The bird and the snake – part 3

In the earlier post we saw the need for OAuth. Let me explain it a little more.

Steve wants to get some money from his bank account. He calls his son Bob, gives him his Visa Card and the pin number and asks him to withdraw some money for him from the ATM. Don’t you think Steve is taking a risk here?

Now imagine yourself giving your twitter username and password to a third party application so that they can tweet about your blog article on your behalf. Dont you think you are taking a risk here, just like Steve?

A better solution for Steve would be that he writes a cheque for the exact amount needed, puts his signature in the cheque and asks Bob to encash it from the bank. Now we all agree this is a far safer approach. This ensures that:

  • Bob cannot withdraw more than what Steve wants him to.
  • Since Bob does not know the pin and card number, Steve can be peaceful of any future problems.

Similary instead of giving our credentials to a third party application, we can ask twitter to give the third party application an encrypted information ( or token ) of our twitter identity with restricted priviledges. This ensures that:

  • The third party applicaiton cannot do anything more than what you want it to do.
  • Since the third party application does not know your credentials, you can be peaceful of any future problems.

So, did you finally get how OAuth works? In my next post I will talk about how to use OAuth with Twitter.

The bird and the snake – part 2

As I had mentioned earlier here I finally got my python program to send a tweet! You can check it out here.

But before I get into what I did, let me give you a background on what it takes a python code to talk to twitter.

Many times we tweet or like or share content from other webpages, be it a WordPress blog or a game score which we want to boast about on Facebook. In all such cases there are three things involved:

  1. The user on whose twitter account the tweet has to be made
  2. Twitter
  3. The application ( like candy crush, news articles, etc. ) which is trying to post a tweet on behalf of the user

A few years back, the user would type his Twitter username and password in the Application, which would then use the credentials of the user to send a tweet. Now, this obviously has flaws like:

  1. Giving your username and password to a third party application
  2. Since you are providing your credentials, the Application can do anything with it. You can’t restrict it as you have already shared your credentials.

To avoid this we need a different mechanism. The user needs to allow the Application to post/tweet on his account – without sharing the username and password to the Application! This is where OAuth comes into the picture. I will briefly talk about it my next post. I guess the entire discussion on how I got my python code to say hello on twitter will consume another three blog posts I guess 🙂

A simple JavaScript quiz

I was going through ashbotandsparki quiz. ( Thanks ahsbotandsparki ! )

I thought I would help out a bit. The updated code can be found in my comment on the above mentioned post. You can also find it here.

What I basically did was:

  • Put all the questions, options, answers, hints in seperate arrays.
  • When the user starts the quiz, I take the first question, the first set of options.
  • If the option selected by the user is the same as the first answer from the array, I proceed loading the next question
  • Else, I show the first hint and start again.
  • I have used jquery a bit.

Let’s execute a pseudo code!

Some of my friends were recently trying out to create a page where the user can drag and drop pieces of pseudo code and they need to check if his pseudo code is fine. The initial solution used was to check the order in which the lines of the pseudo code were placed. But this soon lead to problems, as we know there is no one unique solution to a problem.

What I implemented was to convert the pseudo code into a equivalent JavaScript code ( programatically ) and pass it to eval(). TaDa! It worked!