Welcome to Python for Everybody.
We're doing some sample code,
playing through with some sample code samples and you can get this by downloading it.
I've got this whole thing downloaded and I've got all the files here,
and these are the files we're going to play with today.
Today, what we're going to do is talk about the Twitter API.
The one thing we got to learn about the Twitter API is we have to authorize ourselves.
So, we have to make sure that we have a Twitter account and then we get some keys.
So, in this particular application if you want to duplicate what I'm doing,
you have to go to apps.twitter.com,
click this create new application button,
and then get some codes, okay,
and the codes show up as soon as you hit this button and then one more button,
which I'm not going to do on screen.
So, what happens is there are four codes that you got to put in this file hidden.py,
consumer key, the consumer secret,
token key, and token secret.
These are just messed up,
so I'll show you how this works and blows
up first and then I'll put my keys in here without showing you.
But basically, this is a little file you got to edit or these Twitter ones don't work,
you'll see what happens.
So, the first one I'm going to do is do the simplest one of all and that is,
I call this thing Twitter test and it just is going to
go ask for the user timeline and we
can take a look at this and we're going to take
the URL and we're going to augment the URL.
This is the base, we found this looking at the Twitter API documentation.
We're going to pass a parameter of screen name Dr. Chuck and account of two,
so this is just a Python dictionary.
An augment comes from this little bit of called code called twURL.
This uses a bit of code called OAuth,
which is built into Python as well, right?
Yeah. That's built into Python as well and it augments the URL.
It takes the the key, the secret,
the token key and does a thing and signs it,
and then makes this big, long,
ugly URL which you will soon see and does this,
it's a signature of the URL.
So, we pass this data back and forth to
Twitter with a signature and then they recheck the signature
and it's a digital signature that knows that this URL came from
a program that knows the key secret and token and token secret.
So, this augment basically,
is something that I wrote,
twURL augment is something I wrote to make it easier to add all these OAuth parameters.
You feed this code by putting your data into hidden.py.
Lots of people get this to work so,
don't worry it's cool when you finally get it to work.
So, let's take a look at what it does just know
that this makes an awesome URL that does all the security,
and we'll see one of those URLs.
So, ignore the certificate errors.
This has to do with the fact that we're using HTTPS and
Python doesn't have enough certificates put into it by default for a lot of reasons,
but our quick and dirty ways they turn them off.
Thank you Python for reducing security by teaching us,
so that this is the best way to do it,
that's a grumpy up moment from on my part.
So, what we're going to do is we're going to do a URL open.
This bit here is to shut off the security checking for the SSL certificate,
and then we're going to read all the data,
and then we're going to want to print it out.
We're also going to ask the connection this url.
Remember, I told you a long time ago
that URL lib eats the headers but you can get them back.
Now, we're going to ask to get a dictionary of the headers back,
and so we'll print those out, okay.
So, this is really just testing
the body and the headers and printing them out in as raw a way we can do.
So, let's go run this.
Now, this is going to fail the first time we do it because we
haven't put the hidden variables in there.
So, if I say python3twtest.py,
it's going to run and blow up and it's going to give you this 401 authorization required.
That's a good sign because that means that you haven't yet
updated your values in hidden.py.
So, this is that augmented URL and you can
see the consumer key and consumer secret and the OAuth token and whatever, okay.
So, these tokens are wrong.
These aren't Control-C, they aren't real.
But you'll notice it doesn't end the key and the secret of
the token key of the token secret and the secret.
That's all actually encoded in the signature.
It turns out that you need to have the key and the secret and
the token secret to generate the signature and where is the signature?
There's the signature, right there's the signature.
So, this signature combined with the notes,
that you can only do this signature as a time and includes all kinds of things.
So, even if you type this in, well,
you'll see these go by and it's
not really breaking my security too much when you see these afterwards.
So, don't get all excited when you say,
"Oh, you revealed your token and your key."
Now, I can reveal my token and key but I'm not going to reveal the secret.
So, this adds all this OAuth stuff,
OAuth nonce, OAuth timestamp.
These timestamps and nonces are made it so that you can't
replay my URL even if you see the exact URL.
Once I hit it, then you can't hit it again and so,
that's what the nonce does.
So, I'm going to close hidden.py here.
I'm going to update hidden.py in another window,