_parse
aeabd5b8	53	from urllib import urlencode
aeabd5b8	54	PY3 = False
3930cc7b	55
568331a9 MH	56	import hashlib
568331a9 MH	57	import hmac
a2855195	58	import base64
568331a9	59
a6a7f763	60	from .auth import Auth
3930cc7b MV	61
3930cc7b MV	62
1b31d642	63	def write_token_file(filename, oauth_token, oauth_token_secret):
d828f28d MV	64	"""
	65	Write a token file to hold the oauth token and oauth token secret.
	66	"""
1b31d642	67	oauth_file = open(filename, 'w')
f7e63802 MV	68	print(oauth_token, file=oauth_file)
f7e63802 MV	69	print(oauth_token_secret, file=oauth_file)
1b31d642 MV	70	oauth_file.close()
	71
	72	def read_token_file(filename):
d828f28d MV	73	"""
	74	Read a token file and return the oauth token and oauth token secret.
	75	"""
1b31d642 MV	76	f = open(filename)
	77	return f.readline().strip(), f.readline().strip()
	78
	79
568331a9	80	class OAuth(Auth):
1cc9ab0b MV	81	"""
	82	An OAuth authenticator.
	83	"""
568331a9	84	def __init__(self, token, token_secret, consumer_key, consumer_secret):
1cc9ab0b MV	85	"""
	86	Create the authenticator. If you are in the initial stages of
	87	the OAuth dance and don't yet have a token or token_secret,
	88	pass empty strings for these params.
	89	"""
568331a9 MH	90	self.token = token
	91	self.token_secret = token_secret
	92	self.consumer_key = consumer_key
	93	self.consumer_secret = consumer_secret
	94
	95	def encode_params(self, base_url, method, params):
	96	params = params.copy()
	97
6c527e72 MV	98	if self.token:
	99	params['oauth_token'] = self.token
	100
568331a9 MH	101	params['oauth_consumer_key'] = self.consumer_key
	102	params['oauth_signature_method'] = 'HMAC-SHA1'
	103	params['oauth_version'] = '1.0'
	104	params['oauth_timestamp'] = str(int(time()))
	105	params['oauth_nonce'] = str(getrandbits(64))
	106
f7e63802	107	enc_params = urlencode_noplus(sorted(params.items()))
568331a9	108
d8a0b4a2	109	key = self.consumer_secret + "&" + urllib_parse.quote(self.token_secret, safe='~')
568331a9 MH	110
568331a9 MH	111	message = '&'.join(
d8a0b4a2	112	urllib_parse.quote(i, safe='~') for i in [method.upper(), base_url, enc_params])
d828f28d	113
a2855195 MV	114	signature = (base64.b64encode(hmac.new(
	115	key.encode('ascii'), message.encode('ascii'), hashlib.sha1)
	116	.digest()))
d8a0b4a2	117	return enc_params + "&" + "oauth_signature=" + urllib_parse.quote(signature, safe='~')
568331a9 MH	118
	119	def generate_headers(self):
	120	return {}
	121
	122	# apparently contrary to the HTTP RFCs, spaces in arguments must be encoded as
	123	# %20 rather than '+' when constructing an OAuth signature (and therefore
	124	# also in the request itself.)
	125	# So here is a specialized version which does exactly that.
13f259cf	126	# In Python2, since there is no safe option for urlencode, we force it by hand
568331a9	127	def urlencode_noplus(query):
aeabd5b8	128	if not PY3:
aeabd5b8	129	new_query = []
13f259cf	130	TILDE = '____TILDE-PYTHON-TWITTER____'
aeabd5b8	131	for k,v in query:
aeabd5b8	132	if type(k) is unicode: k = k.encode('utf-8')
d290f579	133	k = str(k).replace("~", TILDE)
aeabd5b8	134	if type(v) is unicode: v = v.encode('utf-8')
d290f579	135	v = str(v).replace("~", TILDE)
aeabd5b8	136	new_query.append((k, v))
aeabd5b8	137	query = new_query
13f259cf	138	return urlencode(query).replace(TILDE, "~").replace("+", "%20")
be5f32da	139
13f259cf	140	return urlencode(query, safe='~').replace("+", "%20")